Anatomy of a BEC Scam | 6 Top Nontechnical Cybersecurity Degrees

[TechWeb]( Follow Dark Reading: [RSS]( November 21, 2019 LATEST SECURITY NEWS & COMMENTARY [Anatomy of a BEC Scam]( A look at the characteristics of real-world business email compromise attacks - and what makes them tick. [Former White House CIO Shares Enduring Security Strategies]( Theresa Payton explains the strategies organizations should consider as they integrate layers of new technology. [As Retailers Prepare for the Holiday Season, So Do Cybercriminals]( Online shoppers need to be wary about domain spoofing, fraudulent giveaways, and other scams, ZeroFOX study shows. [Windows Hello for Business Opens Door to New Attack Vectors]( Researchers exploring Windows Hello for Business found an Active Directory backdoor and other attack vectors that could lead to privilege escalation. [Attackers' Costs Increasing as Businesses Focus on Security]( Based on penetration tests and vulnerability assessments, attackers' costs to compromise a company's network increases significantly when security is continuously tested, a report finds. [Ransomware Surge & Living-Off-the-Land Tactics Remain Big Threats]( Group-IB's and Rapid7's separate analysis of attack activity in recent months shows threat actors are making life harder for enterprise organizations in a variety of ways. [A Security Strategy That Centers on Humans, Not Bugs]( The industry's fixation on complex exploits has come at the expense of making fundamentals easy and intuitive for end users. [I 'Hacked' My Accounts Using My Mobile Number: Here's What I Learned]( A feature that's supposed to make your account more secure -- adding a cellphone number -- has become a vector of attack in SIM-swapping incidents. Here's how it's done and how you can protect yourself. [MORE NEWS & COMMENTARY]( HOT TOPICS [Soft Skills: 6 Nontechnical Traits CISOs Need to Succeed]( Degrees, certifications, and experience are all important to career development, but mastering the people side of the equation may matter a whole lot more, CISOs say. [5 Cybersecurity CISO Priorities for the Future]( Seven chief information security officers share their pain points and two-year spending plans. [Why Multifactor Authentication Is Now a Hacker Target]( SIM swaps, insecure web design, phishing, and channel-jacking are four ways attackers are circumventing MFA technology, according to the FBI. [MORE]( EDITORS' CHOICE [6 Top Nontechnical Degrees for Cybersecurity]( A computer science degree isn't the only path into a cybersecurity career. [TPM-Fail: What It Means & What to Do About It]( Trusted Platform Modules are well-suited to a wide range of applications, but for the strongest security, architect them into "defense-in-depth" designs. NEW FROM THE EDGE [What's in a WAF?]( Need a 101 lesson on Web application firewalls? Here's your crib sheet on what a WAF is, how it works, and what to look for when you're in the market for a new solution. Tech Resources - [[Dark Reading Tech Digest] Navigating the Deluge of Security Data]( - [Tech Digest: How to Get Started with Emerging Tech]( - [[Infographic] Are You Maximizing Value of the Cloud?]( - [2019 State of DevOps]( - [Shed Light on the Darkspace with East-West Traffic Monitoring]( - [2019 State of the Internet / Security: Phishing - Baiting the Hook]( - [Identifying Web Attack Indicators]( [ACCESS TECH LIBRARY NOW]( - [Enterprise IoT: Rise of the Unmanaged Devices]( Join the leading enterprise IoT security company, along with IBM Security Services, to see real-life scenarios of these new unmanaged devices - from enterprise to healthcare to manufacturing. - [Implementing an Effective Defense Against Ransomware]( This webinar will provide expert advice on how to stop ransomware from infecting your critical systems and data --and what to do if your defenses fail. [MORE WEBINARS]( FEATURED REPORTS - [Rethinking Enterprise Data Defense]( - [2019 SANS Incident Response Survey Report]( [MORE REPORTS]( CURRENT ISSUE [Navigating the Deluge of Security Data]( [DOWNLOAD THIS ISSUE]( [SUBSCRIBE NOW]( [BACK ISSUES]( | [MUST READS]( | [TECH DIGEST]( PRODUCTS & RELEASES [Research: A third of the world's largest enterprises use inadequate data sanitization to prevent data breaches at end-of-life]( [Google Collaborates with Fortanix to Deliver External Key Management System for Public Cloud]( [Egnyte Announces New Layer In Its Industry-Leading Content Intelligence Engine]( [Respond Software Launches First Responder Service to Automate Speed, Accuracy of MDR at Fraction of Cost]( [MORE PRODUCTS & RELEASES]( Dark Reading Weekly -- Published By [Dark Reading]( Informa Tech 303 Second St., Suite 900 South Tower, San Francisco, CA 94107 To update your profile, change your e-mail address, or unsubscribe, [click here.]( To opt-out of any future Dark Reading Weekly Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:email@techwebnewsletters.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2019]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:iwkbtnnewsletters@ubm.com)