Week in review: Infosec career misconceptions and challenges, early warning signs of ransomware

2020-09-27 07:55

CISA orders federal agencies to implement Zerologon fixIf you had any doubts about the criticality of the Zerologon vulnerability affecting Windows Server, here is a confirmation: the US Cybersecurity and Infrastructure Security Agency has issued an emergency directive instructing federal agencies to "Immediately apply the Windows Server August 2020 security update to all domain controllers."

NIST guide to help orgs recover from ransomware, other data integrity attacksThe National Institute of Standards and Technology has published a cybersecurity practice guide enterprises can use to recover from data integrity attacks, i.e., destructive malware and ransomware attacks, malicious insider activity or simply mistakes by employees that have resulted in the modification or destruction of company data.

Infosec pros struggle to find opportunities to improve their work skillsCybrary released the findings from the report which examines the current challenges, perceptions, and impacts of the cybersecurity skills gap faced by IT and security teams worldwide.

Views and misconceptions of cybersecurity as a career pathAttitudes toward cybersecurity roles are now overwhelmingly positive, although most people still don't view the field as a career fit for themselves, even as 29% of respondents say they are considering a career change, an² study reveals.

Using virtualization to isolate risky applications and other endpoint threatsMore and more security professionals are realizing that it's impossible to fully secure a Windows machine - with all its legacy components and millions of potentially vulnerable lines of code - from within the OS. With attacks becoming more sophisticated than ever, hypervisor-based security, from below the OS, becomes a necessity.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/lYZyH1vsE5Y/

#infosec #ransomware