As Retailers Prepare for the Holiday Season, So Do Cybercriminals

[TechWeb]( Follow Dark Reading: [RSS]( November 21, 2019 LATEST SECURITY NEWS & COMMENTARY [As Retailers Prepare for the Holiday Season, So Do Cybercriminals]( Online shoppers need to be wary about domain spoofing, fraudulent giveaways, and other scams, ZeroFOX study shows. [Patch 'Easily Exploitable' Oracle EBS Flaws ASAP: Onapsis]( Organizations that have not yet applied a pair of months-old critical patches from Oracle for E-Business Suite are at risk of attacks on their financial systems, the application security firm says. [Why Multifactor Authentication Is Now a Hacker Target]( SIM swaps, insecure web design, phishing, and channel-jacking are four ways attackers are circumventing MFA technology, according to the FBI. [Employee Privacy in a Mobile Workplace]( Why businesses need guidelines for managing their employees' personal information -- without compromising on security. [Google Cloud Update Gives Users Greater Data Control]( External Key Manager and Key Access Justification are intended to give organizations greater visibility into requests for data access. [Vulnerability Could Give Criminals Camera Control on Millions of Android Smartphones]( Unauthorized activities could be triggered even if a phone is locked, its screen is turned off, or a person is in the middle of a call. [How Medical Device Vendors Hold Healthcare Security for Ransom]( While being pummeled by ransomware attacks, healthcare centers also face growing IoT-related threats. Here's how they manage security amid a complex set of risks. [MORE NEWS & COMMENTARY]( HOT TOPICS [Soft Skills: 6 Nontechnical Traits CISOs Need to Succeed]( Degrees, certifications, and experience are all important to career development, but mastering the people side of the equation may matter a whole lot more, CISOs say. [5 Cybersecurity CISO Priorities for the Future]( Seven chief information security officers share their pain points and two-year spending plans. [Why Multifactor Authentication Is Now a Hacker Target]( SIM swaps, insecure web design, phishing, and channel-jacking are four ways attackers are circumventing MFA technology, according to the FBI. [MORE]( EDITORS' CHOICE [Former White House CIO Shares Enduring Security Strategies]( Theresa Payton explains the strategies organizations should consider as they integrate layers of new technology. [Black Hat Europe Q&A: Exposing the Weaknesses in Contactless Payments]( Researchers Leigh-Anne Galloway and Tim Yunusov chat about their work testing Visa's contactless payments security system vulnerabilities. NEW FROM THE EDGE [What's in a WAF?]( Need a 101 lesson on Web application firewalls? Here's your crib sheet on what a WAF is, how it works, and what to look for when you're in the market for a new solution. [Soft Skills: 6 Nontechnical Traits CISOs Need to Succeed]( Degrees, certifications, and experience are all important to career development, but mastering the people side of the equation may matter a whole lot more, CISOs say. Tech Resources - [[Dark Reading Tech Digest] Navigating the Deluge of Security Data]( - [Tech Digest: How to Get Started with Emerging Tech]( - [[Infographic] Are You Maximizing Value of the Cloud?]( - [2019 State of DevOps]( - [2019 Malware Trends of the Phishing Landscape]( - [SANS 2019 Incident Response (IR) Survey: It's Time for a Change]( - [Healthcare Cyber Heists in 2019]( [ACCESS TECH LIBRARY NOW]( - [Enterprise IoT: Rise of the Unmanaged Devices]( Join the leading enterprise IoT security company, along with IBM Security Services, to see real-life scenarios of these new unmanaged devices - from enterprise to healthcare to manufacturing. - [Learn How You Can Enable DMARC, SPF, DKIM the Right Way!]( In this webinar, Roger Grimes, KnowBe4's Data-Driven Defense Evangelist, will teach you how to enable DMARC, SPF, DKIM the right way! Then, learn the six reasons why phishing still might get through to your inbox and what you can ... [MORE WEBINARS]( FEATURED REPORTS - [Assessing Cybersecurity Risk in Today's Enterprise]( - [Getting Started With Emerging Technologies]( [MORE REPORTS]( CURRENT ISSUE [Navigating the Deluge of Security Data]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Research: A third of the world's largest enterprises use inadequate data sanitization to prevent data breaches at end-of-life]( [Google Collaborates with Fortanix to Deliver External Key Management System for Public Cloud]( [Egnyte Announces New Layer In Its Industry-Leading Content Intelligence Engine]( [Respond Software Launches First Responder Service to Automate Speed, Accuracy of MDR at Fraction of Cost]( [MORE PRODUCTS & RELEASES]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:email@techwebnewsletters.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2019]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:iwkbtnnewsletters@ubm.com)