Monday 4/13
Gotham COVID-19 Update
https://bit.ly/2RxqP02
NIST SP 800-53 Revision 5 Public Draft Available for Review and Comment
NIST is separating the controls catalog from the control baselines-SP800-53 Controls catalog, which will be online, and SP800-53B “bravo” Controls Baselines.
https://bit.ly/3c9lFzm
Cloud Security for Rapidly Increasing Remote Work (Fortinet)
Many corporate resources, especially at the core network, were not designed for this sudden load of connections and traffic. Many organizations are struggling to provide consistent access to critical applications and data.
https://bit.ly/3chIotc
Tuesday 4/14
VMware vCenter Server updates address sensitive information disclosure vulnerability in the VMware Directory Service (vmdir) (CVE-2020-3952)
Under certain conditions vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 10.0.
https://bit.ly/2V7MmyJ
ISACA Privacy Certification
ISACA is creating a Privacy Certification. The certification targets IT professionals that implement defenses. It is intended to assess an individual’s ability to design and implement privacy by design.
https://bit.ly/2VnjmSs
Zoom Isn’t Malware But Hackers Are Feeding That Narrative, And How: Zoom-Related Threats Up 2,000%
Zoom is not malware, but hackers are feeding that delusion by exploiting its popularity.
https://bit.ly/2wATKsR
A Winning Combination: IGEL OS and Citrix Workspace
IGEL’s endpoint solutions can seamlessly integrate with Citrix Workspace while offering a simple platform for the end-user, particularly in combination with Microsoft Windows Virtual Desktop.
https://bit.ly/2XBT3dN
Wednesday 4/15
Apple is Most Imitated Brand for Phishing in Q1 2020, Shows Check Point Research
It’s no surprise that phishing continues to be a key weapon in cyber-criminals’ arsenals, to try and trick users into giving up sensitive information by impersonating familiar brands.
https://bit.ly/2VtIdUB
Proofpoint Resources to Help Protect Your People During the COVID-19 Crisis
Proofpoint remains committed to partnering with our customers and during this unprecedented time, and we want to extend an offer to ensure your employees have a secure and compliant work environment.
https://bit.ly/2Xz4WkZ
This sudden shift in employees working from home, due to recent developments, has introduced a new set of challenges related to your remote infrastructure. We can help you prepare your infrastructure to support such requests (mandates in some cases). Join LoginVSI and Gotham on April 28 for a webinar discussing validating and testing of your company’s remote infrastructure.
https://bit.ly/2XFohRh
Thursday 4/16
Is now the time for innovation? You bet!
Your ability to innovate and create a smoother and productive remote experience can pay dividends and help nurture an environment where employees can drive innovation in other parts of your business.
https://bit.ly/2wOvLGU
Microsoft April 2020 Patch Tuesday comes with fixes for three zero-days
This month's updates are a bulky release. The OS maker has made available patches today for 113 vulnerabilities across 11 products, including three zero-day bugs that were being actively exploited in the wild.
https://zd.net/2z6ySL3
Friday 4/17
Google saw more than 18 million daily malware and phishing emails related to COVID-19 last week
Google says it saw more than 18 million daily malware and phishing emails related to COVID-19 scams just in the past week. That’s on top of the more than 240 million daily spam messages it sees related to the novel coronavirus, the company says.
https://bit.ly/2ROzFH4
Citrix Reveals New Face of Work
For remote work to work, employees need to get into a repeatable rhythm so they can be and do their best wherever they happen to be.
https://bwnews.pr/2RIeGp1
Working from Home Security Awareness Resources and Communications (ProofPoint)
Without an office, the lines between home and work blur together and users may be inclined to risky behavior. This can increase the chance that cyber criminals will be more effective at leveraging fear to induce unsafe actions, such as clicking on unsafe attachments or links.
https://bit.ly/2VxqfRc