Information Security Wire

Woodstock Wire: Information Security Wire

Elastic adds endpoint security to its expanding toolset

Tech - TechCrunch - Elastic acquired Endgame Security in June for $234 million, and as a result of that deal, today the company announced Elastic Endpoint...
Wed, 16 Oct 2019 12:13:51 - #acquisition #machinelearning #cybersecurity #security

Elastic Introduces Elastic Endpoint Security

Business Wire - Elastic N.V. (NYSE: ESTC), the company behind Elasticsearch and the Elastic Stack, today announced the introduction of Elastic Endpoint Security,...
Tue, 15 Oct 2019 14:20:30 - #elasticsearch #acquisition #cybersecurity #security

Clean IT Up: Cyber Hygiene Controls Tips

Infosec - TripWire - The State of Security - October is national cybersecurity awareness month, and with the recent hacks at Door Dash, the discovery of...
Tue, 15 Oct 2019 13:36:48 - #cybersecurity #tripwire #security

Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks

Infosec - The Hacker News - In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of...
Tue, 15 Oct 2019 13:36:47 - #security

Private Cloud vs Public Cloud Security Challenges

Infosec - TripWire - The State of Security - As a system administrator during the early days of the "cloud revolution" I found the "cloud" metaphor an...
Tue, 15 Oct 2019 12:14:26 - #tripwire #security

Tamper Protection Arrives for Microsoft Defender ATP

Infosec - Dark Reading - The feature, designed to block unauthorized changes to security features, is now generally available.
Tue, 15 Oct 2019 12:14:25 - #microsoft #security

Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

Infosec - The Hacker News - Attention Linux Users!

A vulnerability has been discovered in Sudo-one of the most important, powerful, and commonly used...
Tue, 15 Oct 2019 12:14:24 - #security

Europol: Ransomware remains top threat in IOCTA report

Infosec - Malwarebytes Unpacked - The European Union Agency for Law Enforcement Cooperation, or Europol, just released its annual Internet Organized Crime...
Tue, 15 Oct 2019 12:14:23 - #ddos #cybersecurity #maker #phishing #security

Firefox vulnerable to trivial CSP bypass

Infosec - The Daily Swig - Exploit allows potentially malicious content to bypass browser's defenses
Tue, 15 Oct 2019 12:14:22 - #security

Cybersecurity becoming bigger IT recruitment factor

Infosec - Barracuda - At a time when most businesses are finding it difficult to hire and retain IT professionals, business leaders may want to consider...
Tue, 15 Oct 2019 12:14:21 - #cybersecurity #iot #phishing #security

Millions of computers at risk as Windows 7 nears end of life

Infosec - The Daily Swig - Users and sysadmins have just three months to upgrade
Tue, 15 Oct 2019 12:14:20 - #security

More than 30 Security Vulnerabilities Surfaced and $33,750 awarded to Hackers in Eighth Department of Defense Bug Bounty Program with HackerOne

Business Wire - Through partnership with the Defense Digital Service, the U.S. Department of Defense (DoD) and HackerOne today announced the results of the Department's...
Tue, 15 Oct 2019 12:13:54 - #security

SAIC Presents 10 Veterans With CyberWarrior Scholarships to Enhance Their Cybersecurity Careers

Business Wire - Science Applications International Corp. (NYSE: SAIC) has selected 10 veteran recipients for its CyberWarrior(tm) Scholarship. In collaboration...
Tue, 15 Oct 2019 12:13:53 - #cybersecurity #security

Malware Attack Knocks Pitney Bowes' Systems Offline

Media - - Shipping and technology behemoth Pitney Bowes is the latest in a string of high-profile companies to be hit in a cyberattack.
Tue, 15 Oct 2019 11:13:19 - #cybersecurity #security

4 no-brainer online security measures we need to start practicing now

Think - Big Think - NoneThe sheer number of massive data breaches and known security vulnerabilities online today should be enough to scare us into better...
Mon, 14 Oct 2019 12:38:32 - #cybersecurity #antivirus #security

Equifax data breach FAQ: What happened, who was affected, what was the impact?

Infosec - CSO Online - In March 2017, personally identifying data of hundreds of millions of people was stolen from Equifax, one of the credit reporting...
Mon, 14 Oct 2019 12:13:48 - #cybersecurity #security

Imperva explains how hackers stole AWS API Key and accessed to customer data

Infosec - Security Affairs - Imperva shared details on the incident it has recently suffered and how hackers obtain data on Cloud Web Application Firewall...
Mon, 14 Oct 2019 12:13:47 - #cybersecurity #ddos #imperva #firewall #cloud #aws #security

Climbing the Vulnerability Management Mountain: Reaching Maturity Level 1

Infosec - TripWire - The State of Security - The time at ML:0 can be eye-opening form many organizations. There are generally a lot of assets discovered...
Mon, 14 Oct 2019 12:13:29 - #tripwire #security

Chinese communist party's app is reportedly spying on its 100M users

Media - The Next Web - A report from the German cybersecurity firm Cure53 suggests the Chinese communist party's app, Study the Great Nation, has 'superuser'...
Mon, 14 Oct 2019 11:35:38 - #android #cybersecurity #security

FIN7 Hackers group is back with a new loader and a new RAT

Infosec - Security Affairs - FireEye Mandiant discovered that the FIN7 hacking group added new tools to its cyber arsenal, including a module to target...
Sun, 13 Oct 2019 22:13:42 - #fireeye #antivirus #cybersecurity #maker #security

SIM cards used in 29 countries are vulnerable to Simjacker attack

Infosec - Security Affairs - Security researchers at Adaptive Mobile who discovered the SimJacker issue have published the list of countries where mobile...
Sun, 13 Oct 2019 22:13:41 - #qualcomm #android #ddos #cybersecurity #security

7 SMB Security Tips That Will Keep Your Company Safe

Infosec - Dark Reading - With National Cybersecurity Awareness Month as a backdrop, industry leaders weigh in on how SMBs can more effectively protect...
Sun, 13 Oct 2019 22:13:40 - #cybersecurity #security

Imperva: Data Breach Caused by Cloud Misconfiguration

Infosec - Threatpost - Hackers were able to steal an AWS administrative API key housed in a compute instance left exposed to the public internet.
Sun, 13 Oct 2019 22:13:39 - #cybersecurity #cloud #aws #security

Build Your Cybersecurity Toolkit at Black Hat Europe in December

Infosec - Dark Reading - Now's the time to start planning what to see and do at Black Hat Europe, which is jam-packed with relevant Briefings and Arsenal...
Sun, 13 Oct 2019 22:13:38 - #cybersecurity #security

Creative Wi-Fi Passwords

Infosec - Dark Reading - Let's see a hacker figure out one of these.
Sun, 13 Oct 2019 22:13:36 - #security

Why are cyber insurers incentivizing clients to invest in specific vendors?

Infosec - CyberScoop - The cyber insurance industry is taking baby steps away from a long and messy infancy. For the hundreds of companies that offer policies,...
Sun, 13 Oct 2019 22:13:35 - #fireeye #cybersecurity #security

Top cybersecurity certifications to consider for your IT career

Infosec - Security Affairs - With the right cybersecurity certifications, you can attain your goals seamlessly and in a fast way and speed up your career.
Sun, 13 Oct 2019 22:13:34 - #cybersecurity #iot #security

Imperva releases post-mortem over August data breach

Infosec - The Daily Swig - 'Now, more than ever, we commit to our vision, where data and applications are kept safe'
Sun, 13 Oct 2019 22:13:33 - #cybersecurity #imperva #security

UNIX Co-Founder Ken Thompson's BSD Password Has Finally Been Cracked

Infosec - The Hacker News - A 39-year-old login password of Ken Thompson, the co-creator of the UNIX operating system among, has finally been cracked that...
Sun, 13 Oct 2019 22:13:32 - #security

Hacking Is Not a Crime! Additional Thoughts from DEFCON 2019

Infosec - TripWire - The State of Security - In my previous post, I spoke about all of the different DEFCON villages where attendees can learn about and...
Sun, 13 Oct 2019 22:13:31 - #tripwire #security

Imperva Details Response to Customer Database Exposure

Infosec - Dark Reading - The cloud security's CEO and CTO lay out the timeline of events and the steps customers should take to protect their accounts.
Sun, 13 Oct 2019 22:13:29 - #imperva #security

Introducing Okta DynamicScale: Accelerating Digital Transformation for Global Businesses

Infosec - Okta Blog - Today at Okta's inaugural Showcase event, we're proud to announce the launch of Okta DynamicScale, a high-capacity customer identity...
Sun, 13 Oct 2019 22:13:28 - #devops #identity #security

Akamai Snaps Up ChameleonX to Tackle Magecart

Infosec - Dark Reading - The Israel-based ChameleonX aims to protect websites from cyberattacks targeting payment data.
Sun, 13 Oct 2019 22:13:27 - #akamai #cybersecurity #security

Works of Art: Cybersecurity Inspires 6 Winning Ideas

Infosec - Dark Reading - The Center for Long Term Cybersecurity recently awarded grants to six artists in a contest to come up with ideas for works with...
Sun, 13 Oct 2019 22:13:26 - #cybersecurity #security

New Reductor Nation-State Malware Compromises TLS

Infosec - Schneier on Security - Kaspersky has a detailed blog post about a new piece of sophisticated malware that it's calling Reductor. The malware...
Sun, 13 Oct 2019 22:13:25 - #cybersecurity #security

Cyber insurance: here to stay, whether we like it or not

Infosec - Malwarebytes Unpacked - Cyber insurance has been a big talking point in infosec circles for many months now. We've mentioned it in passing ourselves...
Sun, 13 Oct 2019 22:13:24 - #cybersecurity #phishing #security

Identity & Access Management: The Cornerstone of Enterprise Security

Infosec - The Identity Quotient Blog - Privileged Access Management (PAM) is a sub-discipline within the identity governance framework. PAM can be implemented...
Sun, 13 Oct 2019 22:13:23 - #iot #security

Critical Security Vulnerability Disclosed in iTerm2 App

Infosec - TripWire - The State of Security - A critical vulnerability has been discovered in the popular iTerm2 application, an open source terminal emulator...
Sun, 13 Oct 2019 22:13:22 - #tripwire #security

SAP October 2019 Security Patch Day fixes 2 critical flaws

Infosec - Security Affairs - SAP addressed two critical vulnerabilities (Hot News) as part of the October 2019 Security Patch Day.
Sun, 13 Oct 2019 21:36:07 - #cybersecurity #security

20 DevSecOps Pros Reveal the Most Important Considerations in Building a DevSecOps Pipeline

Infosec - Threat Stack - In a recent Threat Stack report, 44 percent of DevOps professionals we surveyed said that when it comes to security-related issues,...
Sun, 13 Oct 2019 21:36:06 - #microsoft #cybersecurity #forgerock #devops #robotics #cloud #azure #firewall #microservices #kubernetes #aws #security

3 actions to take during cybersecurity awareness month

Infosec - CSO Online - Are you aware that October is national cybersecurity awareness month? If you aren't, you're not alone. There's lots of cybersecurity...
Sun, 13 Oct 2019 21:36:05 - #cybersecurity #security

FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops

Infosec - TrendLabs Security Intelligence Blog - We discovered that the online credit card skimming attack known as Magecart or E-Skimming was actively...
Sun, 13 Oct 2019 21:36:03 - #googlecloud #cybersecurity #security

Multiple APT groups are exploiting VPN vulnerabilities, NSA warns

Infosec - Security Affairs - NSA is warning of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws
Sun, 13 Oct 2019 21:36:02 - #cybersecurity #fortinet #paloaltonetworks #security

Centralized Access Management Needs to Be Secure and Selective

Infosec - Okta Blog - Give a kid free reign in a candy shop, and you know what will happen. They won't fill their bag with gummy bears alone-they'll go...
Sun, 13 Oct 2019 21:36:01 - #identity #security

Bad News From the EU: High Court Blesses Global Takedown Order

Infosec - EFF Deeplinks - The European Union seems to fallen in love with the idea of requiring service providers to edit the Internet, with predictable...
Sun, 13 Oct 2019 21:35:59 - #robotics #security

How to protect against stalkerware, a murky but dangerous mobile threat

Infosec - Malwarebytes Unpacked - Last week, we pledged that-in honor of National Cybersecurity Awareness and Domestic Violence Awareness months-we would...
Sun, 13 Oct 2019 21:35:57 - #cisco #android #cybersecurity #wearables #security

The Value of Dark Web Coverage for Third-Party Risk Management

Infosec - Recorded Future - Everyone knows that a key ingredient to an effective third-party risk program is comprehensive, high-quality risk information....
Sun, 13 Oct 2019 21:35:56 - #supplychain #cybersecurity #machinelearning #security

How concerned are you about the privacy challenges of your IoT devices?

Infosec - WeLiveSecurity - An ESET survey of thousands of people in North America provides a peek into how they perceive the privacy and security of their...
Sun, 13 Oct 2019 21:35:55 - #iot #security

Experts Gather to Discuss Cybersecurity and Fraud during National Cyber Security Awareness Month

Business Wire - iconectiv's Chief Information Security Officer, Michael Iwanoff, will be speaking at the 2019 Private Equity International Operating Partners...
Sun, 13 Oct 2019 20:13:34 - #cybersecurity #security

California's Privacy Act: What you need to know now

Tech - TechCrunch - This week California's attorney general, Xavier Becerra, published draft guidance for enforcing the state's landmark privacy legislation.
Sun, 13 Oct 2019 20:13:27 - #ccpa #security