Week in review: The data skills gap, new Kali Linux release, Apache Solr RCEs with public PoCs

Week in review: The data skills gap, new Kali Linux release, Apache Solr RCEs with public PoCs

December 1, 2019 Off By administrator

Here’s an overview of some of last week’s most interesting news and articles:

The overlooked part of an infosec strategy: Cyber insurance underwriting
When a data breach or cyber attack hits the headlines one of the last things businesses are likely to consider is how cyber insurance could helped.

Free download: Botnet and IoT Security Guide 2020
The Council to Secure the Digital Economy (CSDE), a partnership between global technology, communications, and internet companies supported by USTelecom—The Broadband Association and the Consumer Technology Association (CTA), released the International Botnet and IoT Security Guide 2020, a comprehensive set of strategies to protect the global digital ecosystem from the growing threat posed by botnets, malware and distributed attacks.

Preventing insider threats, data loss and damage through zero trust
Whether they are malicious actors focused on stealing proprietary information and data for profit or personal agenda or legitimate users with excess privileges and/or insufficient expertise who inadvertently wreak havoc, insiders can cause serious damage to organizations.

Kali Linux 2019.4 includes new undercover mode for pentesters doing work in public places
The new release includes several new features, including a new default desktop environment, a new theme and a new undercover mode for pentesters doing assessment work in public places.

Pain points for CTOs: A primer of the most stressful aspects of the job
Not so long ago, CTOs focused heavily on IT operations and their organization’s technology and design expansion. Now, much of their time is spent on business development and raising bottom lines.

Developers worry about security, still half of teams lack an expert
While nearly 75% of developers worry about the security of their applications and 85% rank security as very important in the coding and development process, nearly half of their teams lack a dedicated cybersecurity expert, according to WhiteHat Security.

CVE gap widens: 16,738 vulnerabilities disclosed during the first nine months of 2019
Risk Based Security’s VulnDB team aggregated 16,738 newly-disclosed vulnerabilities during the first three quarters of 2019 which surpassed CVE/NVD by 5,970 during the same period.

There’s no way to fill the data skills gap, what now?
A recent survey of 100 UK CIOs found that 76% are worried about recruiting the IT staff they need to remain competitive. They’re right to be worried. The European Commission estimates that 100,000 new data-related jobs will be created by the end of next year – and we don’t even have the data scientists to cope with the roles that exist today.

Apache Solr RCEs with public PoCs could soon be exploited
Two remote code execution (RCE) vulnerabilities in Apache Solr could be exploited by attackers to compromise the underlying server.

How can financial institutions prevent shopping season fraud?
Black Friday and Cyber Monday are two of the years’ busiest…

(Excerpt) To read the full article , click here
Image credit: source