Ripple20 flaws still plague IoT devices; Plus, Black Hat keynote on election security fears

Security Digest: A roundup of security technology content from TechTarget

Security Digest Information security news and advice from TechTarget's network |August 12, 2020 FEATURED STORY Ripple20 vulnerabilities still plaguing IoT devices by Alexander Culafi, News Writer Months after Ripple20 vulnerabilities were reported, things haven't gotten much better, say experts at Black Hat USA 2020. In fact, the world may never be fully rid of the flaws. Advertisement NEWS   Voting vendor ES&S unveils vulnerability disclosure program Election Systems & Software, the biggest vendor of U.S. voting equipment, will allow the security researcher community to test its elections equipment for vulnerabilities.   Matt Blaze warns of election security challenges amid COVID-19 In his Black Hat USA 2020 keynote, security researcher Matt Blaze discussed the challenges facing U.S. elections this year and what must be done to solve them.   10 years after Stuxnet, new zero-days discovered One decade after Stuxnet, SafeBreach Labs researchers discovered new zero-day vulnerabilities connected to the threat, which they unveiled at Black Hat USA 2020.   CISA chief: Ransomware could threaten election security During a Black Hat USA 2020 session, CISA Chief Christopher Krebs said ransomware attacks on city, state and local governments are a major concern for election security. EXPERT ADVICE   How to send secure email attachments Sending sensitive information in attachments is inherently unsafe, and the main way to secure them -- encryption -- can be implemented inconsistently, negating security benefits.   How to mitigate an HTTP request smuggling vulnerability Exploiting an HTTP request smuggling vulnerability can result in the inadvertent execution of unauthorized HTTP requests. Learn how to defend web environments from this attack.   Build shadow IT policy to reduce security risks Security risks have increased during the pandemic as remote workers try to get things done. Find out how CISOs can better manage by creating a shadow IT policy.   How to achieve resilience -- the modern uptime trinity IT leaders can take responsibility for ensuring their organizations are resilient during times of crisis. There are no quick fixes, but if you think it is expensive to ensure resilience in your IT systems, try frequent failure instead. About This E-Newsletter The Security Digest is published by TechTarget, Inc., 275 Grove Street, Newton, Massachusetts, 02466 US. Click to: Unsubscribe. You are receiving this email because you are a member of TechTarget. When you access content from this email, your information may be shared with the sponsors or future sponsors of that content and with our Partners, see up-to-date Partners List, as described in our Privacy Policy. For additional information, please contact: webmaster@techtarget.com. © 2020 TechTarget, Inc. all rights reserved. Designated trademarks, brands, logos, and service marks are the property of their respective owners. Privacy Policy | Partners List