Information Security Wire

Woodstock Wire: Information Security Wire

Traps Prevents Microsoft Office Equation Editor Zero-Day CVE-2018-0802

Enterprise - Palo Alto Networks Blog - Last November, Microsoft manually patched a remotely exploitable vulnerability (CVE-2017-11882) in Equation Editor,...
Sun, 21 Jan 2018 00:13:07 - #microsoft #paloaltonetworks #cybersecurity #machinelearning #security

How to Protect Webcams From Hackers

Enterprise - VMblog - Webcams have become so integrated into modern computers that most people hardly notice them anymore. Most laptops come with built-in...
Sat, 20 Jan 2018 23:39:34 - #security

Two things will survive a nuclear holocaust: Cockroaches and crafty URLs like ғасеьоок.com

Enterprise - The Register - Pesky phishing pages using international domain names just won't go away
It's been known for a long while that people can use...
Sat, 20 Jan 2018 23:13:27 - #domains #phishing #security

Webroot Security Awareness Training

Enterprise - The ChannelPro Network - Webroot(r) Security Awareness Training offers comprehensive cybersecurity education that MSPs can deliver to their clients.
Sat, 20 Jan 2018 23:13:15 - #cybersecurity #security

Public Cloud Vulnerabilities Abound

Enterprise - Baseline - New research indicates that lax approaches to security are exposing organizations to growing threats in their public cloud computing...
Sat, 20 Jan 2018 22:39:46 - #security

Forget Viruses or Spyware-Your Biggest Cyberthreat Is Greedy Cryptocurrency Miners

Think - MIT Technology Review - Software that hijacks your computer to mine has become the most popular malware on the planet.
Sat, 20 Jan 2018 21:41:24 - #cybersecurity #security

A New Cyber Attack Can Remotely Control Industrial Safety Systems

Think -
Sat, 20 Jan 2018 21:13:19 - #cybersecurity #security

DomainTools 2018 Predictions: Ransomware and DDoS on the Move

Enterprise - VMblog - Industry executives and experts share their predictions for 2018.
Fri, 19 Jan 2018 13:14:08 - #ddos #cybersecurity #security

Internet Systems Consortium rolled out a patch for a BIND security flaw caused DNS Servers Crash

Infosec - Security Affairs - The Internet Systems Consortium (ISC) has issued security updates for BIND to address a high severity vulnerability that could...
Thu, 18 Jan 2018 13:42:24 - #security

The Right Threat Intelligence for Patching

Infosec - Recorded Future - Key Takeaways - Gartner argues that the biggest threats are not the ones that risk causing the most damage to you, but simply...
Thu, 18 Jan 2018 13:42:23 - #cybersecurity #security

CES 2018: Blockchain will solve everything

Infosec - WeLiveSecurity - The first obvious candidate was banking, a sector that has been hard at work trying to implement blockchain to secure the vast...
Thu, 18 Jan 2018 13:42:22 - #blockchain #security

Kaspersky Lab Warns of Extremely Sophisticated Android Spyware Tool

Infosec - Dark Reading - Skygofree appears to have been developed for lawful intercept, offensive surveillance purposes.
Thu, 18 Jan 2018 13:42:21 - #android #cybersecurity #security

6 reasons you're failing to focus on your biggest IT security threats

Infosec - CSO Online - Humans are funny creatures who don't always react in their own best interests, even when faced with good, contrarian data they agree...
Thu, 18 Jan 2018 13:42:19 - #cybersecurity #security

What Type of Emails Get Reported the Most?

Infosec - The PhishLabs Blog - In anticipation of our previous threat monitoring and forensics webinar we asked the Twitterverse what happens after they...
Thu, 18 Jan 2018 13:42:18 - #cybersecurity #phishing #security

Doh!!! The 10 Most Overlooked Security Tasks

Infosec - Dark Reading - Here's a list of gotchas that often slip past overburdened security pros.
Thu, 18 Jan 2018 13:42:17 - #security

Skygofree - Powerful Android Spyware Discovered

Infosec - The Hacker News - Security researchers have unveiled one of the most powerful and highly advanced Android spyware tools that give hackers full...
Thu, 18 Jan 2018 13:42:16 - #android #security

Trisis has the security world spooked, stumped and searching for answers

Infosec - CyberScoop - At first, technicians at multinational energy giant Schneider Electric thought they were looking at the everyday software used to...
Thu, 18 Jan 2018 13:42:15 - #cybersecurity #fireeye #phishing #security

The Anatomy of a Privileged Account Hack

Infosec - The Identity Quotient Blog - Thycotic is a SailPoint Identity+ Alliance partner. This blog post was previously shared on their blog, The Lockdown.
Not...
Thu, 18 Jan 2018 13:42:14 - #cybersecurity #phishing #security

Mozilla edict: 'Web-accessible' features need 'secure contexts'

Enterprise - The Register - If an API or feature needs the web, it needs HTTPS under Mozilla's new plan
Mozilla has decided to further locking down the Internet...
Thu, 18 Jan 2018 13:13:58 - #security

World Economic Forum says cyberattacks present a huge risk to the world economy

Enterprise - SiliconANGLE - Anyone in information technology knows that cyberattacks represent a massive risk for enterprises. But how big? According to a...
Thu, 18 Jan 2018 13:13:52 - #cybersecurity #security

Spectre, Meltdown Update: Oracle Introduces 237 Security Patches

Enterprise - CRN - The breadth of the software giant's portfolio means managed services partners have a big job ahead of them in securing customers across...
Thu, 18 Jan 2018 13:13:50 - #oracle #security

How Managed Security Services Providers Can Meet Modern Cybersecurity Threats

Enterprise - MSPmentor - Managed Security Services Providers (MSSPs) should adopt new security strategies in order to respond to threats like massive DDoS...
Thu, 18 Jan 2018 12:41:22 - #cybersecurity #ddos #security

Google intros Security Center tool for G Suite

Enterprise - ZDNet News - Security center aims to bring together analytics, insights and recommendations about an organization's data security.
Thu, 18 Jan 2018 12:41:21 - #cybersecurity #security

Cloud computing: Why a major cyber-attack could be as costly as a hurricane

Enterprise - ZDNet News - The economic costs of a large cyber-attack could be as large as the impact of a major natural disaster.
Thu, 18 Jan 2018 12:41:15 - #security

The top 10 security challenges of serverless architectures

Enterprise - ZDNet News - Broken authentication and privileged access without cause are among the most common security concerns.
Thu, 18 Jan 2018 12:41:07 - #security

Cyberattacks and War Are Now the Most Feared Risks For 2018

SupplyChain - SupplyChainBrain - The threat of large-scale cyberattacks and a "deteriorating geopolitical landscape" since the election of U.S. President Donald...
Thu, 18 Jan 2018 12:41:02 - #cybersecurity #security

Firmware Updates and Initial Performance Data for Data Center Systems

Electronics - Intel - Over the past several days, Intel has made further progress to address the exploits known as "Spectre" and "Meltdown."...
Thu, 18 Jan 2018 12:40:57 - #microsoft #lenovo #dell #datacenter #devkit #security

Shafted by bosses, disdained by punters, loved by hackers - yes, it's freelance workers

Enterprise - The Register - Turns out they are a top target for phishers
Usenix Enigma Gig economy workers - the fancy new way to describe short-term freelance...
Wed, 17 Jan 2018 15:41:25 - #security

Five Cybersecurity Predictions for 2018

Enterprise - Data Center Knowledge - Exploring how post quantum cryptography, securing the blockchain, autonomous vehicles and more will impact security this...
Wed, 17 Jan 2018 15:14:38 - #cybersecurity #datacenter #blockchain #security

How Azure Security Center helps analyze attacks using Investigation and Log Search

Enterprise - Microsoft Azure - Every second counts when you are under attack. Azure Security Center (ASC) uses advanced analytics and global threat intelligence...
Wed, 17 Jan 2018 15:14:34 - #microsoft #antivirus #cybersecurity #cloud #azure #firewall #security

Azure Security Center adds support for custom security assessments

Enterprise - Microsoft Azure - Azure Security Center monitors operating system (OS) configurations using a set of 150+ recommended rules for hardening the...
Wed, 17 Jan 2018 15:14:22 - #microsoft #cloud #azure #security

Top 3 Pitfalls of Securing the Decentralized Enterprise

Infosec - Dark Reading - Doubling down on outdated security practices while the number of users leveraging your enterprise network grows is a race to the...
Tue, 16 Jan 2018 16:14:05 - #security

Top cybersecurity threats of 2018 and what Cisco is doing to combat them

Cisco - From malware to IoT devices, see where security threats are likely to occur this year. ...
Tue, 16 Jan 2018 16:13:49 - #cisco #cybersecurity #iot #security

How Cisco attacks itself to improve security

Silicon Valley / San Jose Business Journal - Cisco uses unconventional methods, including hacking itself.
Tue, 16 Jan 2018 16:13:46 - #cisco #security

NS1 Launches DNSSEC for DNS Security Without Compromise

Business Wire: Internet - NS1 launches DNSSEC for DNS Security without compromise; implementation delivers zone protection & advanced traffic management
Tue, 16 Jan 2018 16:13:38 - #security

5 Critical Mistakes to Avoid: Choosing an NGFW in a Silo

Enterprise - Palo Alto Networks Blog - This post is part of a blog series where we dive into the five critical mistakes to avoid when evaluating a next-generation...
Tue, 16 Jan 2018 15:13:17 - #paloaltonetworks #firewall #security

Google, Intel, Microsoft, Others Scramble to Fix Cybersecurity Vulnerabilities

Design News - Hardware flaws may be the new big security gap in computers and phones. In the last few days, it has become apparent that Intel, Microsoft, and...
Tue, 16 Jan 2018 14:25:37 - #microsoft #amd #supplychain #cybersecurity #iot #security

Blockchain: The New Kid in Security Circles

Electronics360 - Security applications could see a boost this year from the blockchain -- the technology that drives cryptocurrency such as bitcoin.
Tue, 16 Jan 2018 14:25:25 - #blockchain #security

LeakedSource Founder Arrested for Selling 3 Billion Stolen Credentials

Infosec - The Hacker News - Canadian authorities have arrested and charged an Ontario man for operating a website that collected 'stolen' personal identity...
Tue, 16 Jan 2018 14:13:29 - #security

Digital Businesses Thwart a Record 700 Million Attacks on Consumer Transactions in 2017, Reveals New Cybercrime Report from ThreatMetrix

Business Wire: Internet - ThreatMetrix(r), The Digital Identity Company(r), today revealed that 2017 was a record-setting year in the fight against cybercrime.
Tue, 16 Jan 2018 13:41:27 - #cybersecurity #security

McAfee Recognized as a Leader in Gartner Magic Quadrant for Intrusion Detection and Prevention Systems

Business Wire: Software - McAfee, one of the world's leading cybersecurity companies, today announced that Gartner, Inc. has named the company a Leader in the "Gartner...
Tue, 16 Jan 2018 13:41:25 - #cybersecurity #security

How to make sure Windows gets the right patches coming to it

Enterprise - Computerworld - The Windows emergency security updates issued by Microsoft earlier this month came with an unprecedented prerequisite - a new...
Tue, 16 Jan 2018 13:13:38 - #microsoft #antivirus #security

How Management Can Help Prevent Insider-Caused Data Breaches

Infosec - TripWire - The State of Security - In 2017, some of the world's most devastating cyber attacks were seen. Insider threats continue to be the...
Tue, 16 Jan 2018 13:13:35 - #tripwire #cybersecurity #security

Protecting Philips Healthcare From Cyber Threats

Infosec - Recorded Future - Philips is a company with a long, storied history, going back over 120 years, and many technological achievements to brag about....
Tue, 16 Jan 2018 13:13:32 - #security

Cookies: Should I worry about them?

Infosec - Malwarebytes Unpacked - Starting off the new year, many of us are worried about cookies-how many we ate over the holidays and how we're going...
Tue, 16 Jan 2018 13:13:31 - #microsoft #cybersecurity #security

Meltdown and Spectre Chip Flaws Highlight Pressing Need for DevSecOps

Infosec - Barracuda - There's nothing quite as rude an awakening than discovering after a long holiday break that researchers have discovered not one,...
Tue, 16 Jan 2018 13:13:30 - #microsoft #cybersecurity #devops #security

Indiana hospital shuts down systems after ransomware attack

Infosec - CyberScoop - An Indiana hospital suffered the first ransomware attack aimed at a health care provider this year when part of Hancock Regional...
Tue, 16 Jan 2018 12:39:59 - #cybersecurity #security

Mirai Okiru: New DDoS botnet targets ARC-based IoT devices

Infosec - CSO Online - Well, this is bad...very bad. Mirai malware and its many variants which have targeted CPU architectures in the past, is now targeting...
Tue, 16 Jan 2018 12:39:57 - #ddos #iot #cybersecurity #mirai #botnet #security

Salted Hash Ep 14: Are mass transit systems the next big target?

Infosec - Salted Hash - This week Salted Hash talks with Stan Engelbrecht, director of the cybersecurity practice at D3 Security, about the inherent flaws...
Tue, 16 Jan 2018 12:39:56 - #cybersecurity #security

Preventing zero-day exploits, malware with automated security

Enterprise - SiliconANGLE - Increasingly sophisticated cyberattacks are giving security professionals bigger fish to fry than malware minnows on the network...
Tue, 16 Jan 2018 01:40:12 - #paloaltonetworks #cybersecurity #firewall #security