Information Security Wire

Woodstock Wire: Information Security Wire

Number of hacktivist attacks declined by 95 percent since 2015

Infosec - Security Affairs - According to a study conducted by IBM, the number of hacktivist attacks that caused quantifiable damage has declined by 95...
Sun, 19 May 2019 02:38:43 - #ibm #cybersecurity #ddos #threatintelligence #security

Yes, there are security ramifications to serverless computing

Enterprise - ZDNet News - With three in five enterprises now going or planning to go serverless, the attack surface widens.
Sun, 19 May 2019 02:38:41 - #serverless #security

Google recalls Bluetooth version of Titan Security Key due to hijack risk

Tech - Digital Trends - Google is offering a free replacement for the Bluetooth Low Energy version of the Titan Security Key. A misconfiguration was...
Sun, 19 May 2019 02:38:38 - #security

A Look Into The Future Of Payments And Commerce

Media - - The future of customer service will include humans and robots working in cahoots. The future of Mastercard - and its issuers and...
Sun, 19 May 2019 02:13:33 - #robotics #gdpr #security

Salesforce outage hits when firm tries to stop data leak

Infosec - Office of Inadequate Security - From the we-tried to fix-the-frying-pan-now-about-that-fire dept., Michael Novinson reports: Salesforce told...
Sun, 19 May 2019 01:39:00 - #salesforce #security

Cisco addressed a critical flaw in networks management tool Prime Infrastructure

Infosec - Security Affairs - Cisco had issued security updates to address 57 security flaw, including three flaws in networks management tool Prime Infrastructure.
Sun, 19 May 2019 01:38:58 - #cisco #security

How to Defend Against ZombieLoad

Infosec - Threat Stack - Earlier this week a group of security researchers from Graz University of Technology, imec-DistriNet, KU Leuven, Worcester Polytechnic...
Sun, 19 May 2019 01:38:57 - #cloud #aws #security

Overcoming the Challenge of Reactivity in Incident Response

Infosec - Recorded Future - This is the first blog in a three-part series where we'll examine how security teams manage incident response processes. Here,...
Sun, 19 May 2019 01:38:56 - #cybersecurity #threatintelligence #verizon #security

XSS flaw in WordPress Live Chat Plugin lets attackers compromise WP sites

Infosec - Security Affairs - A vulnerability in the Live Chat Support plugin for WordPress could be exploited by attackers to inject malicious scripts...
Sun, 19 May 2019 01:38:55 - #wordpress #security

Ping Identity releases new product to provide security from identity attacks

Enterprise - Digital Colorado - Ping Identity today announced a cloud-based multi-factor authentication (MFA) and single sign-on (SSO) bundle, delivering...
Sun, 19 May 2019 01:13:30 - #pingidentity #security

Seven in Ten Cybersecurity Professionals Are Using or Considering Honey Pots, Deception Technology to Deliver Advanced Forensic and Attribution Capabilities

Business Wire - One in five companies are already using...
Fri, 17 May 2019 20:13:31 - #cybersecurity #security

Threat Intelligence Feeds: Overview, Best Practices, and Examples

Infosec - Recorded Future - Key Takeaways
Threat intelligence feeds are constantly updating streams of indicators or artifacts derived from a source outside...
Fri, 17 May 2019 19:39:36 - #cybersecurity #firewall #threatintelligence #security

The most stressful aspects of being a cybersecurity professional

Infosec - CSO Online - Talk with any cybersecurity professional, and you're sure to hear them talk about the challenges they're up against. What stresses...
Fri, 17 May 2019 19:39:35 - #cybersecurity #security

What Colorado learned from treating a cyberattack like a disaster

Infosec - Office of Inadequate Security - Benjamin Freed reports: The Colorado Department of Transportation joined the ranks of dozens of other U.S. government...
Fri, 17 May 2019 19:39:34 - #cybersecurity #security

The Latest Techniques Hackers are Using to Compromise Office 365

Infosec - TripWire - The State of Security - It was only a few years back that cloud technology was in its infancy and used only by tech-savvy, forward-thinking...
Fri, 17 May 2019 19:39:30 - #tripwire #security

A Simple Data Breach Guide (Interpreting GDPR)

Infosec - TripWire - The State of Security - Perhaps it's too melodramatic to claim that the debate over how to define a data breach "rages on" because...
Fri, 17 May 2019 19:39:29 - #tripwire #cybersecurity #security

Akamai Enterprise Defender Simplifies Journey to Zero Trust for Businesses

Enterprise - VMblog - Akamai, the intelligent edge platform for securing and delivering digital experiences, today announced it has launched Enterprise Defender...
Fri, 17 May 2019 19:13:44 - #akamai #security

Office 365 user security practices are woeful, yet it's still 'Microsoft's fault' when an org is breached

Enterprise - The Register - As soon as defences are sold as a product, hygiene suffers
The US Cybersecurity and Infrastructure Security Agency (CISA) has...
Fri, 17 May 2019 19:13:43 - #microsoft #cybersecurity #security

Do Apple devices need anti-virus software?

Enterprise - Computerworld - Apple's devices are far better defended against malware and viruses than other platforms, but does this mean they don't need...
Fri, 17 May 2019 19:13:37 - #cybersecurity #security

Your Quick Start Guide to Better Kubernetes Security

Enterprise - VMblog - Written by Shiri Ivtsan, Product Manager, WhiteSource Security teams often get left behind when it comes to new technologies. Developers...
Fri, 17 May 2019 19:13:34 - #kubernetes #security

Four Cloud Security Concerns (and How to Address Them)

Enterprise - Palo Alto Networks Blog - The cloud can be overwhelming. Counter to the structured and disciplined rigor of old-school, waterfall, data-center-centric...
Fri, 17 May 2019 19:13:33 - #datacenter #paloaltonetworks #docker #ansible #kubernetes #cloud #aws #hybridcloud #security

Microsoft releases new version of Attack Surface Analyzer utility

Enterprise - ZDNet News - New Attack Surface Analyzer 2.0 works on Windows, but also Mac and Linux.
Fri, 17 May 2019 19:13:25 - #microsoft #security

Stack Overflow confirms breach, but customer data said to be unaffected

Tech - TechCrunch - Developer knowledge sharing site Stack Overflow has confirmed hackers breached its systems, but said customer data is unaffected.
Fri, 17 May 2019 14:38:47 - #security

Fixing Some Of The Big Problems In Payments And Commerce

Media - - Cyber fraud can be a corporate killer if complacency sets in - but there's an answer for that. There are also fixes in the works...
Fri, 17 May 2019 13:41:37 - #ai #security

Adobe patches over 80 flaws in Flash, Acrobat Reader, and Media Encoder

Infosec - Security Affairs - Adobe Patch Tuesday updates for May 2019 address a critical flaw in Flash Player and more than 80 vulnerabilities in Acrobat...
Fri, 17 May 2019 13:13:51 - #chromebook #security

Critical Update: Windows Remote Desktop Services Vulnerability

Infosec - Zscaler Research - Earlier today Microsoft released several security updates as part of its regular monthly updates known as...
Fri, 17 May 2019 13:13:50 - #microsoft #cybersecurity #zscaler #security

From the Enterprisers Project: 5 Kubernetes Security Mistakes to Avoid

Enterprise - OpenShift - Over on the Enterprisers Project, Kevin Casey has written a great little piece listing 5 Kubernetes security mistakes you should...
Fri, 17 May 2019 13:13:43 - #redhat #kubernetes #security

Microsoft: 'We're detecting 5 billion cybersecurity threats on devices a month'

Enterprise - ZDNet News - Microsoft offers a new snapshot of the data that feeds into its Intelligence Security Graph.
Fri, 17 May 2019 13:13:39 - #microsoft #cybersecurity #security

LogRhythm Takes Its SIEM to the Cloud

Enterprise - Channelnomics - New hosted option gives security analysts full platform benefits in a SaaS model...
Fri, 17 May 2019 13:13:38 - #threatintelligence #cybersecurity #security

Trump declares national emergency to protect U.S. networks from foreign espionage

Tech - TechCrunch - President Donald Trump has declared a national emergency to "deal with the threat posed by the unrestricted acquisition or use in...
Fri, 17 May 2019 12:41:11 - #acquisition #security

Google recalls its Bluetooth Titan Security Keys because of a security bug

Tech - TechCrunch - Google today disclosed a security bug in its Bluetooth Titan Security Key that could allow an attacker in close physical proximity...
Fri, 17 May 2019 12:13:53 - #phishing #security

CyberArk Software Ltd. (CYBR) CEO Udi Mokady on Q1 2019 Results - Earnings Call Transcript

Seeking Alpha -
Fri, 17 May 2019 12:13:41 - #cyberark #security

Trend Micro Delivers the Industry's Most Complete Security Across Cloud and Container Workloads

Business Wire - Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cybersecurity solutions, today announced the availability of the industry's...
Thu, 16 May 2019 15:13:39 - #cybersecurity #devops #security

Symantec Named a Leader in Gartner Magic Quadrant for Managed Security Services, Worldwide

Business Wire - Symantec announced it has been named a Leader in the Gartner Magic Quadrant for Managed Security Services, Worldwide.
Thu, 16 May 2019 15:13:37 - #security

LogRhythm Releases Cloud-Based NextGen Security Information and Event Management (SIEM) Platform

Business Wire - LogRhythm announced that it has released a cloud-based version of its NextGen SIEM Platform: LogRhythm Cloud.
Thu, 16 May 2019 15:13:32 - #cybersecurity #security

Ping Identity to Highlight Zero Trust and API Security at May Industry Events

Business Wire - Ping Identity, the leader in Identity Defined Security, today announced its upcoming webinars and speaking engagements for the month of May,...
Thu, 16 May 2019 15:13:30 - #pingidentity #ai #machinelearning #security

Website Attack Attempts Rose by 69% in 2018

Infosec - Dark Reading - Millions of websites have been compromised, but the most likely malware isn't cyptomining: it's quietly stealing files and redirecting...
Thu, 16 May 2019 13:13:22 - #cybersecurity #security

Baltimore Ransomware Attack Takes Strange Twist

Infosec - Dark Reading - Tweet suggests possible screenshot of stolen city documents and credentials in the wake of attack that took down city servers...
Thu, 16 May 2019 13:13:21 - #cybersecurity #security

After Meltdown and Spectre, meet a new set of Intel chip flaws

Infosec - CyberScoop - Those who warned that the Meltdown and Spectre computer chip flaws revealed last year would trigger a new era of hardware vulnerability...
Thu, 16 May 2019 13:13:20 - #oracle #cybersecurity #hypervisor #security

Cybersecurity professionals are no match for cyber-adversaries

Infosec - CSO Online - Cybersecurity professionals are paranoid by nature. That's not a bad thing; it's a job requirement. We want our cybersecurity team...
Thu, 16 May 2019 13:13:18 - #cybersecurity #security

Thrangrycat flaw could allow compromising millions of Cisco devices

Infosec - Security Affairs - Security firm Red Balloon discovered a severe vulnerability dubbed Thrangrycat, in Cisco products that could be exploited...
Thu, 16 May 2019 13:13:17 - #cisco #flash #security

How Threat Intelligence Applies to 6 Main Security Roles

Infosec - Recorded Future - Threat intelligence is sometimes misconstrued as something that can only be used and understood by experts, or just streams...
Thu, 16 May 2019 13:13:16 - #cybersecurity #phishing #machinelearning #threatintelligence #security

The NSA knows its weapons may one day be used by its targets

Infosec - CyberScoop - U.S. military commanders say that when Cyber Command and the National Security Agency use a capability against targets abroad, they...
Thu, 16 May 2019 13:13:14 - #microsoft #cybersecurity #security

200 million-record breach: Why collecting too much data raises risk

Infosec - CSO Online - If you don't collect it, no one can steal it.Sometimes the best way to secure customer data is not to collect it in the first place....
Thu, 16 May 2019 13:13:13 - #cybersecurity #security

Context is Everything: Using Tags and Classifications in RiskIQ PassiveTotal

Infosec - RiskIQ - As an analyst, how much time can you afford to waste at work?
Do you have eight hours to spend investigating those 203 suspect hosts...
Thu, 16 May 2019 12:40:20 - #riskiq #firewall #security

6 Common Compliance Conundrums to Know About

Infosec - TripWire - The State of Security - Cyber security assessment initiatives and frameworks abound in the US government, the most important being...
Thu, 16 May 2019 12:40:19 - #cybersecurity #tripwire #security

Azure Firewall and network virtual appliances

Enterprise - Microsoft Azure - Network security solutions can be delivered as appliances on premises, as network virtual appliances (NVAs) that run in the...
Thu, 16 May 2019 12:40:07 - #microsoft #devops #cloud #azure #firewall #security

Google adds the Pixel 3a to its Android Enterprise Recommended program

Enterprise - ZDNet News - Touting its enterprise-grade security and support for zero-touch enrollment, Google endorses the new low-cost phone for knowledge...
Thu, 16 May 2019 12:40:03 - #android #security

SIEM Pricing Models Set for a Shake-Up

Enterprise - Data Center Knowledge - Next-gen SIEM providers eyeing incumbents with new tech features, modern takes on pricing
Thu, 16 May 2019 12:14:09 - #datacenter #cybersecurity #security

Microsoft Office 365: Change these settings or risk getting hacked, warns US govt

Enterprise - ZDNet News - Don't forget these configurations when moving to Office 365 in the cloud, says Department of Homeland Security's CISA.
Thu, 16 May 2019 12:14:06 - #microsoft #security