Information Security Wire

Woodstock Wire: Information Security Wire

Whip your information security into shape with ISO 27001

Infosec - CSO Online - Every company has sensitive data that needs to be protected. Securing information properly is a challenge that requires careful...
Fri, 22 Mar 2019 15:05:25 - #cybersecurity #security

Use Threat Intelligence to Reduce Third-Party Risk, Says Analytics Expert Thomas H. Davenport

Infosec - Recorded Future - Everything is connected to everything else.
In the internet era, this is no longer just a New Age adage - it's the bare truth...
Fri, 22 Mar 2019 15:05:24 - #cybersecurity #ai #machinelearning #threatintelligence #security

Hackers Take Down Safari, VMware and Oracle at Pwn2Own

Infosec - Threatpost - On the first day of Pwn2Own 2019 hackers poked holes in Apple Safari, VMware Workstation and Oracle VirtualBox.
Fri, 22 Mar 2019 14:42:28 - #oracle #vmware #security

Are hackers gonna hack anymore? Not if we keep reusing passwords

Infosec - Malwarebytes Unpacked - Enterprises have a password problem, and it's one that is making the work of hackers a lot easier. From credential stuffing...
Fri, 22 Mar 2019 14:42:27 - #cybersecurity #proofpoint #security

7 Cloud Service Evaluation Criteria to Help You Choose the Right Cloud Service Provider

Infosec - Threat Stack - The lack of a common framework for assessing Cloud Service Providers (CSPs) combined with the fact that no two CSPs are the same...
Fri, 22 Mar 2019 14:42:25 - #microsoft #cloud #aws #azure #googlecloud #security

Cryptocurrency Risks to Consider: From Cryptomining to Money Laundering

Infosec - Flashpoint - By Mike Mimoso - In the not-so-distant past, cybercriminal use of cryptocurrency was largely limited to using Bitcoin or Monero as...
Fri, 22 Mar 2019 14:42:24 - #cybersecurity #security

3 Ways Threat Intelligence Strengthens the American Intelligence Community

Infosec - Recorded Future - The National Intelligence Strategy of the United States, most recently updated in 2019, provides a framework for intelligence...
Fri, 22 Mar 2019 14:42:21 - #cybersecurity #threatintelligence #security

Email is the #1 target for hackers. Here's how to secure your business

Infosec - ProtonMail - Criminals love to attack businesses via email because it gives them direct access to every organization's weakest link: employees...
Fri, 22 Mar 2019 14:42:20 - #cybersecurity #proofpoint #phishing #gdpr #security

Consumers May Lose Sleep Over These Two New Magecart Breaches

Infosec - RiskIQ - We've now seen Magecart conduct numerous high-profile digital credit card-skimming attacks against major international companies to...
Fri, 22 Mar 2019 14:42:19 - #riskiq #security

Is the Private or Public Cloud Right for Your Business?

Infosec - TripWire - The State of Security - It wasn't a very long time ago when cloud computing was a niche field that only the most advanced organizations...
Fri, 22 Mar 2019 14:42:18 - #tripwire #security

How to audit Windows Task Scheduler for cyber-attack activity

Infosec - CSO Online - Recently Google announced two zero-days that impacted both the Chrome browser and Windows 7 operating system. Google released an...
Fri, 22 Mar 2019 14:42:17 - #microsoft #security

Google white hat hacker found new bug class in Windows

Infosec - Security Affairs - James Forshaw, a white hat hacker at Google Project Zero, has discovered a new class of bugs that affect Windows and some...
Fri, 22 Mar 2019 14:42:16 - #microsoft #security

PuTTY Releases Important Software Update to Patch 8 High-Severity Flaws

Infosec - The Hacker News - The popular SSH client program PuTTY has released the latest version of its software that includes security patches for 8 high-severity...
Fri, 22 Mar 2019 14:42:15 - #security

The Document that Microsoft Eluded AppLocker and AMSI

Infosec - Security Affairs - Experts analyzed an Office document containing a payload that is able to bypass Microsoft AppLocker and Anti-Malware Scan...
Fri, 22 Mar 2019 14:42:14 - #microsoft #cybersecurity #security

Microsoft Office Dominates Most Exploited List

Infosec - Dark Reading - Lone Android vulnerability among the top 10 software flaws most abused by cybercriminals.
Fri, 22 Mar 2019 14:42:13 - #microsoft #android #cybersecurity #security

DDoS Attack Size Drops 85% in Q4 2018

Infosec - Dark Reading - The sharp decline follows an FBI takedown of so-called "booter," or DDoS-for-hire, websites in December 2018.
Fri, 22 Mar 2019 14:42:12 - #ddos #security

Google's New Cloud Security Services for Better Threat Detection and Protection in Enterprises

Enterprise - InfoQ - Google announced three new services for better threat detection and protection in enterprises: Web Risk API, Cloud Armor, and Cloud...
Fri, 22 Mar 2019 14:13:10 - #googlecloud #security

Cisco directs high priority patches for IP phone security exposures

Enterprise - Network World News - Cisco this week advised customers using its 7800 and 8800 series IP phones they should patch a variety of high-priority...
Fri, 22 Mar 2019 13:41:20 - #cisco #ddos #iot #security

A cybersecurity strategy to thwart advanced attackers

Enterprise - Amazon AWS Blog - Today, many Chief Information Security Officers and cybersecurity practitioners are looking for an effective cybersecurity...
Fri, 22 Mar 2019 13:41:19 - #cybersecurity #cloud #aws #security

Cyberattacks: Europe gets ready to face crippling online assaults

Enterprise - ZDNet News - Massive cyberattacks with real-world consequences are no longer unthinkable. Time to get prepared, says Europe.
Fri, 22 Mar 2019 13:41:18 - #cybersecurity #security

Facebook admits it stored 'hundreds of millions' of account passwords in plaintext

Tech - TechCrunch - Flip the "days since last Facebook security incident" back to zero.
Facebook confirmed Thursday in a blog post, prompted by a report...
Fri, 22 Mar 2019 11:41:16 - #cybersecurity #security

6 Ways Mature DevOps Teams Are Killing It in Security

Infosec - Dark Reading - New survey shows where "elite" DevOps organizations are better able to incorporate security into application security.
Thu, 21 Mar 2019 16:13:43 - #devops #security

Does GDPR compliance reduce breach risk?

Infosec - CSO Online - Compliance can be costly and often feels more like red tape and a barrier to business than anything that provides a benefit. A report...
Thu, 21 Mar 2019 16:13:42 - #gdpr #security

World Backup Day is Quickly Approaching

Infosec - Barracuda - The ninth annual World Backup Day is almost here - a March 31 "holiday" established by Youngstown State University student Ismail...
Thu, 21 Mar 2019 16:13:41 - #phishing #cybersecurity #security

Cyber risk management challenges are impacting the business

Infosec - CSO Online - There was quite a bit of banter about boardroom cybersecurity actions at this year's RSA Security Conference. No surprise here;...
Thu, 21 Mar 2019 16:13:39 - #cybersecurity #security

Container Security Tips and Best Practices

Infosec - Threat Stack - Containers provide very important functionality: They package various software applications in "containers" to ensure that they...
Thu, 21 Mar 2019 16:13:38 - #docker #kubernetes #security

Microsoft Targeted by 8 of 10 Top Vulnerabilities in 2018

Infosec - Recorded Future - Click here to download the complete analysis as a PDF.
This analysis focuses on an exploit kit, phishing attack, or remote...
Thu, 21 Mar 2019 16:13:37 - #microsoft #cybersecurity #phishing #security

Worldwide spending on security to reach $103.1bil in 2019 - IDC

Enterprise - ChannelLife New Zealand - Managed security services will be the largest technology category in 2019.
Thu, 21 Mar 2019 15:43:08 - #security

Ixia Performance Test Confirms PA-7080 Is Fastest NGFW

Enterprise - Palo Alto Networks Blog - Mobility and cloud are transforming today's networks, bringing an explosion of data and new mobile and Internet of...
Thu, 21 Mar 2019 15:43:00 - #datacenter #iot #paloaltonetworks #firewall #security

Free Kaspersky Anti-Ransomware Tool now protects businesses from pornware and other cyberthreats

Enterprise - VMblog - Today, Kaspersky Lab has released the next generation of its free Kaspersky Anti-Ransomware Tool for Business , which now includes protection...
Thu, 21 Mar 2019 15:42:59 - #cybersecurity #security

Global threat group Fin7 returns with new SQLRat malware

Enterprise - ZDNet News - Previously unseen malware and a new admin panel have been tied to the notorious group.
Thu, 21 Mar 2019 15:42:56 - #cybersecurity #security

Code42 Next-Gen Data Loss Protection With Data Exfiltration Detection

Enterprise - Storage Newsletter - Code42 Software, Inc. announced its Next-Gen Data Loss Protection solution includes advanced data exfiltration detection....
Thu, 21 Mar 2019 15:13:13 - #code42 #cybersecurity #security

FBI crackdown reduced denial-of-service attack sizes by 85 percent

Enterprise - SiliconANGLE - The Federal Bureau of Investigation shut down 15 of the largest distributed denial of service for hire websites in the world...
Thu, 21 Mar 2019 14:13:12 - #cybersecurity #ddos #security

These are the top ten security vulnerabilities most exploited by hackers

Enterprise - ZDNet News - But one simple thing could help stop the vast majority of these attacks, say researchers.
Thu, 21 Mar 2019 14:13:11 - #security

Reducing security alert fatigue using machine learning in Azure Sentinel

Enterprise - Microsoft Azure - Last week we launched Azure Sentinel, a cloud native SIEM tool. Machine learning (ML) in Azure Sentinel is built-in right from...
Thu, 21 Mar 2019 13:42:50 - #microsoft #cloud #azure #cybersecurity #machinelearning #threatprotection #security

Sorry, Linux. We know you want to be popular, but cyber-crooks are all about Microsoft for now

Enterprise - The Register - Oh, and Flash! Arrrrrggghhh
Eight out of the ten most exploited vulnerabilities tracked by threat intelligence biz Recorded Future...
Thu, 21 Mar 2019 13:42:49 - #microsoft #threatintelligence #security

Microsoft Defender comes to the Mac

Tech - TechCrunch - Microsoft today announced that it is bringing its Microsoft Defender Advanced Threat Protection (ATP) to the Mac. Previously, this...
Thu, 21 Mar 2019 12:41:33 - #microsoft #android #machinelearning #threatprotection #security

Microsoft warns Windows 7 users of looming end to security updates

Tech - TechCrunch - Microsoft has rolled out a patch that will warn Windows 7 users that security updates will soon come to an end.
The patch rolled...
Thu, 21 Mar 2019 12:41:31 - #microsoft #cybersecurity #security

Google browser vulnerability could have let hackers steal personal data

Tech - The Verge - Researchers have discovered a critical vulnerability in Google's Chromium browser that could be used to steal personal data. Positive...
Thu, 21 Mar 2019 12:41:29 - #android #security

Aluminum manufacturing giant Norsk Hydro shut down by ransomware

Tech - TechCrunch - Norsk Hydro, one of the largest global aluminum manufacturers, has confirmed its operations have been disrupted by a ransomware...
Thu, 21 Mar 2019 11:41:42 - #cybersecurity #maker #security

Donated devices are doxing your data, says new research

Tech - TechCrunch - In the space of six months, one security researcher found thousands of files from dozens of computers, phones and flash drives -...
Thu, 21 Mar 2019 11:41:34 - #iot #security

Cybersecurity ROI:  An Oxymoron?

Infosec - TripWire - The State of Security - Return on investment: is it worth the money? That is the central question both government and industry in...
Tue, 19 Mar 2019 13:13:43 - #cybersecurity #tripwire #security

Triton

Infosec - Schneier on Security - Good article on the Triton malware which targets industrial control systems.
Tue, 19 Mar 2019 13:13:42 - #cybersecurity #security

These are the 12 most common phishing email subject lines cyber criminals use to fool you

Enterprise - ZDNet News - Analysis of over 360,000 phishing emails reveals some common themes in phoney emails sent to businesses. Don't get caught out by...
Tue, 19 Mar 2019 13:13:40 - #phishing #security

12 tips for effectively presenting cybersecurity to the board

Infosec - CSO Online - Cybersecurity is a top concern for boards of directors.To read this article in full, please click here(Insider Story)
Tue, 19 Mar 2019 13:13:37 - #cybersecurity #security

Libssh Releases Update to Patch 9 New Security Vulnerabilities

Infosec - The Hacker News - Libssh2, a popular open source client-side C library implementing the SSHv2 protocol, has released the latest version of its...
Tue, 19 Mar 2019 13:13:36 - #redhat #ubuntu #security

Slack Launched Encryption Key Addon For Businesses

Infosec - Security Affairs - Slack announced today to launch encryption keys that will help businesses to protect their data. Slack announced today to...
Tue, 19 Mar 2019 13:13:35 - #antivirus #tripwire #cybersecurity #security

Recorded Future Is Feeling the Love With a High Net Promoter Score

Infosec - Recorded Future - For anyone that knows the team at Recorded Future, you may have caught on to the fact that we're a bunch of overachievers....
Tue, 19 Mar 2019 13:13:34 - #cybersecurity #machinelearning #threatintelligence #security

Monsters in the Middleboxes: Introducing Two New Tools for Detecting HTTPS Interception

Infosec - Cloudflare - The practice of HTTPS interception continues to be commonplace on the Internet. HTTPS interception has encountered scrutiny, most...
Tue, 19 Mar 2019 13:13:33 - #oracle #sophos #android #ddos #antivirus #cybersecurity #security

The Fraud Intelligence Cycle

Infosec - Flashpoint - Usage of the intelligence cycle in the commercial sector is often relegated-and in many cases, exclusively so-to...
Tue, 19 Mar 2019 13:13:32 - #phishing #threatintelligence #cybersecurity #security