This Week In Technology

This Week In Technology

By Eric Corcoran
Posted in Technology Week in Review
On April 17, 2020

Monday 4/13

Gotham COVID-19 Update

NIST SP 800-53 Revision 5 Public Draft Available for Review and Comment

NIST is separating the controls catalog from the control baselines-SP800-53 Controls catalog, which will be online, and SP800-53B “bravo” Controls Baselines.

Cloud Security for Rapidly Increasing Remote Work (Fortinet)

Many corporate resources, especially at the core network, were not designed for this sudden load of connections and traffic. Many organizations are struggling to provide consistent access to critical applications and data.

Tuesday 4/14

VMware vCenter Server updates address sensitive information disclosure vulnerability in the VMware Directory Service (vmdir) (CVE-2020-3952)

Under certain conditions vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 10.0.

ISACA Privacy Certification

ISACA is creating a Privacy Certification. The certification targets IT professionals that implement defenses. It is intended to assess an individual’s ability to design and implement privacy by design.

Zoom Isn’t Malware But Hackers Are Feeding That Narrative, And How: Zoom-Related Threats Up 2,000%

Zoom is not malware, but hackers are feeding that delusion by exploiting its popularity.

A Winning Combination: IGEL OS and Citrix Workspace

IGEL’s endpoint solutions can seamlessly integrate with Citrix Workspace while offering a simple platform for the end-user, particularly in combination with Microsoft Windows Virtual Desktop.

Wednesday 4/15

Apple is Most Imitated Brand for Phishing in Q1 2020, Shows Check Point Research

It’s no surprise that phishing continues to be a key weapon in cyber-criminals’ arsenals, to try and trick users into giving up sensitive information by impersonating familiar brands.

Proofpoint Resources to Help Protect Your People During the COVID-19 Crisis

Proofpoint remains committed to partnering with our customers and during this unprecedented time, and we want to extend an offer to ensure your employees have a secure and compliant work environment.

This sudden shift in employees working from home, due to recent developments, has introduced a new set of challenges related to your remote infrastructure. We can help you prepare your infrastructure to support such requests (mandates in some cases). Join LoginVSI and Gotham on April 28 for a webinar discussing validating and testing of your company’s remote infrastructure.

Thursday 4/16

Is now the time for innovation? You bet!

Your ability to innovate and create a smoother and productive remote experience can pay dividends and help nurture an environment where employees can drive innovation in other parts of your business.

Microsoft April 2020 Patch Tuesday comes with fixes for three zero-days

This month's updates are a bulky release. The OS maker has made available patches today for 113 vulnerabilities across 11 products, including three zero-day bugs that were being actively exploited in the wild.

Friday 4/17

Google saw more than 18 million daily malware and phishing emails related to COVID-19 last week

Google says it saw more than 18 million daily malware and phishing emails related to COVID-19 scams just in the past week. That’s on top of the more than 240 million daily spam messages it sees related to the novel coronavirus, the company says.

Citrix Reveals New Face of Work

For remote work to work, employees need to get into a repeatable rhythm so they can be and do their best wherever they happen to be.

Working from Home Security Awareness Resources and Communications (ProofPoint)

Without an office, the lines between home and work blur together and users may be inclined to risky behavior. This can increase the chance that cyber criminals will be more effective at leveraging fear to induce unsafe actions, such as clicking on unsafe attachments or links.