Information Security Wire

Woodstock Wire: Information Security Wire

Report: Organizations not completely clear on what IT security incidents to report

Infosec - TripWire - The State of Security - Defining a data breach can be tough for a lot of organizations. However, since the introduction of the General...
Wed, 26 Jun 2019 14:39:22 - #tripwire #cybersecurity #security

Microsoft warns of attacks delivering FlawedAmmyy RAT directly in memory

Infosec - Security Affairs - Researchers at Microsoft uncovered a malicious campaign that delivers the infamous FlawedAmmyy RAT directly in memory.
Wed, 26 Jun 2019 14:39:21 - #microsoft #cybersecurity #security

Hackers have infiltrated more than a dozen global mobile carriers

Enterprise - Silicon Republic - Cybersecurity company Cyberreason has discovered a vast hacking operation in which threat actors infiltrated more than a dozen...
Wed, 26 Jun 2019 14:13:15 - #cybersecurity #security

Google beefs up Gmail security with new tools for admins

Enterprise - SiliconANGLE - Google LLC today strengthened G Suite with more security tools for Gmail. The new tools are designed for use by information technology...
Wed, 26 Jun 2019 14:13:12 - #cybersecurity #phishing #security

Sumo Logic Launches Powerful Global Threat Benchmarking Service for Amazon Web Services

Enterprise - DevOps.com - New Global Intelligence Service for Amazon GuardDuty to Deliver Real-Time Actionable Insights to Benchmark, Prioritize and Optimize...
Wed, 26 Jun 2019 12:40:45 - #cloud #aws #devops #sumologic #security

New Mac malware abuses recently disclosed Gatekeeper zero-day

Enterprise - ZDNet News - Researchers find new OSX/Linker malware abusing still-unpatched macOS Gatekeeper bypass.
Wed, 26 Jun 2019 12:14:27 - #cybersecurity #security

Cybersecurity staff burnout risks leaving organisations vulnerable to cyberattacks

Enterprise - ZDNet News - Survey of security professionals reveals that almost two thirds have considered leaving their jobs or the industry all together....
Wed, 26 Jun 2019 12:14:24 - #cybersecurity #security

7 steps to enhance IoT security

Enterprise - Network World News - One of the biggest concerns with the Internet of Things (IoT) is making sure networks, data, and devices are secure. IoT-related...
Wed, 26 Jun 2019 12:14:23 - #iot #security

What the cell...? Telcos around the world were so severely pwned, they didn't notice the hackers setting up VPN points

Enterprise - The Register - Revealed: Long-running espionage campaign targets phone carriers to snoop on VIPs' location, call records
Hackers infiltrated...
Wed, 26 Jun 2019 12:14:22 - #security

Hackers conduct prolonged cyber attack against phone network, says security firm

Tech - Digital Trends - A security company says a prolonged cyber attack against global phone networks, where hackers have apparently collected data...
Wed, 26 Jun 2019 11:40:46 - #cybersecurity #security

Amazon Web Services rolls out Control Tower and Security Hub, courting big business customers

Tech - GeekWire - Amazon Web Services CEO Andy Jassy introduces AWS Security Hub in November. It's now generally available after a preview period, along...
Tue, 25 Jun 2019 17:13:15 - #microsoft #rackspace #cloud #aws #godaddy #pagerduty #azure #googlecloud #splunk #security

Twistlock Releases Twistlock 19.07 with an enhanced enterprise manageability and configurability while continuing to leverage automation and learning

Globe Newswire - Twistlock, the leading provider of container and cloud-native security solutions, today announced the availability of Twistlock 19.07. This release...
Tue, 25 Jun 2019 15:40:23 - #firewall #serverless #security

Threat Stack Announces Microsoft Windows Server Support

Business Wire - Threat Stack, the leader in cloud security and compliance for infrastructure and applications, today announced it has expanded its host-level...
Tue, 25 Jun 2019 13:35:55 - #microsoft #security

It's Here - The 2019 Forrester Global Map Of Privacy Rights And Regulations

Think - Forrester Blogs - Security and risk leaders consistently rank compliance with global privacy regulations as one of their top three challenges....
Tue, 25 Jun 2019 13:13:20 - #security

Raspberry Pi Used in JPL Breach

Infosec - Dark Reading - NASA report shows exfiltration totaling more than 100 GB of information since 2009.
Tue, 25 Jun 2019 12:40:59 - #nasa #raspberrypi #security

Getting Started with Local Security Groups

Infosec - SecurityInnovation.com - For several months we have been profiling experienced security practitioners as well as those still getting...
Tue, 25 Jun 2019 12:40:58 - #cybersecurity #security

Free proxy service runs on top of Linux Ngioweb Botnet

Infosec - Security Affairs - Researchers from Netlab, discovered a website offering free and commercial proxy servers leveraging a huge botnet (Ngioweb)...
Tue, 25 Jun 2019 12:40:57 - #domains #cybersecurity #wordpress #botnet #security

4 security concerns for low-code and no-code development

Infosec - CSO Online - Low-code and no-code development promises to speed up the deployment of new applications and to allow non-technical users to create...
Tue, 25 Jun 2019 12:40:56 - #microsoft #salesforce #security

A Google Cloud Platform Primer with Security Fundamentals

Infosec - TripWire - The State of Security - We've previously discussed best practices for securing Microsoft Azure and Amazon Web Services, but this time...
Tue, 25 Jun 2019 12:40:55 - #microsoft #tripwire #cloud #aws #azure #googlecloud #security

Proofpoint Domain Fraud Report Finds Millions of New Fraudulent Domains; Over 90 Percent Remain Active

Enterprise - Proofpoint Blog -
Tue, 25 Jun 2019 12:13:33 - #proofpoint #security

EU-US Privacy Shield legal showdown now set for July 9

Tech - TechCrunch - A legal challenge to a data transfer mechanism that's used by thousands of companies to authorize taking European citizens' personal...
Tue, 25 Jun 2019 11:40:55 - #microsoft #security

Rapid7 Helps Security and DevOps Teams Identify Misconfigurations to Further Secure Cloud Environments

Globe Newswire - Technology - On the heels of earning Amazon Web Services Security Competency status, Rapid7 advances cloud security productivity with Cloud Configuration...
Tue, 25 Jun 2019 11:40:51 - #cloud #aws #devops #security

Chrome 'Has Become Surveillance Software. It's Time to Switch'

Slashdot - "You open your browser to look at the Web. Do you know who is looking back at you?" warns Washington Post technology columnist Geoffrey A. Fowler:

Over...
Tue, 25 Jun 2019 11:13:27 - #android #maker #security

Five reasons "hacking back" is a recipe for cybersecurity chaos

Think - MIT Technology Review - A new US bill would make it legal for private companies to chase hackers across the internet. It's a terrible idea that...
Tue, 25 Jun 2019 00:41:12 - #cybersecurity #security

Bird Miner, a macOS miner that runs by emulating Linux

Infosec - Security Affairs - Security experts at Malwarebytes have discovered a new macOS crypto miner, tracked as Bird Miner, that works by emulating...
Mon, 24 Jun 2019 21:40:23 - #cybersecurity #security

OpenSSH to protect keys in memory against side-channel attacks

Infosec - CSO Online - The OpenSSH project has received a patch that prevents private keys from being stolen through hardware vulnerabilities that allow...
Mon, 24 Jun 2019 21:40:22 - #cybersecurity #security

Credit Union Giant Desjardins suffered a massive data breach

Infosec - Security Affairs - Desjardins credit union announced a data breach that exposed personal banking information of 2.9 million customers.
Mon, 24 Jun 2019 21:40:21 - #cybersecurity #security

Today's Top Public Cloud Security Threats ...And How to Thwart Them

Infosec - Infosec Island - Many enterprises today have inadvertently exposed proprietary information by failing to properly secure data stored in public...
Mon, 24 Jun 2019 21:40:19 - #microsoft #cybersecurity #phishing #cloud #azure #iaas #aws #security

How Intelligent Context Mitigates the Challenge of Alert Triage

Infosec - Recorded Future - This is the second blog in a three-part series examining the impact of threat intelligence on security operations. In our first...
Mon, 24 Jun 2019 21:40:18 - #threatintelligence #cybersecurity #security

Patrolling the New Cybersecurity Perimeter

Infosec - Dark Reading - Remote work and other developments demand a shift to managing people rather than devices.
Mon, 24 Jun 2019 21:40:17 - #cybersecurity #security

Apply Military Strategy to Cybersecurity at Black Hat Trainings Virginia

Infosec - Dark Reading - This special October event in Alexandria, Virginia offers unique, practical courses in everything from data breach response to...
Mon, 24 Jun 2019 21:40:16 - #cybersecurity #security

Firefox 67.0.4 Released - Mozilla Patches Second 0-Day Flaw This Week

Infosec - The Hacker News - Okay, folks, it's time to update your Firefox web browser once again-yes, for the second time this week.

After patching a...
Mon, 24 Jun 2019 16:40:22 - #cybersecurity #security

Microsoft fixed CVE-2019-1105 flaw in Outlook for Android

Infosec - Security Affairs - Microsoft has addressed an important vulnerability (CVE-2019-1105) in Outlook for Android, potentially affected over 100 million...
Mon, 24 Jun 2019 16:40:21 - #microsoft #android #security

Another vulnerability found in Dell's security bloatware, users must update ASAP

Tech - Digital Trends - A serious security vulnerability in Dell's SupportAssist software has been disclosed by cybersecurity firm SafeBreach. Dell...
Mon, 24 Jun 2019 13:40:45 - #dell #cybersecurity #security

NASA hacked: 500 MB of mission data stolen through a Raspberry Pi computer

Tech - Digital Trends - NASA's Jet Propulsion Laboratory was hacked last year by an attacker who used a Raspberry Pi computer. The hacker took advantage...
Mon, 24 Jun 2019 13:13:29 - #nasa #raspberrypi #security

Tripwire's Vulnerability Management Solution Awarded 5-Star Review from SC Media

Business Wire - Vulnerability management solution Tripwire IP360 awarded top rating in SC Media review
Sun, 23 Jun 2019 21:40:14 - #tripwire #security

Zscaler Appoints James Cater as Vice President and General Manager of EMEA

Business Wire - Zscaler announces James Cater as Vice President and General Manager of EMEA.
Sun, 23 Jun 2019 21:40:13 - #zscaler #security

Important Flaw in Outlook App for Android Affects Over 100 Millions Users

Infosec - The Hacker News - Microsoft today released an updated version of its "Outlook for Android" that patches an important security vulnerability in...
Sun, 23 Jun 2019 20:13:25 - #microsoft #android #security

The Physical Security Intelligence Cycle

Infosec - Flashpoint - By Ian W. Gray - At first, the differences between cyber and physical security can seem stark. One is largely characterized by...
Sun, 23 Jun 2019 20:13:24 - #cybersecurity #phishing #security

More Than Half of Phishing Sites Now Use HTTPS

Infosec - The PhishLabs Blog - As Google Chrome and other web browsers further embrace HTTPS in a visual way, it's becoming a requirement that threat actors...
Sun, 23 Jun 2019 20:13:23 - #phishing #security

Dell quietly patched a security vulnerability that affected millions of users

Infosec - CyberScoop - Computing giant Dell released a security advisory Thursday encouraging customers to patch a software vulnerability the company says...
Sun, 23 Jun 2019 20:13:22 - #microsoft #dell #security

Out of the Blue: How Recorded Future Identified Rogue Cobalt Strike Servers

Infosec - Recorded Future - What Is Cobalt Strike?
It all began with cybersecurity professionals realizing that sometimes the best defense is a good offense....
Sun, 23 Jun 2019 19:40:10 - #cybersecurity #phishing #threatintelligence #security

A new website explains data breach risk

Infosec - CSO Online - Data breaches are so common that even a theft of a billion records of seriously confidential information barely makes the news....
Sun, 23 Jun 2019 19:40:09 - #cybersecurity #security

What is a Trojan horse? How this tricky malware works

Infosec - CSO Online - Trojan horse definition
A Trojan or Trojan horse is a variety of malware that disguises itself as something you want in order to...
Sun, 23 Jun 2019 19:40:08 - #cybersecurity #security

Azure Security Expert Series: Learn best practices and Customer Lockbox general availability

Enterprise - Microsoft Azure - With more computing environments moving to the cloud, the need for stronger cloud security has never been greater. But what...
Sun, 23 Jun 2019 19:40:03 - #microsoft #cybersecurity #iot #cloud #azure #hybridcloud #security

How to host and manage an entire private certificate infrastructure in AWS

Enterprise - Amazon AWS Blog - AWS Certificate Manager (ACM) Private Certificate Authority (CA) now offers the option for managing online root CAs and a full...
Sun, 23 Jun 2019 19:40:02 - #cloud #aws #openssl #security

Google Releases Open Source Cryptographic Tool

Media - PYMNTS.com - Google has released an open source cryptographic tool called Private Join and Compute that allows for different datasets to calculate...
Sun, 23 Jun 2019 18:13:51 - #cybersecurity #security

With GDPR's 'Right of Access,' Who Really Has Access?

Infosec - Dark Reading - How a security researcher learned organizations willingly hand over sensitive data with little to no identity verification.
Sun, 23 Jun 2019 17:13:26 - #gdpr #security

Kali Linux Roadmap (2019/2020)

Infosec - Kali Linux - Now that our 2019.2 release is out, we thought we would take this opportunity to cover some of the changes and new features we have...
Sun, 23 Jun 2019 17:13:25 - #android #security

US gov't warns against phishing emails posing as DHS cybersecurity alerts

Infosec - The Daily Swig - Crooks trick recipients with fake security awareness campaign
Sun, 23 Jun 2019 17:13:24 - #cybersecurity #phishing #security