Information Security Wire

Woodstock Wire: Information Security Wire

Old Magecart Domains are Being Bought Up for Monetization

Infosec - RiskIQ - Old Magecart domains are finding new life in subsequent threat campaigns, many of which are entirely unrelated to web skimming.
Over...
Thu, 19 Sep 2019 13:33:29 - #cybersecurity #riskiq #security

Recorded Future's Journey to ISO 27001 Certification

Infosec - Recorded Future - Over the last few years, Recorded Future has sought and received SOC 2 Type 2 attestation. Since then, we've been trying to...
Thu, 19 Sep 2019 13:33:28 - #cybersecurity #phishing #security

6 questions candidates should ask at every security job interview

Infosec - CSO Online - "Off with their heads!" the Red Queen cried in Alice in Wonderland, but you could be forgiven for thinking that's how some enterprises...
Thu, 19 Sep 2019 13:33:27 - #cybersecurity #security

Skidmap Linux miner leverages kernel-mode rootkits to evade detection

Infosec - Security Affairs - Trend Micro researchers spotted a piece of Linux cryptocurrency miner, dubbed Skidmap that leverages kernel-mode rootkits...
Thu, 19 Sep 2019 13:33:26 - #cybersecurity #security

Auth0 Expands C-Suite with New Executive Appointments

Globe Newswire - Technology - Chief Financial Officer and Chief Product Officer join company to support hypergrowth Chief Financial Officer and Chief Product...
Thu, 19 Sep 2019 13:33:23 - #auth0 #security

Ping Identity Announces Pricing of Initial Public Offering

Business Wire - Ping Identity Holding Corp. ("Ping Identity") today announced the pricing of its initial public offering of 12,500,000 shares of its common stock...
Thu, 19 Sep 2019 13:33:21 - #pingidentity #security

Zscaler Awards Industry Partners at Zenith Live 2019

Business Wire - Zscaler announced the winners of the Zscaler Cloud-first Partner Awards at the company's 2019 Zenith Live - Zscaler Cloud Summit.
Thu, 19 Sep 2019 13:33:15 - #zscaler #security

Automated Cyberattacks on E-commerce Companies Growing More Sophisticated and Difficult to Detect

Business Wire - Imperva, Inc., the cybersecurity leader championing the fight to secure data and applications wherever they reside, today released the first...
Thu, 19 Sep 2019 13:33:13 - #cybersecurity #imperva #security

SentinelOne Named To Inaugural Forbes AI 50 List

Business Wire - SentinelOne, the autonomous endpoint protection company, today announced it was named one of the most promising artificial intelligence (AI)...
Thu, 19 Sep 2019 13:33:12 - #cybersecurity #ai #security

Zscaler and CrowdStrike Partner to Provide Joint Customers with Seamless Protection Across the Cloud and the Endpoint

Business Wire - Zscaler announced a technology partnership with CrowdStrike today.
Thu, 19 Sep 2019 13:33:04 - #zscaler #security

Zscaler Extends Cloud Capabilities to Deliver Secure Access to B2B Applications

Business Wire - Zscaler announces Zscaler B2B, a unique solution that reduces the attack surface introduced by customer-facing applications exposed on the internet.
Thu, 19 Sep 2019 13:33:03 - #zscaler #security

Zscaler Extends Edge Compute, Now Operating in Over 150 Data Centers

Business Wire - The Zscaler(tm) platform is now distributed across over 150 data centers, with the company's latest data center opening in Val-du-Roi, Normandy,...
Thu, 19 Sep 2019 13:33:02 - #datacenter #zscaler #security

The best firewalls for small businesses

Tech - Digital Trends - The best firewalls for small businesses offer affordable setup costs and controls over traffic. We've scoured the web and our...
Thu, 19 Sep 2019 13:13:27 - #firewall #security

GitHub acquires Semmle to help developers spot security vulnerabilities

Media - The Next Web - Popular software hosting service GitHub has acquired Semmle, a code analysis platform that helps product developers and security...
Thu, 19 Sep 2019 12:13:20 - #nasa #microsoft #acquisition #security

How FinTechs Help Merchants With GDPR Compliance

Media - PYMNTS.com - FinTech firms are keeping a pulse on the latest regulations and helping their clients comply with them.
The European Union's General...
Wed, 18 Sep 2019 18:13:28 - #microsoft #cloud #aws #cybersecurity #azure #kubernetes #googlecloud #gdpr #security

Prevent SIM-Swapping Hackers From Stealing Your Phone Number-and the Rest of Your Identity

Life - Lifehacker - You know what's worse than having your password stolen? Having your phone number stolen. SIM-swapping, a type of identity theft,...
Tue, 17 Sep 2019 14:29:51 - #security

Fraudulent purchases of digitals certificates through executive impersonation

Infosec - Security Affairs - Experts at ReversingLabs spotted a threat actor buying digital certificates by impersonating legitimate entities and then...
Tue, 17 Sep 2019 14:13:58 - #antivirus #cybersecurity #gdpr #security

Firefox and Chrome rolling out DNS over HTTPS (DoH) feature

Infosec - The Mac Security Blog - Earlier this month, Mozilla announced that Firefox will begin enabling "DNS over HTTPS" (DoH) by default for USA-based...
Tue, 17 Sep 2019 14:13:57 - #security

US Sanctions 3 Cyberattack Groups Tied to DPRK

Infosec - Dark Reading - Lazarus Group, Bluenoroff, and Andariel were named and sanctioned by the US Treasury for ongoing attacks on financial systems.
Tue, 17 Sep 2019 14:13:56 - #security

Get Your Head Out of the Clouds and Start Governing Access to Your Data

Infosec - The Identity Quotient Blog - "You have to be there
not for the fame and glory, but you have to be there because you believe your talent and ability...
Tue, 17 Sep 2019 14:13:55 - #ccpa #security

Preventing PTSD and Burnout for Cybersecurity Professionals

Infosec - Dark Reading - The safety of our digital lives is at stake, and we need to all do our part in raising awareness of these issues.
Tue, 17 Sep 2019 14:13:54 - #cybersecurity #security

New Threat Actor Fraudulently Buys Digital Certificates to Spread Malware

Infosec - Threatpost - ReversingLabs identified cybercriminals duping certificate authorities by impersonating legitimate entities and then selling the...
Tue, 17 Sep 2019 14:13:53 - #cybersecurity #security

McAfee Deepens Relationship with Oracle to Offer Cloud-Based Next-Generation Security Operations Center

Business Wire - McAfee, the device-to-cloud cybersecurity company, today announced an extended relationship with Oracle to deliver security incident and events...
Tue, 17 Sep 2019 14:13:47 - #oracle #cybersecurity #security

Nexusguard Research Reveals 1,000% Increase in DNS Amplification Attacks Since Last Year

Business Wire - DNS amplification attacks swelled in the second quarter of this year, with the amplified attacks spiking more than 1,000% compared with Q2 2018,...
Tue, 17 Sep 2019 14:13:44 - #ddos #security

New Linux malware mines crypto after installing backdoor with secret master password

Media - The Next Web - Cybersecurity researchers have identified a new strain of Linux malware that not only mines cryptocurrency illicitly, but provides...
Tue, 17 Sep 2019 13:13:30 - #cybersecurity #security

LastPass fixes bug that could let malicious websites extract your last used password

Tech - The Verge - LastPass has patched a bug that would have allowed a malicious website to extract a previous...
Mon, 16 Sep 2019 13:05:26 - #lastpass #security

Database leaks data on most of Ecuador's citizens, including 6.7 million children

Enterprise - ZDNet News - Elasticsearch server leaks personal data on Ecuador's citizens, their family trees, and children, but also some users' financial...
Mon, 16 Sep 2019 13:05:21 - #elasticsearch #security

The Top 10 Highest Paying Jobs in Information Security - Part 1

Infosec - TripWire - The State of Security - Given a surge in digital threats like ransomware, it is no surprise that the field of information security...
Mon, 16 Sep 2019 12:13:34 - #cybersecurity #tripwire #security

GDPR One Year Anniversary: The Civil Society Organizations' View

Infosec - TripWire - The State of Security - GDPR is a landmark in privacy jurisdiction. Through its 99 articles, it sets a framework for both businesses...
Mon, 16 Sep 2019 12:13:32 - #tripwire #gdpr #security

Data Breach Leaks 198M Car Buyers' Personal Data

Media - PYMNTS.com - A massive data breach has compromised the records of 198 million car buyers.
Jeremiah Fowler, a senior security researcher at Security...
Mon, 16 Sep 2019 11:13:12 - #cybersecurity #security

How Cybersecurity Tries To Keep Up With Attackers' Evolving Strategies

Media - PYMNTS.com - The cybersecurity world is witnessing a potentially new, dangerous threat: according to insurance firm Euler Hermes, one of its...
Sun, 15 Sep 2019 20:35:35 - #cybersecurity #supplychain #akamai #fortinet #ai #security

Symantec Awarded Best Enterprise Endpoint and Best Email Security Service by SE Labs

Business Wire - Symantec announced that it has been awarded Best Enterprise Endpoint and Best Email Security Service by SE Labs.
Sun, 15 Sep 2019 20:35:16 - #security

US Sanctions 3 North Korean Hacking Groups Accused for Global Cyber Attacks

Infosec - The Hacker News - The United States Treasury Department on Friday announced sanctions against three state-sponsored North Korean hacking groups...
Sun, 15 Sep 2019 20:13:14 - #cybersecurity #security

How Cloudflare and Wall Street Are Helping Encrypt the Internet Today

Infosec - Cloudflare - Today has been a big day for Cloudflare, as we became a public company on the New York Stock Exchange (NYSE: NET). To mark the occasion,...
Sun, 15 Sep 2019 20:13:13 - #security

Zscaler Reports Slowing Sales Momentum

Enterprise - Channelnomics - The security vendor says it needs a more efficient sales machine, analysts...
Fri, 13 Sep 2019 23:13:14 - #paloaltonetworks #zscaler #acquisition #security

Why Companies Are Forming Cybersecurity Alliances

Think - HBR.org - They're stepping up where governments haven't.
Fri, 13 Sep 2019 15:13:18 - #cybersecurity #security

Five years later, Heartbleed vulnerability still unpatched

Infosec - Malwarebytes Unpacked - The Heartbleed vulnerability was introduced into the OpenSSL crypto library in 2012. It was discovered and fixed in 2014,...
Fri, 13 Sep 2019 13:14:23 - #iot #openssl #heartbleed #cybersecurity #security

Security clearance background checks should take three days, Rep. Will Hurd says

Infosec - CyberScoop - Rep. Will Hurd, who recently announced he is leaving Congress after his current term is up, has something to get off his chest.
The...
Fri, 13 Sep 2019 13:14:22 - #dell #cybersecurity #security

APIs Get Their Own Top 10 Security List

Infosec - Dark Reading - OWASP's new list of API weaknesses focuses on issues that have caused recent data breaches and pose common security hazards in...
Fri, 13 Sep 2019 13:14:21 - #cybersecurity #security

Protecting Infrastructure With TLS Client Authentication

Infosec - Threat Stack - Here at Threat Stack we really like Yubikeys - and they're a critical part of our security program. Many folks know Yubikeys for...
Fri, 13 Sep 2019 13:14:20 - #openssl #haproxy #security

Threat Actors Seek, Solicit Access to Compromised E-commerce Sites

Infosec - Flashpoint - By Abigail Showman - Open source and commercial e-commerce platforms have been targeted for years by threat actors, often armed...
Fri, 13 Sep 2019 13:14:19 - #magento #phishing #security

Fabricated Voice Used in Financial Fraud

Infosec - Schneier on Security - This seems to be an identity theft first:

Criminals used artificial intelligence-based software to impersonate a chief...
Fri, 13 Sep 2019 13:14:18 - #ai #cybersecurity #security

New SIM Card Flaw Lets Hackers Hijack Any Phone Just By Sending SMS

Infosec - The Hacker News - Cybersecurity researchers today revealed the existence of a new and previously undetected critical vulnerability in SIM cards...
Fri, 13 Sep 2019 13:14:17 - #cybersecurity #security

The 5 CIS controls you should implement first

Infosec - CSO Online - Most companies do not properly evaluate computer security risk and end up with controls misaligned to their biggest risks. It's...
Fri, 13 Sep 2019 13:14:16 - #cybersecurity #security

Sophos open-sources Sandboxie, an utility for sandboxing any application

Enterprise - ZDNet News - Sandboxie is now a free download. Source code to be open-sourced at a later date.
Fri, 13 Sep 2019 13:13:59 - #sophos #security

Ransomware attacks: Weak passwords are now your biggest risk

Enterprise - ZDNet News - Researchers at F-Secure analysed attacks over the course of six months and found that brute force attacks are now the preferred...
Fri, 13 Sep 2019 13:13:56 - #phishing #cybersecurity #security

Auth0 is Named to the Forbes 2019 Cloud 100

Globe Newswire - Technology - Auth0 makes repeat appearance on prestigious list of top private global technology companies Auth0 makes repeat appearance on prestigious...
Fri, 13 Sep 2019 13:13:48 - #auth0 #security

August 2019's Most Wanted Malware: Echobot Launches Widespread Attack Against IoT Devices

Globe Newswire - Technology - Check Point's researchers also report the Emotet botnet has been reactivated Check Point's researchers also report the Emotet botnet...
Fri, 13 Sep 2019 13:13:46 - #iot #cybersecurity #botnet #security

How Ethical Hackers Find Weaknesses and Secure Businesses

Infosec - Infosec Island - When people hear about hackers, it typically conjures up images of a hooded figure in a basement inputting random code into...
Thu, 12 Sep 2019 13:37:48 - #microsoft #cybersecurity #security

6 biggest healthcare security threats for 2020

Infosec - CSO Online - Consumers are more worried now about their protected health information (PHI) being compromised, thanks to high-profile breaches...
Thu, 12 Sep 2019 13:37:46 - #security