Information Security Wire

Woodstock Wire: Information Security Wire

Ignore these 3 cybersecurity risks at your own peril

Media - The Next Web - Cybersecurity is often described as a 360-degree threat. That term refers to the fact that cyberattacks can come from any direction,...
Sun, 25 Aug 2019 19:38:56 - #cisco #cybersecurity #security

Trend Micro Positioned as a Leader Again in Gartner Magic Quadrant for Endpoint Protection Platforms

Business Wire - Trend Micro today announced that it has been named a Leader in Gartner, Inc.'s 2019 Magic Quadrant for Endpoint Protection Platforms.
Sun, 25 Aug 2019 19:38:45 - #security

Maintain Your Security Edge: Develop And Retain Cybersecurity Talent

Think - Forrester Blogs - As an industry, we gripe about hiring and struggle with retention. My colleagues Jeff, Chase, and JB have written about how...
Sun, 25 Aug 2019 18:37:01 - #cybersecurity #security

Buffer overflow exposes unpatched Squid servers to RCE and DoS attacks

Infosec - Security Affairs - Some versions of the Squid web proxy cache server built with Basic Authentication features are affected by a heap buffer overflow...
Sun, 25 Aug 2019 18:37:00 - #ddos #security

Ransomware Trains Its Sights on Cloud Providers

Infosec - Dark Reading - Ransomware writers are now targeting cloud service providers with network file encryption attacks as a way to hold hostage the...
Sun, 25 Aug 2019 18:36:59 - #cybersecurity #security

50 Valuable PCI Compliance Tips

Infosec - Threat Stack - The Payment Card Industry Data Security Standards (PCI DSS) provides a rigorous security framework and best practices for businesses...
Sun, 25 Aug 2019 18:13:26 - #cybersecurity #firewall #cloud #aws #gdpr #verizon #identity #security

Bumper Cisco patches fix four new 'critical' vulnerabilities

Infosec - Naked Security - Cisco just issued some urgent patching homework in the form of 31 security fixes, 4 of them for flaws rated 'critical'.
Sun, 25 Aug 2019 18:13:25 - #cisco #security

Time to Get Smarter About Threat Intel

Infosec - Dark Reading - Bad actors move faster than threat intelligence feeds and the infosec pros who monitor them, notes Joakim Kennedy, Threat Intel...
Sun, 25 Aug 2019 18:13:24 - #threatintelligence #security

Make DNS a Cornerstone of Your Cyber Security Arsenal

Infosec - Dark Reading - Better known for their essential role in networking, Domain Name Servers should be tapped as a means to identify - and shut down...
Sun, 25 Aug 2019 18:13:23 - #cybersecurity #security

Block newly-registered domains to reduce security threats in your organisation

Infosec - TripWire - The State of Security - It's no secret that there are a lot of websites on the internet hosting malicious content whether they be...
Sun, 25 Aug 2019 18:13:21 - #tripwire #cybersecurity #phishing #security

Visa Adds New Security Capabilities to Detect Fraud and Disrupt Threats

Infosec - TripWire - The State of Security - Visa unveiled a suite of new security capabilities designed to help detect fraud and disrupt threats targeting...
Sun, 25 Aug 2019 18:13:20 - #tripwire #security

Survey: 84% of Security Pros Said Their Organizations Struggled to Maintain Security Configurations in the Cloud

Infosec - TripWire - The State of Security - Headlines continue to suggest that organizations' cloud environments make for tantalizing targets for digital...
Sun, 25 Aug 2019 18:13:19 - #tripwire #security

New FISMA Report Shows Progress, Gaps in Federal Cybersecurity

Infosec - Dark Reading - No major incidents mixed with continuing gaps in implementation paint an improving, but still muddy, picture of cybersecurity...
Sun, 25 Aug 2019 18:13:18 - #cybersecurity #security

China-linked APT41 group targets US-Based Research University

Infosec - Security Affairs - Security experts at FireEye observed Chinese APT41 APT group targeting a web server at a U.S.-based research university.
Sun, 25 Aug 2019 18:13:17 - #atlassian #fireeye #cybersecurity #security

Google Finds 20-Year-Old Microsoft Windows Vulnerability

Infosec - Schneier on Security - There's no indication that this vulnerability was ever used in the wild, but the code it was discovered in -- Microsoft's...
Sun, 25 Aug 2019 18:13:16 - #microsoft #security

Kubernetes - Vulnerable to Denial-of-Service Attacks

Enterprise - Palo Alto Networks Blog - On Wednesday, the Kubernetes Product Security Committee disclosed two new vulnerabilities affecting all versions. The...
Sun, 25 Aug 2019 16:37:12 - #paloaltonetworks #ddos #kubernetes #security

Welcome to the Next Generation of Corporate Phishing Scams

Enterprise - Proofpoint Blog -
Fri, 23 Aug 2019 15:38:19 - #proofpoint #phishing #security

VMware acquires application security startup Intrinsic

Enterprise - CRN - Vendor's seventh acquisition of the year.
Fri, 23 Aug 2019 15:38:18 - #vmware #acquisition #security

Don't worry about shadow IT. Shadow IoT is much worse.

Enterprise - Network World News - For years, IT departments have been railing about the dangers of shadow IT and bring-your-own-device. The worry is that...
Fri, 23 Aug 2019 15:38:16 - #iot #security

Uniting Dev and Sec Teams by Putting Security First

Enterprise - Palo Alto Networks Blog - From product teams to architects to developers, "shift left" security is becoming more an integral part of everyday...
Fri, 23 Aug 2019 15:38:12 - #paloaltonetworks #security

Phishing: These are the companies that hackers impersonate when they try to steal your data

Enterprise - ZDNet News - Just got an email warning that you are locked out of an important account? It might be cyber criminals trying to trick you.
Fri, 23 Aug 2019 15:13:27 - #phishing #security

Ping Identity files for $100M IPO

Tech - TechCrunch - Some eight months after it was reported that Ping Identity's owners Vista Equity had hired bankers to explore a public listing,...
Fri, 23 Aug 2019 15:13:20 - #cisco #pingidentity #security

A botnet has been cannibalizing other hackers' web shells for more than a year

Enterprise - ZDNet News - Neutrino botnet is hijacking servers by taking over other hackers' PHP and Java web shells.
Thu, 22 Aug 2019 13:53:54 - #cybersecurity #botnet #security

Box introduces Box Shield with increased security controls and threat protection

Tech - TechCrunch - Box has always had to balance the idea of sharing content broadly while protecting it as it moved through the world, but the more...
Thu, 22 Aug 2019 11:36:55 - #threatprotection #security

Differences of trust and security in IT and OT systems - and their interplay in IIoT

EE - Enterprise IoT Insights - Hats off to the Industrial Internet Consortium (IIC), which continues to publish comprehensive and constructive guides...
Thu, 22 Aug 2019 11:13:12 - #iot #cybersecurity #security

'Formjacking' soars as hackers hit consumers at checkout

IT Reseller - Online forms such as login pages and shopping baskets are increasingly hijacked by cybercriminals hunting for personal financial information...
Wed, 21 Aug 2019 17:37:41 - #cybersecurity #security

Visa Debuts New Fraud-Fighting Security Suite

Media - - Visa has introduced a new suite of security services designed to protect merchants and users from the latest security threats, according...
Wed, 21 Aug 2019 16:38:46 - #ecommerce #threatintelligence #security

Damage from Silence APT operations increases fivefold. The gang deploys new tools on its "worldwide tour"

Infosec - Security Affairs - Experts from Group-Ib that exposed the most recent campaigns carried out by Silence reported that damage from the APT group...
Wed, 21 Aug 2019 12:14:11 - #cybersecurity #proofpoint #phishing #threatintelligence #security

How Much Are Password Resets Costing Your Company?

Infosec - Okta Blog - Your users are trying to hit deadlines, prepare for meetings, and balance responsibilities. They don't want to slow down to gain...
Wed, 21 Aug 2019 12:14:10 - #security

CISOs Struggle with Diminishing Tools to Protect Assets from Growing Threats

Infosec - Dark Reading - Most CISOs see the risk of cyberattacks growing and feel they're falling behind in their ability to fight back, a new survey finds.
Wed, 21 Aug 2019 12:14:09 - #cybersecurity #security

Apple's New WebKit Policy Takes a Hard Line for User Privacy

Infosec - EFF Deeplinks - Ever since mid-2017, Apple has been tackling web tracking in a big way. Various iterations of its Intelligent Tracking Prevention...
Wed, 21 Aug 2019 12:14:08 - #security

How to Prepare for Misconfigurations Clouding the Corporate Skies

Infosec - Threatpost - With cloud misconfigurations rampant in cloud storage and IaaS environments, adding security layers to identify them is crucial...
Wed, 21 Aug 2019 12:14:07 - #iaas #security

5 Ways to Protect Yourself from IP Address Hacking

Infosec - Security Affairs - Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your...
Wed, 21 Aug 2019 12:14:04 - #cybersecurity #tripwire #antivirus #phishing #firewall #security

The ROI Security Leadership Can Expect From Threat Intelligence (Part 2)

Infosec - Recorded Future - Given the current cybersecurity environment, CEOs and board directors are now taking a closer look at the security posture...
Wed, 21 Aug 2019 12:14:03 - #cybersecurity #threatprotection #threatintelligence #security

Hackers Planted Backdoor in Webmin, Popular Utility for Linux/Unix Servers

Infosec - The Hacker News - Following the public disclosure of a critical zero-day vulnerability in Webmin last week, the project's maintainers today revealed...
Wed, 21 Aug 2019 12:14:01 - #cybersecurity #security

Hacker publicly releases Jailbreak for iOS version 12.4

Infosec - Security Affairs - Apple accidentally unpatched a vulnerability it had already fixed, making current versions of iOS vulnerable to hackers.
Wed, 21 Aug 2019 12:14:00 - #cybersecurity #security

PerimeterX acquires fellow security startup PageSeal to expand product lineup

Enterprise - SiliconANGLE - PerimeterX Inc., a cybersecurity provider backed by $77 million in funding, has dipped into its venture capital war chest to...
Wed, 21 Aug 2019 11:37:43 - #cybersecurity #acquisition #security

Armageddon now or later? Industrial IoT is the new battleground as cyberwar heats up

Enterprise - SiliconANGLE - The stage is set for the world to find out what might happen if petrochemical, gas, and power plant safety systems designed to...
Wed, 21 Aug 2019 11:37:42 - #iot #cybersecurity #security

Azure Security Center single click remediation and Azure Firewall JIT support

Enterprise - Microsoft Azure - Azure Security Center provides...
Wed, 21 Aug 2019 00:13:33 - #microsoft #cloud #azure #firewall #cybersecurity #security

Tough Love: Debunking Myths about DevOps & Security

Infosec - Dark Reading - It's time to move past trivial 'shift left' conceptions of DevSecOps and take a hard look at how security work actually gets accomplished.
Tue, 20 Aug 2019 15:38:50 - #devops #security

Urgent Tips To Guard Against New IoT Cybersecurity Threats

SmartData Collective - Networking technologies have made the world very small in the sense that they have allowed people who are thousands of miles apart to communicate...
Tue, 20 Aug 2019 14:39:46 - #cybersecurity #botnet #iot #security

How to build a threat detection strategy in AWS

Electronics - IEEE Spectrum - Register today to be among the first to receive the associated whitepaper written by SANS analyst and forensics expert David...
Tue, 20 Aug 2019 14:14:01 - #security

Hackers can work out your password by listening to your keystrokes as you type

Enterprise - Silicon Republic - Most users are, at this stage, likely savvy enough to dodge suspicious spear-phishing emails and know not to use the same...
Tue, 20 Aug 2019 14:13:49 - #cybersecurity #wearables #smartphone #security

RiskIQ Taps FireEye Veteran Dean Ćoza to Lead Product, Technology Teams

Globe Newswire - RiskIQ, the global leader in attack surface management, today announced the appointment of Dean Ćoza to its leadership team as Chief Product...
Tue, 20 Aug 2019 13:38:55 - #fireeye #vmware #riskiq #security

5 Limitations of Network-Centric Security in the Cloud

Infosec - Infosec Island - Traditional security solutions were designed to identify threats at the perimeter of the enterprise, which was primarily defined...
Mon, 19 Aug 2019 14:09:57 - #devops #datacenter #cybersecurity #firewall #iaas #cloud #aws #security

61 impacted versions of Apache Struts left off security advisories

Infosec - Naked Security - Researchers found that 24 security advisories inaccurately listed affected versions for the open-source development framework.
Mon, 19 Aug 2019 12:13:34 - #security

5 Common Phishing Attacks and How to Avoid Them?

Infosec - Security Affairs - Phishing is one of the oldest methods of cyberattacks. It uses deceptive and manipulated emails as a tool for gathering personal...
Mon, 19 Aug 2019 12:13:33 - #cybersecurity #tripwire #antivirus #phishing #security

Phishing attacks: Why we're still losing the battle against phoney emails

Enterprise - ZDNet News - People deal with hundreds of emails a day and employers aren't doing enough to help, which means the threat of fake messages will...
Mon, 19 Aug 2019 11:13:21 - #phishing #security

Ping Identity appoints A/NZ & Japan country manager

Enterprise - ChannelLife New Zealand - Melbourne-based Ashley Diffey will be responsible for boosting sales, as well as customer support and services to drive...
Mon, 19 Aug 2019 11:13:18 - #pingidentity #security

Ping Identity Names Kevin Sellers as Chief Marketing Officer

Business Wire - Ping Identity, the leader in Identity Defined Security, today announced that Kevin Sellers has joined the company's leadership team as global...
Sun, 18 Aug 2019 19:37:09 - #pingidentity #security