Security News > 2020 > August

Thus how do you get meetings when you need them, well using "Lunchtime" as an excuse to go into "Meeting mode" is acceptable to most, but a trend in more recent times has been to put a meeting with yourself in your calander etc so you can get undisturbed time for concentration etc. Always make a note of your purchases in your diary often but not always putting the recipts in as well till the end of the week etc when you more formally write up expenditure as personal finances / expenses then sling most but not all personal recipts "In a shoe box".

Most organizations have a complex security infrastructure that consists of multiple products from multiple vendors to create layers of defense, including firewalls, IPS/IDS, routers, web and email security, and endpoint detection and response solutions. In the past couple of years, we've seen a movement towards Security Orchestration, Automation and Response platforms and tools.

The U.S. Cybersecurity and Infrastructure Security Agency this week announced the availability of a free tool designed to help users identify and navigate a potential career path in cyber. The new Cyber Career Pathways Tool focuses on five workforce categories: IT, cybersecurity, cyber effects, cyber intelligence, and cross functional.

Silverfort, a provider of an agentless, proxyless authentication platform, announced this week that it has raised $30 million in a Series B funding round led by Aspect Ventures. The additional funding, which brings the total investment in the company to $41.5 million, will help the company expand its sales, marketing, engineering and support teams globally.

Cisco recently patched the high-severity flaw, which could allow remote, unauthenticated attackers to launch DoS attacks against its popular small business switches. Cisco is warning of a high-severity flaw that could allow remote, unauthenticated attackers to cripple several of its popular small-business switches with denial of service attacks.

More training on security tools and better performance metrics can accomplish this, according to a new survey. Developers and security analysts are working together on a daily basis to build more secure applications but training is still not a top priority, according to a new survey.

The National Cyber Security Centre has urged British businesses to think carefully when picking a cyber insurance policy - but won't say whether insurance that covers ransomware payoffs is a bad thing or not. Taking the form of seven questions for businesses published on the NCSC website, the latest guidance urges companies to ponder security-specific things when deciding what insurance policy to take out.

US Secretary of State Mike Pompeo on Wednesday offered a $10 million reward aimed at preventing foreign interference in the November election, as the State Department accused Russia of waging an increasingly sophisticated disinformation campaign. The reward marks one of the most public signs that members of President Donald Trump's administration are taking election meddling seriously, despite anger by Trump himself over findings that Russia has assisted him.

A researcher has detailed several new variants of an attack named HTTP request smuggling, and he has proposed some new defenses against such attacks. HTTP request smuggling, also known as HTTP desyncing, has been known since 2005, but Amit Klein, VP of security research at SafeBreach, believes the method has not been fully analyzed, which is why he has decided to conduct a research project focusing on this attack technique.

Though the attackers apparently didn't make changes to votes or voter rolls, the revelation was enough to raise doubts about voting security. In the meantime, the federal government is providing state and local officials with additional tools - endpoint detection and response software - to help defend the nation's election systems from cyberthreats ahead of the November vote.