Wednesday, August 19, 2020

Inside Canada's phishing epidemic; Plus, why security awareness needs a makeover

 
Security Digest
Information security news and advice from TechTarget's network |August 19, 2020
TechTarget
FEATURED STORY
Email enigma: Why is Canada hit with so many phishing attacks?

by Arielle Waldman, News Writer

Canada has become an increasingly popular target for phishing attacks, according to several security vendors, but the reasons for the increase remain a mystery.

Advertisement
NEWS
 
Kaspersky reveals 2 Windows zero-days from failed attack

Kaspersky prevented an attack against a South Korean company back in May that used two zero-day vulnerabilities. One, arguably the more dangerous, focused on Internet Explorer.

 
Healthcare CISO offers alternatives to 'snake oil' companies
Indiana University Health CISO Mitchell Parker discussed internal risk assessments, security snake oil salespeople and more at his Black Hat USA 2020 talk.
 
Games, not shame: Why security awareness training needs a makeover

Elevate Security co-founder Masha Sedova spoke at Black Hat USA 2020 about why traditional security awareness training is ineffective and fails to change risky behavior.

 
Apache Struts vulnerabilities allow remote code execution, DoS
The Apache Software Foundation issued security advisories last week for two Apache Struts vulnerabilities that were originally patched but not fully disclosed last fall.
EXPERT ADVICE
 
'Secure by Design' principles include failures, exceptions

Using design principles with built-in security, along with properly defining exceptions, can help developers not only build safe code, but do so while meeting deadlines.

 
10 RDP security best practices to prevent cyberattacks
Securing remote connections is critical, especially in a pandemic. Enact these RDP security best practices at your organization to prevent ransomware, brute-force attacks and more.
 
How to handle Amazon S3 bucket pen testing complexity
Security researcher Benjamin Caudill shares details from his book, 'Hands-On AWS Penetration Testing with Kali Linux,' and advice on Amazon S3 bucket pen testing for ethical hackers.
 
Exception handling best practices call for secure code design

Making software secure by design requires tremendous consideration about how failures are handled. Learn more from these exception handling examples.

 
Hands-on guide to S3 bucket penetration testing
Attention AWS pen testers: The trick to understanding the indicators of AWS S3 bucket vulnerabilities is setting up an insecure bucket. Learn how in this actionable guide.
 
The 5 CMMC levels and how to achieve compliance
While the CMMC certification process is still in development, IT leaders should get familiar with the five CMMC levels and learn how to comply with the security maturity model.
About This E-Newsletter
The Security Digest is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US.

Click to: Unsubscribe.

You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com.

© 2020 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners.

Privacy Policy | Partners List
TechTarget

1 comment:

Harry ibbe said...

Hello everyone, Are you into trading or just wish to give it a try, please becareful on the platform you choose to invest on and the manager you choose to manage your account because that’s where failure starts from be wise. After reading so much comment i had to give trading tips a try, I have to come to the conclusion that binary options pays massively but the masses has refused to show us the right way to earn That’s why I have to give trading tips the accolades because they have been so helpful to traders . For a free masterclass strategy kindly contact (paytondyian699@gmail.com) for a free masterclass strategy. He'll give you a free tutors on how you can earn and recover your losses in trading for free..