Information Security Wire

Woodstock Wire: Information Security Wire

SendGrid Publishes Industry's First Inbox Protection Rate to Increase Cybersecurity and Privacy Transparency Around the Holidays

Business Wire - SendGrid, Inc. (NYSE: SEND), a leading digital communication platform that drives engagement and growth, is the first email service provider...
Wed, 12 Dec 2018 15:39:46 - #cybersecurity #security

Kaspersky Lab Appoints Maxim Frolov as Managing Director, North America

Business Wire - Kaspersky Lab announced today the appointment of Maxim Frolov to the position of Managing Director in North America, effective immediately.
Wed, 12 Dec 2018 15:39:25 - #cybersecurity #security

7 security to-do's for CIOs in 2019

Enterprise - The Enterprisers Project - What should top your list of cybersecurity priorities? Testing, transparency, and talent, for starters
Wed, 12 Dec 2018 15:13:28 - #cybersecurity #security

Microsoft Issues Patch for Windows Zero-Day Flaw Under Active Attack

Infosec - The Hacker News - Microsoft today, on its year-end December Patch Tuesday, released security updates to patch a total 39 vulnerabilities its...
Wed, 12 Dec 2018 14:38:45 - #microsoft #security

December Patch Tuesday: Year-End Batch Addresses Win32k Elevation of Privilege and Windows DNS Server Vulnerabilities

Infosec - TrendLabs Security Intelligence Blog - The just-released Patch Tuesday for December includes a fix for the actively exploited Win32k Elevation...
Wed, 12 Dec 2018 14:38:44 - #microsoft #phishing #security

49% of Cloud Databases Left Unencrypted

Infosec - Dark Reading - Businesses also leave information vulnerable in the cloud by failing to implement MFA and configure Kubernetes settings, new research...
Wed, 12 Dec 2018 14:38:43 - #kubernetes #security

Patch Tuesday, December 2018 Edition

Infosec - Krebs on Security - Adobe and Microsoft each released updates today to tackle critical security weaknesses in their software. Microsoft's December...
Wed, 12 Dec 2018 14:38:42 - #microsoft #cybersecurity #security

Misconfigured server exposed half of Brazilian taxpayer ID numbers: report

Infosec - CyberScoop - A database containing personally identifying information of 120 million Brazilian citizens and residents was accessible on the open...
Wed, 12 Dec 2018 14:38:40 - #cybersecurity #security

How to Apply the Risk Management Framework (RMF)

Infosec - TripWire - The State of Security - What is the Risk Management Framework? The Risk Management Framework (RMF) is most commonly associated with...
Wed, 12 Dec 2018 14:38:38 - #tripwire #security

phpMyAdmin Releases Critical Software Update - Patch Your Sites Now!

Infosec - The Hacker News - Developers of phpMyAdmin, one of the most popular and widely used MySQL database management systems, today released an updated...
Wed, 12 Dec 2018 14:38:37 - #security

How to Secure Windows 10 by Disabling Its Password Recovery Questions

Life - Lifehacker - Password-recovery questions have been a part of Windows 10 for more than a year now, but you'll never know they exist if you sign...
Wed, 12 Dec 2018 14:38:32 - #microsoft #security

How Amazon Web Services runs security at a global scale

Enterprise - ZDNet News - AWS CISO told ZDNet that security is job zero for the cloud behemoth.
Wed, 12 Dec 2018 14:38:31 - #cloud #aws #security

Microsoft vulnerability could have exposed the accounts of 400M Office 365 users

Enterprise - SiliconANGLE - A misconfigured subdomain owned by Microsoft Corp. could have exposed the accounts of as many 400 million Office 365 users to...
Wed, 12 Dec 2018 14:38:29 - #microsoft #security

It's December of 2018 and, to hell with it, just patch your stuff

Enterprise - The Register - Windows, Office, Acrobat, SAP... you know the deal
Microsoft, Adobe, and SAP are finishing up the year with a flurry of activity,...
Wed, 12 Dec 2018 14:38:26 - #security

Kubernetes Privilege Escalation Vulnerability - ASM Mitigation

Enterprise - F5 DevCentral - Kubernetes

A bug in the Kubernetes platform has been disclosed this week by its developers. The bug has been marked as critical...
Wed, 12 Dec 2018 13:39:35 - #kubernetes #security

Unit 42 Cloud Security Trends and Tips

Enterprise - Palo Alto Networks Blog - The benefits for enterprises moving to the cloud are clear: greater flexibility, agility, scalability and cost savings....
Wed, 12 Dec 2018 13:39:31 - #paloaltonetworks #cloud #azure #kubernetes #googlecloud #aws #gdpr #security

Over 40,000 credentials for government portals found online

Enterprise - ZDNet Blogs - Malware operators have collected login credentials for government portals in Italy, Saudi Arabia, Portugal, Bulgaria, Romania,...
Wed, 12 Dec 2018 13:39:29 - #cybersecurity #security

A bug left your Microsoft account wide open to complete takeover

Tech - Mashable - Bug bounty hunter Sahad Nk recently uncovered a series of vulnerabilities that left Microsoft users' accounts - from your Office documents...
Wed, 12 Dec 2018 12:37:45 - #microsoft #cybersecurity #cloud #azure #security

New Report Finds Emails Containing Dangerous Attachments Up More Than 25 Percent

Globe Newswire - Technology - Latest ESRA Detected Incumbent Email Security Systems are Leaving Organizations Vulnerable to Dangerous Attachments, Malware, Impersonation...
Wed, 12 Dec 2018 12:37:31 - #cybersecurity #security

A bug in Microsoft's login system made it easy to hijack anyone's Office account

Tech - TechCrunch - A string of bugs when chained together created the perfect attack to gain access to someone's Microsoft account - simply by tricking...
Tue, 11 Dec 2018 22:13:37 - #microsoft #cloud #azure #security

November 2018's Most Wanted Malware: the Thanksgiving Day Botnet Emerges

Globe Newswire - Technology - Check Point's latest Global Threat Index reveals the Emotet botnet rising up the top malware list in November as a result of...
Tue, 11 Dec 2018 21:13:07 - #cybersecurity #botnet #security

Proofpoint Launches the Industry's First People-Centric Attack Index to Easily Identify the Most Targeted Users Within an Organization

Globe Newswire - Technology - Leading cybersecurity company empowers organizations to understand the risks their users face and tailor their security strategy...
Tue, 11 Dec 2018 18:13:10 - #cybersecurity #proofpoint #security

Industry council urges government to prep for a cyberattack that coincides with a natural disaster

Infosec - CyberScoop - A presidential advisory council has warned the White House and Department of Homeland Security in no uncertain terms that a catastrophic...
Tue, 11 Dec 2018 16:13:08 - #supplychain #cybersecurity #security

6 Cloud Security Predictions for 2019

Infosec - Dark Reading - How the fast pace of cloud computing adoption in 2018 will dramatically change the security landscape next year.
Tue, 11 Dec 2018 16:13:06 - #security

Gartner report sees greater reliance on Privileged Access Management tools

Infosec - Barracuda - We have met the enemy and it's us. That's a feeling many cybersecurity professionals well know. Most security breaches today have...
Tue, 11 Dec 2018 15:39:13 - #microsoft #cybersecurity #ca #devops #phishing #cloud #azure #cyberark #security

HashiCorp Vault 1.0 Open Sources Auto-Unseal, Adds Batch Tokens

Enterprise - InfoQ - HashiCorp has released version 1.0 of Vault, their secrets management tool that open-sources the auto-unseal feature needed to continue...
Tue, 11 Dec 2018 15:39:04 - #kubernetes #hashicorp #security

A Shared Commitment Towards Cloud Security: Expanding Our Partnership with Google Cloud

Enterprise - Palo Alto Networks Blog - At Palo Alto Networks, we have always believed that more and more security services would be delivered from the cloud....
Tue, 11 Dec 2018 15:13:30 - #paloaltonetworks #cybersecurity #firewall #ai #kubernetes #googlecloud #machinelearning #security

AQUA CONTAINER SECURITY PLATFORM AWARDED CIS BENCHMARK CERTIFICATION

Enterprise - DevOps.com - Industry's first commercial solution to be certified for the CIS Kubernetes Benchmark
Tue, 11 Dec 2018 15:13:24 - #kubernetes #devops #security

Equifax breach was 'entirely preventable' had it used basic security measures, says House report

Tech - TechCrunch - A House Oversight Committee report out Monday has concluded that Equifax's security practices and policies were sub-par and its...
Tue, 11 Dec 2018 13:39:22 - #cybersecurity #security

Skybox Security Appoints Amrit Williams as Vice President of Products

Globe Newswire - Technology - Williams to accelerate the delivery of product roadmap as demand for advanced cybersecurity management solutions grows Williams...
Tue, 11 Dec 2018 13:14:17 - #cybersecurity #security

This is how Australia's ban on encryption could endanger us all

Think -
Mon, 10 Dec 2018 17:13:31 - #security

The Phishing Incident Response Playbook

Infosec - PhishLabs - This playbook helps organizations understand how phishing incident response should work.
Mon, 10 Dec 2018 17:13:26 - #phishing #security

8 old technologies that still play roles in security

Infosec - CSO Online - It's easy to assume newer is better, but technology that has been around for decades or longer still has a place in cybersecurity....
Mon, 10 Dec 2018 17:13:25 - #cybersecurity #security

Pentest Toolbox Additions 2018

Infosec - TripWire - The State of Security - I'm a red teamer,.I do work similar to pentesting and use many of the same tools. This year, I've added several...
Mon, 10 Dec 2018 15:13:47 - #tripwire #security

Linux.org's DNS Got Hijacked

Slashdot - Wednesday afternoon around 5pm EST someone was able to get into the registrar account for our domain and point DNS to another...
Sun, 09 Dec 2018 21:08:38 - #security

McAfee Recognized as a Leader in Gartner Magic Quadrant for Security Information and Event Management for Eighth Consecutive Year*

Business Wire - McAfee, the device to cloud cybersecurity company, today announced that for the eighth consecutive year*, Gartner, Inc. has named the company...
Sun, 09 Dec 2018 20:13:27 - #cybersecurity #security

Code42 CISO Jadee Hanson Receives Pioneer Woman in Tech Award

Business Wire - Data loss protection solution provider Code42 announced that its CISO and VP of IS Jadee Hanson is the recipient of a Pioneer Woman in...
Sun, 09 Dec 2018 19:38:11 - #code42 #security

Identity is Security: Bots in the Wild

Infosec - The Identity Quotient Blog - Coming off the heels of Gartner IAM in Vegas, one major theme coming out of the show was software bots. We spent...
Sun, 09 Dec 2018 18:37:14 - #cybersecurity #security

Bomb Threat Hoaxer, DDos Boss Gets 3 Years

Infosec - Krebs on Security - The ringleader of a gang of cyber hooligans that made bomb threats against hundreds of schools and launched distributed denial-of-service...
Sun, 09 Dec 2018 18:37:13 - #ddos #security

All I Want for Christmas... Is a New SSL Certificate

Infosec - TripWire - The State of Security - On Thursday 6th December, 2018, I realized how dependent I was on my mobile phone having an internet connection....
Sun, 09 Dec 2018 18:37:12 - #tripwire #security

Cybersecurity Canon Candidate Book Review: Cyber-War: Anatomy of the Global Security Threat

Enterprise - Palo Alto Networks Blog - We modeled the Cybersecurity Canon after the Baseball Hall of Fame and the Rock & Roll Hall of Fame, except it's a...
Sun, 09 Dec 2018 18:13:22 - #cybersecurity #paloaltonetworks #security

How to Reinforce Your Security Operations Center With Threat Intelligence

Infosec - Recorded Future - In today's cybersecurity landscape, security information and event management (SIEM) systems have become table stakes for modern...
Fri, 07 Dec 2018 17:13:20 - #cybersecurity #firewall #splunk #threatintelligence #security

Top 2018 Enterprise Security Trends

Infosec - FraudWatch Intl - Every year, the entirety of enterprise security incident response changes. New cybersecurity threats come onto the scene, based...
Fri, 07 Dec 2018 17:13:19 - #cybersecurity #iot #security

7 Common Breach Disclosure Mistakes

Infosec - Dark Reading - How you report a data breach can have a big impact on its fallout.
Fri, 07 Dec 2018 17:13:17 - #cybersecurity #security

49 Percent of Phishing Sites Now Use HTTPS

Infosec - The PhishLabs Blog - Since 2015 there has been a steady increase in threat actors' use of SSL certificates to add an air of legitimacy to malicious...
Fri, 07 Dec 2018 17:13:16 - #domains #cybersecurity #phishing #security

Azure Data Lake Storage Gen2 preview - More features, more performance, better availability

Enterprise - Microsoft Azure - Since we announced the limited public preview of Azure Data Lake Storage (ADLS) Gen2 in June, the response has been resounding....
Fri, 07 Dec 2018 15:37:48 - #microsoft #bigdata #cloud #azure #firewall #security

The big data security question: Is cloud safer than on-premise?

Enterprise - SiliconANGLE - Not so many years ago cloud security was an oxymoron, with on-premises databases the only way to keep sensitive data secure....
Fri, 07 Dec 2018 15:37:46 - #bigdata #cybersecurity #security

China is the lead suspect in the Marriott hack, report says

Tech - Mashable - What's worse: a massive financial crime, or a years-long international espionage operation?
China is emerging as the lead suspect...
Fri, 07 Dec 2018 14:13:15 - #cybersecurity #security

Venafi and DigiCert Machine Identity Protection Partnership Delivers New Solution for Large-Scale Enterprise PKI

Business Wire - The combined solution enables organizations to customize and orchestrate PKI and machine identity protection at machine speed...
Thu, 06 Dec 2018 21:13:16 - #digicert #security

Ping Identity Announces New Customer Identity-as-a-Service Solution for Application Developers

Business Wire - Ping Identity, the leader in Identity Defined Security, today announced the public preview of PingOne for Customers. The cloud-based Identity...
Thu, 06 Dec 2018 20:38:25 - #pingidentity #security