Security News > 2020 > June > Week in review: SMBGhost exploit, OneDrive security, PCI compliance misconceptions
Organizations are creating the perfect storm by not implementing security basicsEuropean organizations have a false sense of security when it comes to protecting themselves, with only 68% seeing themselves as vulnerable, down from 86% in 2018, according to Thales.
Average cost of DNS attacks hovering around $924,00079% of organizations experienced DNS attacks, with the average cost of each attack hovering around $924,000, according to EfficientIP. PoC RCE exploit for SMBGhost Windows flaw releasedA security researcher has published a PoC RCE exploit for SMBGhost, a wormable flaw that affects SMBv3 on Windows 10 and some Windows Server versions.
June 2020 Patch Tuesday: Microsoft fixes record monthly number of CVEsOn this June 2020 Patch Tuesday, Microsoft has plugged 11 critical and 118 high-severity security holes, while Adobe has delivered security updates for Flash, Framemaker and Experience Manager.
Top security risks for companies to address as cloud migration acceleratesThe ease and speed at which new cloud tools can be deployed is also making it harder for security teams to control their usage, IBM Security reveals.
Why traditional network perimeter security no longer protectsNetwork security has been and is constantly evolving, often spurred by watershed events such as the 2017 NotPetya ransomware attack that crashed thousands of computers across the globe with a single piece of code.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/zhN9q1qq_NM/
Related news
- AWS security essentials for managing compliance, data protection, and threat detection (source)
- CISOs in 2025: Balancing security, compliance, and accountability (source)
- Navigating the compliance labyrinth: A CSO’s guide to scaling security (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)
- Critical security hole in Apache Struts under exploit (source)
- Key steps to scaling automated compliance while maintaining security (source)