While CISOs Fret, Business Leaders Tout Security Robustness

[TechWeb]( Follow Dark Reading: [RSS]( November 13, 2019 LATEST SECURITY NEWS & COMMENTARY [While CISOs Fret, Business Leaders Tout Security Robustness]( A new Nominet survey shows a familiar disconnect between business and security teams on the matter of cyber preparedness. [Companies Increasingly Fail Interim Security Test, But Gap Narrows]( Stability of PCI DSS helps companies cope and create more mature security programs, but some parts of the Payment Card Industry's Data Secure Standard continue to cause headaches. [New DDoS Attacks Leverage TCP Amplification]( Attackers over the past month have been using a rarely seen approach to disrupt services at large organizations in several countries. [Researchers Disclose New Vulnerabilities in Windows Drivers]( Attackers could take advantage of simple design flaws in widely distributed drivers to gain control over Windows systems. [Microsoft Patches IE Zero-Day Among 74 Vulnerabilities]( The November Patch Tuesday update fixed 13 critical flaws, including a zero-day bug in Internet Explorer. [The Myths of Multifactor Authentication]( Organizations without MFA are wide open to attack when employees fall for phishing scams or share passwords. What's holding them back? [Why Cyber-Risk Is a C-Suite Issue]( Organizations realize the scale of cyber-risk but lack counter-actions to build resilience. [DDoS Attack Targets UK Labour Party Weeks Ahead of Election]( Cybercriminals tried to take the Labour Party's digital platforms offline weeks before the election on December 12. [MORE NEWS & COMMENTARY]( HOT TOPICS [Find New Talent, Don't Fight Over CISSPs: Insights from (ISC)2 COO]( The skills gap will only be closed by attracting and retaining new talent. So don't limit your talent search to CISSPs, says the COO of the organization that issues the CISSP certification. [32,000+ WiFi Routers Potentially Exposed to New Gafgyt Variant]( Researchers detect an updated Gafgyt variant that targets flaws in small office and home wireless routers from Zyxel, Huawei, and Realtek. [Ring Flaw Underscores Impact of IoT Vulnerabilities]( A vulnerability in Amazon's Ring doorbell cameras would have allowed a local attacker to gain access to a target's entire wireless network. [MORE]( EDITORS' CHOICE [6 Small-Business Password Managers]( The right password manager can help bring enterprise-class security to small businesses. Here are a half-dozen candidates to strengthen your access management. [SHAKEN/STIR: Finally! A Solution to Caller ID Spoofing?]( The ubiquitous Caller ID hasn't changed much over the years, but the technology to exploit it has exploded. That may be about to change. [Learn the Latest Exploit Techniques at Black Hat Europe]( Master new exploit techniques for Microsoft RDP, Java remote protocols at Black Hat Europe in London next month. NEW FROM THE EDGE [Account Fraud Harder to Detect as Criminals Move from Bots to 'Sweat Shops']( Cheap labor, frequent data breaches, and better fraud detection technology are fueling frustrating changes in attackers' methods. [How Can I Help My Team Manage Security Alerts?]( Smart prioritization, great staff, and supportive tools are a good start. Tech Resources - [Identifying Web Attack Indicators]( - [Getting Started With Emerging Technologies]( - [Modern Applications and Architectures Demand a New Web Application Firewall]( - [4 Ways Developers Can Deliver Better Software Faster]( - [SANS 2019 Top New Attacks and Threats]( - [2019 SANS Incident Response Survey Report]( - [Detecting Account Takeovers and Defending Your Users]( [ACCESS TECH LIBRARY NOW]( - [How to Prevent 81% of Phishing Attacks from Sailing Right into Your Inbox with DMARC]( In this webinar, Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, will teach you how to enable DMARC, SPF, DKIM the right way! Then, learn the six reasons why phishing still might get through to your inbox and what you can ... - [Know Thyself: Cyber Threat Intelligence Gathering Inside Your Organization]( In this webinar, learn about the tools that can help your internal threat intelligence gathering and how these efforts could help you detect attackers' lateral movement, disrupt ransomware and protect endpoint devices. [MORE WEBINARS]( FEATURED REPORTS - [Getting Started With Emerging Technologies]( - [2019 SANS Incident Response Survey Report]( [MORE REPORTS]( CURRENT ISSUE [7 Threats & Disruptive Forces Changing the Face of Cybersecurity]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [HID Global Risk-Based User Authentication Tool Goes Live on Temenos MarketPlace]( [Jamf Launches Jamf Protect, Enterprise Endpoint Protection Built for Mac]( [Siemplify Integrates MITRE ATT&CK Framework into Security Operations Platform]( [Cybervore Changes Direction, Introduces Fragglestorm(TM)]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:email@techwebnewsletters.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2019]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:iwkbtnnewsletters@ubm.com)