CSO

CSO Update

September 22, 2019

Image: Secrets of latest Smominru botnet variant revealed in new attack

Secrets of latest Smominru botnet variant revealed in new attack

Researchers gained access to a Smominru command-and-control server to get details on compromised devices and scope of the attack. Read more ▶

Your Must-Read Stories

•

10 signs you're being socially engineered

•

Senator Warner seeks "grand alliance" to protect against surveillance threat from China’s tech dominance

•

6 questions candidates should ask at every security job interview

•

How to detect and halt credential theft via Windows WDigest

•

Misconfigured WS-Discovery in devices enable massive DDoS amplification

•

What is OAuth? How the open authorization framework works

White Paper: IBM

5 Epic Fails in Data Security

Data security is on everyone’s mind these days, and for good reason. The number of successful data breaches is growing thanks to the increased attack surfaces created by more complex IT environments, widespread adoption of cloud services and the increasingly sophisticated nature of cyber criminals. This paper looks at five of the most prevalent – and avoidable – data security missteps organizations are making today, and how these “epic fails” open them up to potentially disastrous attacks. Read more ▶

Image: 10 signs you're being socially engineered

10 signs you're being socially engineered

Scammers will try to trick you and your organization's users into giving up credentials or other sensitive date. Be skeptical if you see any of these signs. Read more ▶

Image: Arcadia Power Can Help You Go Green & Lower Your Power Bill

DEALPOST

Arcadia Power Can Help You Go Green & Lower Your Power Bill

Read more ▶

Image: Senator Warner seeks

Senator Warner seeks "grand alliance" to protect against surveillance threat from China’s tech dominance

The senator believes Chinese companies will be required to aid surveillance of the US, especially as 5G networks roll out. Read more ▶

 
 
Image: 6 questions candidates should ask at every security job interview

6 questions candidates should ask at every security job interview

The cybersecurity skills shortage means security pros can be picky about where they work. Here's how to suss out bad employers. Read more ▶

Image: How to detect and halt credential theft via Windows WDigest

How to detect and halt credential theft via Windows WDigest

Attackers can steal user credentials by enabling credential caching in the Windows authentication protocol WDigest. Here's how to stop them. Read more ▶

Image: Misconfigured WS-Discovery in devices enable massive DDoS amplification

Misconfigured WS-Discovery in devices enable massive DDoS amplification

Researchers were able to achieve amplification rates of up to 15,300%. Some mitigations are possible. Read more ▶

Image: What is OAuth? How the open authorization framework works

What is OAuth? How the open authorization framework works

OAuth is an open-standard authorization protocol or framework that describes how unrelated servers and services can safely allow authenticated access to their assets. It is widely accepted, but be aware of its vulnerabilities. Read more ▶

White Paper: Akamai Technologies Inc

5 Reasons Enterprises Need a New Application Access Model

The average cost of a breach is $3.86 million. With so much at stake, why do so many enterprises grant access based on an outdated model of assumed trust? And why do businesses rely on antiquated access technologies such as traditional VPNs and remote proxies to provide this application access? Read more ▶

Email not displaying correctly? View it in your browser
You are currently subscribed to CSO Update as newsletter@newslettercollector.com.
Learn more about
Insider
Copyright © 2019 CSO, 492 Old Connecticut Path, Framingham, MA 01701
Please do not reply to this message.
To contact someone directly, send an email to newsletters@idg.com.