Information Security Wire

Woodstock Wire: Information Security Wire

Microsoft Office now the most targeted platform, as browser security improves

Infosec - CSO Online - Microsoft Office has become cybercriminals' preferred platform when carrying out attacks, and the number of incidents keeps increasing,...
Mon, 22 Apr 2019 12:13:28 - #microsoft #cybersecurity #security

Six Myths People Still Believe About GDPR

Infosec - TripWire - The State of Security - The General Data Protection Regulation (GDPR) came into force in May 2018, and by the letter of the law, virtually...
Mon, 22 Apr 2019 11:41:19 - #tripwire #gdpr #security

How to quickly and securely wipe your data off almost any device

Enterprise - ZDNet Blogs - If you have any sensitive data at all - and these days who doesn't? - at some point you are going to need to find a way to securely...
Mon, 22 Apr 2019 11:41:18 - #android #security

Popular jQuery JavaScript library impacted by prototype pollution flaw

Enterprise - ZDNet Blogs - Prototype pollution flaws are "the next big thing" in JavaScript security research.
Mon, 22 Apr 2019 00:13:07 - #security

How to Set up Fraud Alerts to Prevent Identity Theft

AddictiveTips - In this guide, we'll explain how to set up fraud alerts for free with any of the Big 3 credit bureaus in the US. We'll also cover why fraud alerts...
Sun, 21 Apr 2019 21:41:29 - #security

60 Million records of LinkedIn users exposed online

Infosec - Security Affairs - Researcher discovered eight unsecured databases exposed online that contained approximately 60 million records of LinkedIn...
Sun, 21 Apr 2019 21:13:16 - #cybersecurity #security

Morele.net - 2,467,304 breached accounts

Infosec - Have I been pwned - In October 2018, the Polish e-commerce website Morele.net suffered a data breach. The incident exposed almost 2.5 million...
Sun, 21 Apr 2019 21:13:15 - #cybersecurity #security

Google is going to block logins from embedded browsers against MitM phishing attacks

Infosec - Security Affairs - Google this week announced that it is going to block login attempts from embedded browser frameworks to prevent man-in-the-middle...
Sun, 21 Apr 2019 21:13:14 - #phishing #security

Cybersecurity emerges as weakest link in digital supply chain

Infosec - Barracuda - As supply chains increasingly become digitized nation states are targeting the weakest cybersecurity links in these supply chains...
Sun, 21 Apr 2019 21:13:13 - #supplychain #cybersecurity #robotics #security

Block Chain and DNS: Improving Security

Infosec - InfoSecWriters.com - Contributed by Abraham Flores
DNS technology acts as the backbone of the internet but suffers from serious vulnerabilities...
Sun, 21 Apr 2019 21:13:12 - #ddos #cybersecurity #mirai #botnet #blockchain #security

These are the most commonly hacked passwords - is one of them yours?

Enterprise - ZDNet News - Your name, your favorite football team and your favourite band: The UK's National Cyber Security Centre has released a list of the...
Sun, 21 Apr 2019 20:40:29 - #cybersecurity #security

PayPal receives patent for ransomware detection technology

Enterprise - ZDNet Blogs - PayPal engineer develops novel approach to detecting and stopping ransomware attacks.
Sun, 21 Apr 2019 20:40:26 - #cybersecurity #security

'Malicious software attack' knocked the Weather Channel off-air for more than an hour

Tech - Mashable - The FBI is currently investigating a "malicious software attack" that interrupted the Weather Channel's non-stop 24-hour-a-day coverage.
The...
Sun, 21 Apr 2019 20:13:07 - #cybersecurity #security

Navigating the AI hype in security: 3 dos and 2 don'ts

Infosec - CSO Online - I've been needling the artificial intelligence (AI) hype bubble since 2015 when, after managing a CalTech research grant, I saw...
Fri, 19 Apr 2019 13:13:15 - #ai #security

Broadcom WiFi Driver bugs expose devices to hack

Infosec - Security Affairs - Experts warn of security flaws in the Broadcom WiFi chipset drivers that could allow potential attackers to remotely execute...
Fri, 19 Apr 2019 12:42:32 - #dell #ddos #iot #security

Small businesses remain a rich target for ransomware criminals

Infosec - Barracuda - Cybercrime continues to evolve and new threats appear on a regular basis, but the most effective attacks never go away. While spear...
Fri, 19 Apr 2019 12:42:31 - #ibm #cybersecurity #phishing #security

6 Takeaways from Ransomware Attacks in Q1

Infosec - Dark Reading - Customized, targeted ransomware attacks were all the rage.
Fri, 19 Apr 2019 12:42:30 - #cybersecurity #security

The cybersecurity helpline protecting citizens from digital attacks

Infosec - The Daily Swig - Access Now offers 24/7 advice to victims of cybercrime
Fri, 19 Apr 2019 12:42:28 - #cybersecurity #security

Phishing Trends and Intelligence Report

Infosec - PhishLabs - This year's report focuses on the growing social engineering threat.

Regardless of advancements in technology, social engineering...
Fri, 19 Apr 2019 12:42:27 - #phishing #cybersecurity #security

Without Targeted Threat Intelligence, Vulnerability Management Teams Face an Uphill Challenge (Part 2)

Infosec - Recorded Future - In the first of this three-part series, we examined the current state of vulnerability management, which evidence suggests...
Fri, 19 Apr 2019 12:42:26 - #cybersecurity #threatintelligence #security

Azure resources to assess risk and compliance

Enterprise - Microsoft Azure - This blog post was co-authored by Lucy Raikova, Senior Program Manager, Azure Global - Financial Services.

It is vital for...
Fri, 19 Apr 2019 12:42:23 - #microsoft #datacenter #devops #cybersecurity #cloud #azure #ai #threatprotection #security

U.S. Congress Finally Gets Some Good Ideas About IoT Security

Electronics - IEEE Spectrum - U.S. Congress Finally Gets Some Good Ideas About IoT security

In 2016, attacks such as the...
Fri, 19 Apr 2019 12:42:06 - #cybersecurity #iot #mirai #botnet #security

Someone hacked The Weather Channel

Tech - BGR - We live in an age where companies suffer data breaches and hacks of various types on a disturbingly regular basis. Credit card companies,...
Fri, 19 Apr 2019 12:41:58 - #cybersecurity #security

Help wanted: security pros looking to jump-start careers

Business Wire - Infosec and CompTIA are now accepting applications for four cybersecurity scholarships - wanting to impact the cyber workforce gap.
Thu, 18 Apr 2019 17:13:25 - #cybersecurity #security

The first DDoS attack was 20 years ago. This is what we've learned since.

Think - MIT Technology Review - On the 20th anniversary of the first distributed denial of service attack, cybersecurity experts say the internet must...
Thu, 18 Apr 2019 17:13:18 - #cybersecurity #ddos #security

The cybersecurity helpline protecting citizens from nation-state attacks

Infosec - The Daily Swig - Access Now offers 24/7 advice to victims of cybercrime
Thu, 18 Apr 2019 16:42:50 - #cybersecurity #security

Ransomware Attack Targeted Data Intelligence Firm Verint

Infosec - TripWire - The State of Security - Bad actors used a ransomware attack to target the Israeli offices of the customer engagement and digital intelligence...
Thu, 18 Apr 2019 16:42:49 - #tripwire #cybersecurity #security

How to stop infosec pros from speaking geek to management

Enterprise - IT World Canada - At a cyber risk conference experts advise CISOs on how to talk to non-IT people and get the money they want
Thu, 18 Apr 2019 16:42:47 - #cybersecurity #security

Don't Acquire a Company Until You Evaluate Its Data Security

Think - HBR.org - Beware the "data lemon."
Thu, 18 Apr 2019 15:43:20 - #cybersecurity #security

Establishing Information Security in Project Management

Infosec - TripWire - The State of Security - A person recently asked me if it was possible to implement ISO 27001 using a specific project management software...
Thu, 18 Apr 2019 14:41:15 - #tripwire #cybersecurity #security

Ongoing state-sponsored DNS hijacking campaign has compromised 40 entities

Infosec - CyberScoop - Hackers backed by a nation-state have successfully hijacked Domain Name System records to steal credentials from approximately 40...
Thu, 18 Apr 2019 14:41:14 - #cisco #cybersecurity #fireeye #threatintelligence #security

Automating Threat Intelligence Actions With Splunk Phantom Playbooks

Infosec - Recorded Future - Splunk Phantom helps security professionals work smarter, respond faster, and strengthen their defenses through automation...
Thu, 18 Apr 2019 14:13:22 - #cybersecurity #phishing #firewall #splunk #threatintelligence #security

Ad blocker firms rush to fix security bug

Infosec - Naked Security - If you're using an ad blocker to filter out online commercials, then beware: You might be vulnerable to a new attack revealed...
Thu, 18 Apr 2019 14:13:20 - #security

Adblock Plus filter can be exploited to execute arbitrary code in web pages

Infosec - Security Affairs - Expert discovered an exploit that could allow ad blocking filter list maintainers for the Adblock Plus, AdBlock, and uBlocker...
Thu, 18 Apr 2019 14:13:19 - #security

How OneLogin responded to its breach and regained customer trust

Infosec - CSO Online - Data breaches have become ubiquitous in today's businesses. In a world where companies of all shapes and sizes can become cyber...
Thu, 18 Apr 2019 14:13:18 - #cybersecurity #security

CVE-2019-0803 Windows flaw exploited to deliver PowerShell Backdoor

Infosec - Security Affairs - A recently fixed local privilege escalation flaw in windows (CVE-2019-0803) had been exploited by bad actors to deliver PowerShell...
Thu, 18 Apr 2019 14:13:17 - #microsoft #64bit #cybersecurity #security

Experts: Breach at IT Outsourcing Giant Wipro

Infosec - Krebs on Security - Indian information technology (IT) outsourcing and consulting giant Wipro Ltd. [NYSE:WIT] is investigating reports that its...
Thu, 18 Apr 2019 14:13:15 - #phishing #security

5 Steps for Reducing Risk From Leaked Credentials

Infosec - Recorded Future - Leaked credential dumps make the news every month. Each credential leak seems to be larger than the last one, which means your...
Thu, 18 Apr 2019 14:13:14 - #supplychain #cybersecurity #threatintelligence #security

Authentication Bypass Bug Hits Top Enterprise VPNs

Infosec - Threatpost - Business users of Cisco, F5 Networks, Palo Alto Networks and Pulse Secure platforms are impacted, according the U.S. government.
Thu, 18 Apr 2019 14:13:13 - #cisco #paloaltonetworks #security

The Single Cybersecurity Question Every CISO Should Ask

Infosec - Dark Reading - The answer can lead to a scalable enterprise security solution for 2019 and beyond.
Thu, 18 Apr 2019 14:13:12 - #cybersecurity #security

A new DDoS technique abuses HTML5 Hyperlink Audit Ping in massive attacks

Infosec - Security Affairs - Experts at Imperva discovered a new type of large-scale DDoS attack that abuses the HTML5 Ping-based hyperlink auditing feature....
Thu, 18 Apr 2019 13:42:51 - #ddos #imperva #security

Microsoft email breach gave hackers access to account information for months

Infosec - CyberScoop - Microsoft has experienced a data breach involving attackers leveraging a customer support account to access customers' email information,...
Thu, 18 Apr 2019 13:42:50 - #microsoft #cybersecurity #security

You're fired: Network-driven security does it better for distributed IT

Enterprise - SiliconANGLE - For many companies, the days of locking data behind monolithic cybersecurity walls are gone. Distributed computing systems and...
Thu, 18 Apr 2019 13:42:45 - #cybersecurity #iot #security

Basic hygiene still central to cyber security, infosec pros told

Enterprise - IT World Canada - At the ICRMC conference two CSOs offer advice on doing the basics, speaking to boards and artificial intelligence
Thu, 18 Apr 2019 13:42:40 - #cybersecurity #security

Oracle security warning: Customers told to patch ASAP to swat 297 bugs

Enterprise - ZDNet News - Update addresses multiple flaws that can be remotely exploited without user credentials.
Thu, 18 Apr 2019 13:42:39 - #oracle #security

Machine Learning powered detections with Kusto query language in Azure Sentinel

Enterprise - Microsoft Azure - This post is co-authored by Tim Burrell, Principal Security Engineering Manager and Dotan Patrich, Principal Software Engineer....
Thu, 18 Apr 2019 13:13:09 - #microsoft #cybersecurity #cloud #azure #firewall #machinelearning #security

Focus on Security - Best Practices for IT Pros

Enterprise - The ChannelPro Network - The cybersecurity threat landscape has never been larger with the continued rise of online business and cloud computing....
Thu, 18 Apr 2019 12:41:53 - #cybersecurity #iot #machinelearning #security

Hackers unleashed 40 million cyberattacks on Ecuador after Julian Assange's arrest

Tech - BGR - Julian Assange's arrest at the end of last week by British officials who finally snatched him at the London embassy in Ecuador where he'd...
Thu, 18 Apr 2019 12:13:23 - #cybersecurity #security

Presidential candidate John Delaney wants to create a Department of Cybersecurity

Tech - The Verge - On Tuesday, former Maryland representative and 2020 presidential candidate John Delaney announced a plan to create an independent...
Thu, 18 Apr 2019 11:42:18 - #cybersecurity #security

Check Point Software Technologies Reports 2019 First Quarter financial Results

Globe Newswire - Check Point(r) Software Technologies Ltd. (NASDAQ: CHKP), today announced its financial results for the first quarter ended March 31, 2019.
Thu, 18 Apr 2019 11:42:04 - #security