Information Security Wire

Woodstock Wire: Information Security Wire

4 Lessons to be learned from the DOE's DDoS attack

Infosec - Malwarebytes Unpacked - Analysts, researchers, industry professionals, and pundits alike have all posited the dangers of the next-generation...
Mon, 20 May 2019 13:00:45 - #cybersecurity #ddos #iot #mirai #botnet #security

Will the U.S. government draft cybersecurity professionals?

Infosec - CSO Online - Will there be a giant sucking sound of cybersecurity talent evading the draft by moving to Canada?The National Commission on Military,...
Mon, 20 May 2019 13:00:44 - #cybersecurity #security

Kubernetes security: 4 strategic tips

Enterprise - The Enterprisers Project - Kubernetes security experts share the tips that will help you avoid trouble - and maybe even build support for security...
Mon, 20 May 2019 13:00:43 - #kubernetes #security

OGUsers - 161,143 breached accounts

Infosec - Have I been pwned - In May 2019, the account hijacking and SIM swapping forum OGusers suffered a data breach. The breach exposed a database backup...
Mon, 20 May 2019 12:39:10 - #cybersecurity #security

Security: Are You Doing DevOps Right?

Enterprise - - Phil Kernick, co-founder and CTO of cybersecurity specialist CQR Consulting, has no fundamental problem with DevOps, but asks,...
Mon, 20 May 2019 11:38:56 - #cybersecurity #devops #security

Security researchers discover Linux version of Winnti malware

Enterprise - ZDNet News - Winnti Linux variant used in 2015 in the hack of a Vietnamese gaming company.
Mon, 20 May 2019 11:38:55 - #cybersecurity #security

Hacking forum for trading stolen credentials hacked by other hackers

Enterprise - SiliconANGLE - OGusers, a popular forum for trading stolen account credentials, has itself been hacked and details of members were published...
Mon, 20 May 2019 11:38:54 - #security

Secureworks Magic Quadrant Leader for Security Services

Enterprise - ChannelLife New Zealand - This is the 11th time Secureworks has been positioned as a Leader in the Gartner Magic Quadrant for Managed Security...
Mon, 20 May 2019 11:38:52 - #secureworks #security

Trump declared a national emergency on cybersecurity. What are his other emergencies?

Media - USATODAY - News Top Stories - The order marks the fifth national emergency declaration that President Trump has declared since he became president...
Sun, 19 May 2019 19:38:10 - #cybersecurity #security

Salesforce faced one of its biggest service disruption of ever

Infosec - Security Affairs - Salesforce is facing a huge outage, it shut down a good portion of its infrastructure due to change to the production environment.
Sun, 19 May 2019 16:31:48 - #cybersecurity #salesforce #security

Number of hacktivist attacks declined by 95 percent since 2015

Infosec - Security Affairs - According to a study conducted by IBM, the number of hacktivist attacks that caused quantifiable damage has declined by 95...
Sun, 19 May 2019 02:38:43 - #ibm #cybersecurity #ddos #threatintelligence #security

Yes, there are security ramifications to serverless computing

Enterprise - ZDNet News - With three in five enterprises now going or planning to go serverless, the attack surface widens.
Sun, 19 May 2019 02:38:41 - #serverless #security

Google recalls Bluetooth version of Titan Security Key due to hijack risk

Tech - Digital Trends - Google is offering a free replacement for the Bluetooth Low Energy version of the Titan Security Key. A misconfiguration was...
Sun, 19 May 2019 02:38:38 - #security

A Look Into The Future Of Payments And Commerce

Media - - The future of customer service will include humans and robots working in cahoots. The future of Mastercard - and its issuers and...
Sun, 19 May 2019 02:13:33 - #robotics #gdpr #security

Salesforce outage hits when firm tries to stop data leak

Infosec - Office of Inadequate Security - From the we-tried to fix-the-frying-pan-now-about-that-fire dept., Michael Novinson reports: Salesforce told...
Sun, 19 May 2019 01:39:00 - #salesforce #security

Cisco addressed a critical flaw in networks management tool Prime Infrastructure

Infosec - Security Affairs - Cisco had issued security updates to address 57 security flaw, including three flaws in networks management tool Prime Infrastructure.
Sun, 19 May 2019 01:38:58 - #cisco #security

How to Defend Against ZombieLoad

Infosec - Threat Stack - Earlier this week a group of security researchers from Graz University of Technology, imec-DistriNet, KU Leuven, Worcester Polytechnic...
Sun, 19 May 2019 01:38:57 - #cloud #aws #security

Overcoming the Challenge of Reactivity in Incident Response

Infosec - Recorded Future - This is the first blog in a three-part series where we'll examine how security teams manage incident response processes. Here,...
Sun, 19 May 2019 01:38:56 - #cybersecurity #threatintelligence #verizon #security

XSS flaw in WordPress Live Chat Plugin lets attackers compromise WP sites

Infosec - Security Affairs - A vulnerability in the Live Chat Support plugin for WordPress could be exploited by attackers to inject malicious scripts...
Sun, 19 May 2019 01:38:55 - #wordpress #security

Ping Identity releases new product to provide security from identity attacks

Enterprise - Digital Colorado - Ping Identity today announced a cloud-based multi-factor authentication (MFA) and single sign-on (SSO) bundle, delivering...
Sun, 19 May 2019 01:13:30 - #pingidentity #security

Seven in Ten Cybersecurity Professionals Are Using or Considering Honey Pots, Deception Technology to Deliver Advanced Forensic and Attribution Capabilities

Business Wire - One in five companies are already using...
Fri, 17 May 2019 20:13:31 - #cybersecurity #security

Threat Intelligence Feeds: Overview, Best Practices, and Examples

Infosec - Recorded Future - Key Takeaways
Threat intelligence feeds are constantly updating streams of indicators or artifacts derived from a source outside...
Fri, 17 May 2019 19:39:36 - #cybersecurity #firewall #threatintelligence #security

The most stressful aspects of being a cybersecurity professional

Infosec - CSO Online - Talk with any cybersecurity professional, and you're sure to hear them talk about the challenges they're up against. What stresses...
Fri, 17 May 2019 19:39:35 - #cybersecurity #security

What Colorado learned from treating a cyberattack like a disaster

Infosec - Office of Inadequate Security - Benjamin Freed reports: The Colorado Department of Transportation joined the ranks of dozens of other U.S. government...
Fri, 17 May 2019 19:39:34 - #cybersecurity #security

The Latest Techniques Hackers are Using to Compromise Office 365

Infosec - TripWire - The State of Security - It was only a few years back that cloud technology was in its infancy and used only by tech-savvy, forward-thinking...
Fri, 17 May 2019 19:39:30 - #tripwire #security

A Simple Data Breach Guide (Interpreting GDPR)

Infosec - TripWire - The State of Security - Perhaps it's too melodramatic to claim that the debate over how to define a data breach "rages on" because...
Fri, 17 May 2019 19:39:29 - #tripwire #cybersecurity #security

Akamai Enterprise Defender Simplifies Journey to Zero Trust for Businesses

Enterprise - VMblog - Akamai, the intelligent edge platform for securing and delivering digital experiences, today announced it has launched Enterprise Defender...
Fri, 17 May 2019 19:13:44 - #akamai #security

Office 365 user security practices are woeful, yet it's still 'Microsoft's fault' when an org is breached

Enterprise - The Register - As soon as defences are sold as a product, hygiene suffers
The US Cybersecurity and Infrastructure Security Agency (CISA) has...
Fri, 17 May 2019 19:13:43 - #microsoft #cybersecurity #security

Do Apple devices need anti-virus software?

Enterprise - Computerworld - Apple's devices are far better defended against malware and viruses than other platforms, but does this mean they don't need...
Fri, 17 May 2019 19:13:37 - #cybersecurity #security

Your Quick Start Guide to Better Kubernetes Security

Enterprise - VMblog - Written by Shiri Ivtsan, Product Manager, WhiteSource Security teams often get left behind when it comes to new technologies. Developers...
Fri, 17 May 2019 19:13:34 - #kubernetes #security

Four Cloud Security Concerns (and How to Address Them)

Enterprise - Palo Alto Networks Blog - The cloud can be overwhelming. Counter to the structured and disciplined rigor of old-school, waterfall, data-center-centric...
Fri, 17 May 2019 19:13:33 - #datacenter #paloaltonetworks #docker #ansible #kubernetes #cloud #aws #hybridcloud #security

Microsoft releases new version of Attack Surface Analyzer utility

Enterprise - ZDNet News - New Attack Surface Analyzer 2.0 works on Windows, but also Mac and Linux.
Fri, 17 May 2019 19:13:25 - #microsoft #security

Stack Overflow confirms breach, but customer data said to be unaffected

Tech - TechCrunch - Developer knowledge sharing site Stack Overflow has confirmed hackers breached its systems, but said customer data is unaffected.
Fri, 17 May 2019 14:38:47 - #security

Fixing Some Of The Big Problems In Payments And Commerce

Media - - Cyber fraud can be a corporate killer if complacency sets in - but there's an answer for that. There are also fixes in the works...
Fri, 17 May 2019 13:41:37 - #ai #security

Adobe patches over 80 flaws in Flash, Acrobat Reader, and Media Encoder

Infosec - Security Affairs - Adobe Patch Tuesday updates for May 2019 address a critical flaw in Flash Player and more than 80 vulnerabilities in Acrobat...
Fri, 17 May 2019 13:13:51 - #chromebook #security

Critical Update: Windows Remote Desktop Services Vulnerability

Infosec - Zscaler Research - Earlier today Microsoft released several security updates as part of its regular monthly updates known as...
Fri, 17 May 2019 13:13:50 - #microsoft #cybersecurity #zscaler #security

From the Enterprisers Project: 5 Kubernetes Security Mistakes to Avoid

Enterprise - OpenShift - Over on the Enterprisers Project, Kevin Casey has written a great little piece listing 5 Kubernetes security mistakes you should...
Fri, 17 May 2019 13:13:43 - #redhat #kubernetes #security

Microsoft: 'We're detecting 5 billion cybersecurity threats on devices a month'

Enterprise - ZDNet News - Microsoft offers a new snapshot of the data that feeds into its Intelligence Security Graph.
Fri, 17 May 2019 13:13:39 - #microsoft #cybersecurity #security

LogRhythm Takes Its SIEM to the Cloud

Enterprise - Channelnomics - New hosted option gives security analysts full platform benefits in a SaaS model...
Fri, 17 May 2019 13:13:38 - #threatintelligence #cybersecurity #security

Trump declares national emergency to protect U.S. networks from foreign espionage

Tech - TechCrunch - President Donald Trump has declared a national emergency to "deal with the threat posed by the unrestricted acquisition or use in...
Fri, 17 May 2019 12:41:11 - #acquisition #security

Google recalls its Bluetooth Titan Security Keys because of a security bug

Tech - TechCrunch - Google today disclosed a security bug in its Bluetooth Titan Security Key that could allow an attacker in close physical proximity...
Fri, 17 May 2019 12:13:53 - #phishing #security

CyberArk Software Ltd. (CYBR) CEO Udi Mokady on Q1 2019 Results - Earnings Call Transcript

Seeking Alpha -
Fri, 17 May 2019 12:13:41 - #cyberark #security

Trend Micro Delivers the Industry's Most Complete Security Across Cloud and Container Workloads

Business Wire - Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global leader in cybersecurity solutions, today announced the availability of the industry's...
Thu, 16 May 2019 15:13:39 - #cybersecurity #devops #security

Symantec Named a Leader in Gartner Magic Quadrant for Managed Security Services, Worldwide

Business Wire - Symantec announced it has been named a Leader in the Gartner Magic Quadrant for Managed Security Services, Worldwide.
Thu, 16 May 2019 15:13:37 - #security

LogRhythm Releases Cloud-Based NextGen Security Information and Event Management (SIEM) Platform

Business Wire - LogRhythm announced that it has released a cloud-based version of its NextGen SIEM Platform: LogRhythm Cloud.
Thu, 16 May 2019 15:13:32 - #cybersecurity #security

Ping Identity to Highlight Zero Trust and API Security at May Industry Events

Business Wire - Ping Identity, the leader in Identity Defined Security, today announced its upcoming webinars and speaking engagements for the month of May,...
Thu, 16 May 2019 15:13:30 - #pingidentity #ai #machinelearning #security

Website Attack Attempts Rose by 69% in 2018

Infosec - Dark Reading - Millions of websites have been compromised, but the most likely malware isn't cyptomining: it's quietly stealing files and redirecting...
Thu, 16 May 2019 13:13:22 - #cybersecurity #security

Baltimore Ransomware Attack Takes Strange Twist

Infosec - Dark Reading - Tweet suggests possible screenshot of stolen city documents and credentials in the wake of attack that took down city servers...
Thu, 16 May 2019 13:13:21 - #cybersecurity #security

After Meltdown and Spectre, meet a new set of Intel chip flaws

Infosec - CyberScoop - Those who warned that the Meltdown and Spectre computer chip flaws revealed last year would trigger a new era of hardware vulnerability...
Thu, 16 May 2019 13:13:20 - #oracle #cybersecurity #hypervisor #security

Cybersecurity professionals are no match for cyber-adversaries

Infosec - CSO Online - Cybersecurity professionals are paranoid by nature. That's not a bad thing; it's a job requirement. We want our cybersecurity team...
Thu, 16 May 2019 13:13:18 - #cybersecurity #security