Monday, August 17, 2020

What I'm Reading 8/17/2020 - Slow Day

Security Week - US Adds Sanctions on China's Huawei to Limit Technology Access -
The US administration Monday expanded its sanctions on China's Huawei, a move aimed at further limiting the tech giant's access to computer chips and other technology.
A Commerce Department statement added 38 Huawei affiliates around the world to the "entity list," claiming that the company was using international subsidiaries to circumvent the sanctions which prevent export of US-based technology.
Commerce Secretary Wilbur Ross said Huawei and its affiliates "have worked through third parties to harness US technology in a manner that undermines US national security and foreign policy interests."
SC Magazine -  Five security points CISOs must communicate to the corporate board -
The responsibilities of top security executives are evolving constantly as most employees now work remotely, creating new opportunities for cyberattacks and disruption. In these tense times, strong communication skills are important for security leaders, especially for those protecting critical infrastructure. While businesses adapt to this new dispersed working environment, CISOs must  maintain constant communication with the board to ensure that top management understands the importance of security.
 CSO - Hybrid cloud complexity, rush to adopt pose security risks, expert says -
As enterprises race to adopt cloud technology, they also encounter a combination of new possible threats from the rapid and frequently unorganized deployment of different cloud-based technologies. Particular concerns surround the adoption of so-called hybrid cloud technologies, Sean Metcalf, founder of cloud security advisory company Trimark Technologies told the attendees of DEF CON Safe Mode last week
Krebs on Security - Microsoft Put Off Fixing Zero Day for 2 Years -
One of the 120 security holes Microsoft fixed on Aug. 11’s Patch Tuesday was CVE-2020-1464, a problem with the way every supported version of Windows validates digital signatures for computer programs.
Code signing is the method of using a certificate-based digital signature to sign executable files and scripts in order to verify the author’s identity and ensure that the code has not been changed or corrupted since it was signed by the author.
...
In fact, CVE-2020-1464 was first spotted in attacks used in the wild back in August 2018. And several researchers informed Microsoft about the weakness over the past 18 months




1 comment:

Anonymous said...

youtube - VIVOVO - VIVOVO - VIVOVO
youtube.youtube.com/t=4z1vJgvJj2tUzFzPj7mY6P4. youtube.com.video-channel-channels.youtube.com/t=4z1vJgvJj2tUzFzPj7mY6P4. youtube.com.tv.channel-channels.youtube.com/t=4z1vJgvJj2tUzFzPj7mY6. download youtube videos to mp3 youtube.com.video-channel-channels.youtube.com.video-channel-channels.youtube.com.