Information Security Wire

Woodstock Wire: Information Security Wire

How To Build A High Performing Platform Payments Fraud Team

Media - PYMNTS.com - In recent years, no type of business has expanded globally at the pace and scale of digital platforms. If there is a sine qua non...
Mon, 17 Jun 2019 12:13:20 - #security

Presenting at the Gartner Security and Risk Management Summit DC 2019

Think - Gartner Blog Network - This is literally a last minute blog post about my sessions at this year's Gartner Security and Risk Management Summit....
Mon, 17 Jun 2019 12:13:16 - #security

DNS hijacking grabs headlines, but it's just the tip of the iceberg

Infosec - CSO Online - Internet pioneer Dr. Paul Vixie wishes people would stop ignoring his advice and start taking security seriously. "I am complaining...
Mon, 17 Jun 2019 12:13:15 - #iot #security

Adding to the Toolkit - Some Useful Tools for Cloud Security

Infosec - TripWire - The State of Security - With more business applications moving to the cloud, the ability to assess network behavior has changed from...
Mon, 17 Jun 2019 12:13:13 - #tripwire #firewall #security

Climbing the Vulnerability Management Mountain

Infosec - TripWire - The State of Security - The purpose of this series of blogs is to guide you on your journey up the Vulnerability Management Mountain...
Mon, 17 Jun 2019 12:13:12 - #tripwire #security

Balancing data protection and research needs in the age of the GDPR

Life - EurekAlert - Scientific journals and funding bodies often require researchers to deposit individual genetic data from studies in research repositories...
Mon, 17 Jun 2019 11:40:08 - #gdpr #security

New Echobot malware is a smorgasbord of vulnerabilities

Enterprise - ZDNet News - Security researchers spot new Mirai variant called Echobot that targets a wide range of IoT devices and enterprise apps.
Mon, 17 Jun 2019 11:40:06 - #iot #cybersecurity #mirai #security

Sitting at the Crossroads of Cybersecurity & Privacy

SupplyChain - EBN Online - The combination of the headline worthy data breaches and new privacy legislation have put data protection and privacy on the top...
Mon, 17 Jun 2019 11:13:17 - #cybersecurity #security

New Echobot Botnet targets Oracle, VMware Apps and includes 26 Exploits

Infosec - Security Affairs - Operators behind the Echobot botnet added new exploits to infect IoT devices, and also enterprise apps Oracle WebLogic and...
Mon, 17 Jun 2019 01:13:25 - #oracle #vmware #akamai #cybersecurity #botnet #iot #mirai #sd-wan #security

Linux worm spreading via Exim servers hit Azure customers

Infosec - Security Affairs - On Friday, security experts at Microsoft warned of a new Linux worm, spreading via Exim email servers, that already compromised...
Mon, 17 Jun 2019 01:13:24 - #microsoft #cybersecurity #phishing #cloud #azure #security

XSS flaw would have allowed hackers access to Google's network and impersonate its employees

Infosec - Security Affairs - Bug hunter Thomas Orlita discovered an XSS vulnerability in Google's Invoice Submission Portal that would have allowed attackers...
Mon, 17 Jun 2019 01:13:23 - #security

Crooks exploit exposed Docker APIs to build AESDDoS botnet

Infosec - Security Affairs - Cybercriminals are attempting to exploit an API misconfiguration in Docker containers to infiltrate them and run the Linux...
Mon, 17 Jun 2019 01:13:22 - #ddos #devops #cybersecurity #docker #botnet #security

The Smallest Hacker Camps Are The Most Satisfying, And You Can Do One Too

EE - Hackaday - Two of my friends and I crammed into a small and aged European hatchback, drove all day along hundreds of miles of motorway, and finally...
Mon, 17 Jun 2019 00:41:35 - #hamradio #security

Hackers behind the world's deadliest code are probing US power firms

Think - MIT Technology Review - A group called Xenotime, which began by targeting oil and gas facilities in the Middle East, now has electrical utilities...
Mon, 17 Jun 2019 00:13:20 - #security

Microsoft's Ann Johnson: 'Identity is the new perimeter'

Enterprise - Silicon Republic - As corporate vice-president of Microsoft's cybersecurity solutions group, Ann Johnson oversees the go-to-market strategies...
Sun, 16 Jun 2019 23:13:54 - #microsoft #cybersecurity #phishing #ai #machinelearning #smartphone #security

Portable Security Policies: A DevSecOps Primer

Enterprise - DevOps.com - Protecting critical data and applications is a challenge under any circumstances, but it's especially daunting when resources reside...
Sun, 16 Jun 2019 23:13:50 - #devops #security

Mozilla addressed flaws in Thunderbird that allow code execution

Infosec - Security Affairs - Mozilla released security updates for the Thunderbird email client that address vulnerabilities that could allow code execution...
Sun, 16 Jun 2019 23:13:28 - #cybersecurity #security

5 Tips for Improving Employee Security Awareness

Infosec - Recorded Future - Ever heard the phrase, "everything old is new again?" That's kind of how it is with security awareness.
A few years ago, you...
Sun, 16 Jun 2019 22:39:44 - #cybersecurity #phishing #threatintelligence #security

Building Modern Security Awareness with Experiences

Infosec - Infosec Island - Experiences and events, the way that I define them, are segments of time in which a learner is more actively engaging in an...
Sun, 16 Jun 2019 22:39:43 - #cybersecurity #phishing #security

BlueKeep RDP Vulnerability a Ticking Time Bomb

Infosec - Dark Reading - One month after Microsoft disclosed the flaw, nearly 1 million systems remain unpatched, and Internet scans looking for vulnerable...
Sun, 16 Jun 2019 22:39:42 - #microsoft #security

Yubico is replacing for free YubiKey FIPS devices due to security weakness

Infosec - Security Affairs - Yubico is replacing YubiKey FIPS security keys due to a serious flaw that makes cryptographic operations easier to crack under...
Sun, 16 Jun 2019 22:13:12 - #security

Millions of Exim mail servers are currently under attack

Infosec - Security Affairs - Hackers are targeting millions of mail servers running vulnerable Exim mail transfer agent (MTA) versions, threat actors leverage...
Sun, 16 Jun 2019 22:13:11 - #cybersecurity #security

Remediant Discusses Unique Just-in-Time Approach to Privileged Access Management at Gartner Security & Risk Management Summit

Globe Newswire - Remediant, Inc., a leading provider of Privileged Access Management (PAM) software, is a silver sponsor of the Gartner Security & Risk Management...
Sun, 16 Jun 2019 21:41:42 - #security

SAIC Promotes Cybersecurity Careers for Veterans Through Its CyberWarrior Scholarship

Business Wire - Science Applications International Corp. (NYSE: SAIC) is now accepting applications for its CyberWarrior(tm) Scholarship. In collaboration with...
Sun, 16 Jun 2019 21:13:42 - #cybersecurity #security

Use of DNS Firewalls Could Have Prevented More Than $10B in Data Breach Losses Over the Past 5 Years

Domains - CircleID - New research from the Global Cyber Alliance (GCA) released on Wednesday reports that the use of freely available DNS firewalls could...
Sun, 16 Jun 2019 21:13:37 - #ibm #cybersecurity #iot #phishing #firewall #security

The DevOps Security Stack

Enterprise - DevOps.com - The whole idea behind DevOps is automation. DevOps automates the development process by eliminating or minimizing human error....
Sun, 16 Jun 2019 20:40:29 - #devops #security

WSL2 and Kali

Infosec - Kali Linux - Kali Linux has had support for WSL for some time, but its usefulness has been somewhat limited. This was mostly due to restrictions...
Sun, 16 Jun 2019 20:40:15 - #security

SQL Injection Attacks Represent Two-Third of All Web App Attacks

Infosec - Dark Reading - When Local File Inclusion attacks are counted, nearly nine in 10 attacks are related to input validation failures, Akamai report...
Sun, 16 Jun 2019 20:40:13 - #akamai #security

Protecting Project Galileo websites from HTTP attacks

Infosec - Cloudflare - Yesterday, we celebrated the fifth anniversary of Project Galileo. More than 550 websites are part of this program, and they have...
Sun, 16 Jun 2019 20:40:12 - #ddos #phishing #firewall #wordpress #machinelearning #threatintelligence #security

Apple iOS 13 will better protect user privacy, but more could be done

Infosec - Malwarebytes Unpacked - Last week, Apple introduced several new privacy features to its latest mobile operating system, iOS 13. The Internet,...
Sun, 16 Jun 2019 20:40:11 - #iphone7 #smartphone #security

May 2019's Most Wanted Malware: Patch Now to Avoid the BlueKeep Blues

Globe Newswire - Technology - Check Point's researchers confirm multiple scanning attempts globally to locate systems vulnerable to the BlueKeep RDP flaw, which...
Sun, 16 Jun 2019 14:39:47 - #cybersecurity #security

Threat Stack and JASK Partner to Reduce Time to Respond to Security Incidents Across Entire Customer Security Infrastructure

Business Wire - Threat Stack, the leader in cloud security and compliance for infrastructure and applications, and JASK, the provider of the industry's...
Sun, 16 Jun 2019 02:13:24 - #cybersecurity #security

CyberArk Named a Leader in 2019 Fortress Cyber Security Awards

Business Wire - CyberArk (NASDAQ: CYBR) was named a 2019 Fortress Cyber Security Awards winner in the Leadership category.
Sun, 16 Jun 2019 02:13:22 - #cybersecurity #cyberark #security

Ransomware halts production for days at major airplane parts manufacturer

Enterprise - ZDNet News - Nearly 1,000 employees sent home for the entire week, on paid leave.
Sun, 16 Jun 2019 01:39:52 - #cybersecurity #security

Two hacking groups responsible for huge spike in hacked Magento 2.x stores

Enterprise - ZDNet News - Number of hacked Magento 2.x stores doubles for the third month in a row.
Sun, 16 Jun 2019 01:13:21 - #magento #security

Secure Cloud Access: Why We Choose Palo Alto Networks

Enterprise - Palo Alto Networks Blog - Low TCO. Faster Time to Resolution. Immediate Security Value. Check!

Apttus was born in the cloud. We provide AI-driven...
Sun, 16 Jun 2019 01:13:20 - #datacenter #paloaltonetworks #cloud #azure #firewall #aws #cybersecurity #security

Orca Security to take novel full stack cloud visibility solution to market through MSSP/MDR channel

Enterprise - ChannelBuzz.ca - The Orca technology is based on its ability to provide full stack visibility into an organization's complete cloud footprint,...
Sun, 16 Jun 2019 01:13:19 - #cybersecurity #security

Cybersecurity: These are the Internet of Things devices that are most targeted by hackers

Enterprise - ZDNet News - You may not believe your smart device is of interest to hackers - but it can provide a gateway that breaks your network wide open.
Sun, 16 Jun 2019 01:13:13 - #cybersecurity #iot #security

IoT security vs. privacy: Which is a bigger issue?

Enterprise - Network World News - If you follow the news surrounding the internet of things (IoT), you know that security issues have long been a key concern...
Sat, 15 Jun 2019 23:13:31 - #iot #security

Visa sends blockchain-based B2B payments network live

Enterprise - ZDNet News - Visa B2B Connect utilises open source Hyperledger Fabric framework from the Linux Foundation, in partnership with IBM.
Sat, 15 Jun 2019 23:13:30 - #ibm #blockchain #security

Wondering where that upcoming meeting with 'Cheap Viagra' came from? Spammers beat Gmail filters by abusing Google Calendar, Forms, Photos, Analytics...

Enterprise - The Register - Kaspersky fingers pro-G filters for letting cyber-muck through
Spammers are abusing the preferential treatment Google affords...
Sat, 15 Jun 2019 23:13:28 - #cybersecurity #security

Intel NUC Firmware Open to Privilege Escalation, DoS and Information Disclosure

Infosec - Threatpost - Intel has patched seven high-severity vulnerabilities in its mini PC NUC kit firmware.
Sat, 15 Jun 2019 22:13:37 - #security

Microsoft Patch Tuesday, June 2019 Edition

Infosec - Krebs on Security - Microsoft on Tuesday released updates to fix 88 security vulnerabilities in its Windows operating systems and related software....
Sat, 15 Jun 2019 22:13:36 - #microsoft #cybersecurity #security

Critical browser flaws among scores of bugs fixed in latest Patch Tuesday

Infosec - The Daily Swig - Fortunately, no vulnerabilities appear to have been exploited in the wild, says Microsoft
Sat, 15 Jun 2019 22:13:34 - #microsoft #security

FBI warns users to be wary of phishing sites abusing HTTPS

Infosec - Naked Security - Why you shouldn't trust a website simply because it's secured using HTTPS and backed by the green padlock symbol.
Sat, 15 Jun 2019 22:13:33 - #phishing #security

RAMBleed, a new Side-Channel Attack that allows stealing sensitive data

Infosec - Security Affairs - Security researchers disclosed the details of RAMBleed, a new type of side-channel attack on DRAM that can allow stealing...
Sat, 15 Jun 2019 22:13:32 - #drams #security

Microsoft Patch Tuesday security updates for June 2019 fix 88 flaws

Infosec - Security Affairs - Microsoft releases Patch Tuesday security updates for June 2019 that address 88 vulnerabilities in Windows OS and other products.
Sat, 15 Jun 2019 22:13:31 - #microsoft #ddos #security

YouTube Attacks to Watch Out For in 2019

Infosec - TripWire - The State of Security - YouTube, the world's top provider of streaming multimedia content, keeps reaching new heights in terms of...
Sat, 15 Jun 2019 22:13:30 - #tripwire #cybersecurity #security

Nozomi Networks-Sponsored SANs Survey Finds Industrial Organizations are Going All-In to Tackle Growing Threats to OT/ICS Cyber Security

Globe Newswire - Technology - Latest SANS ICS Survey reinforces 2019 is the year for ICS Cyber Security: Organizations are advancing their efforts and making...
Sat, 15 Jun 2019 21:38:51 - #cybersecurity #security

Ping Identity Simplifies and Strengthens Customer Data Protection

Business Wire - Ping Identity, the leader in Identity Defined Security, today announced updates to its data governance solution, PingDataGovernance, to better...
Sat, 15 Jun 2019 20:40:30 - #pingidentity #cybersecurity #security