Information Security Wire

Woodstock Wire: Information Security Wire

Navigating the AI hype in security: 3 dos and 2 don'ts

Infosec - CSO Online - I've been needling the artificial intelligence (AI) hype bubble since 2015 when, after managing a CalTech research grant, I saw...
Fri, 19 Apr 2019 13:13:15 - #ai #security

Broadcom WiFi Driver bugs expose devices to hack

Infosec - Security Affairs - Experts warn of security flaws in the Broadcom WiFi chipset drivers that could allow potential attackers to remotely execute...
Fri, 19 Apr 2019 12:42:32 - #dell #ddos #iot #security

Small businesses remain a rich target for ransomware criminals

Infosec - Barracuda - Cybercrime continues to evolve and new threats appear on a regular basis, but the most effective attacks never go away. While spear...
Fri, 19 Apr 2019 12:42:31 - #ibm #cybersecurity #phishing #security

6 Takeaways from Ransomware Attacks in Q1

Infosec - Dark Reading - Customized, targeted ransomware attacks were all the rage.
Fri, 19 Apr 2019 12:42:30 - #cybersecurity #security

The cybersecurity helpline protecting citizens from digital attacks

Infosec - The Daily Swig - Access Now offers 24/7 advice to victims of cybercrime
Fri, 19 Apr 2019 12:42:28 - #cybersecurity #security

Phishing Trends and Intelligence Report

Infosec - PhishLabs - This year's report focuses on the growing social engineering threat.

Regardless of advancements in technology, social engineering...
Fri, 19 Apr 2019 12:42:27 - #phishing #cybersecurity #security

Without Targeted Threat Intelligence, Vulnerability Management Teams Face an Uphill Challenge (Part 2)

Infosec - Recorded Future - In the first of this three-part series, we examined the current state of vulnerability management, which evidence suggests...
Fri, 19 Apr 2019 12:42:26 - #cybersecurity #threatintelligence #security

Azure resources to assess risk and compliance

Enterprise - Microsoft Azure - This blog post was co-authored by Lucy Raikova, Senior Program Manager, Azure Global - Financial Services.

It is vital for...
Fri, 19 Apr 2019 12:42:23 - #microsoft #datacenter #devops #cybersecurity #cloud #azure #ai #threatprotection #security

U.S. Congress Finally Gets Some Good Ideas About IoT Security

Electronics - IEEE Spectrum - U.S. Congress Finally Gets Some Good Ideas About IoT security

In 2016, attacks such as the...
Fri, 19 Apr 2019 12:42:06 - #cybersecurity #iot #mirai #botnet #security

Someone hacked The Weather Channel

Tech - BGR - We live in an age where companies suffer data breaches and hacks of various types on a disturbingly regular basis. Credit card companies,...
Fri, 19 Apr 2019 12:41:58 - #cybersecurity #security

Help wanted: security pros looking to jump-start careers

Business Wire - Infosec and CompTIA are now accepting applications for four cybersecurity scholarships - wanting to impact the cyber workforce gap.
Thu, 18 Apr 2019 17:13:25 - #cybersecurity #security

The first DDoS attack was 20 years ago. This is what we've learned since.

Think - MIT Technology Review - On the 20th anniversary of the first distributed denial of service attack, cybersecurity experts say the internet must...
Thu, 18 Apr 2019 17:13:18 - #cybersecurity #ddos #security

The cybersecurity helpline protecting citizens from nation-state attacks

Infosec - The Daily Swig - Access Now offers 24/7 advice to victims of cybercrime
Thu, 18 Apr 2019 16:42:50 - #cybersecurity #security

Ransomware Attack Targeted Data Intelligence Firm Verint

Infosec - TripWire - The State of Security - Bad actors used a ransomware attack to target the Israeli offices of the customer engagement and digital intelligence...
Thu, 18 Apr 2019 16:42:49 - #tripwire #cybersecurity #security

How to stop infosec pros from speaking geek to management

Enterprise - IT World Canada - At a cyber risk conference experts advise CISOs on how to talk to non-IT people and get the money they want
Thu, 18 Apr 2019 16:42:47 - #cybersecurity #security

Don't Acquire a Company Until You Evaluate Its Data Security

Think - HBR.org - Beware the "data lemon."
Thu, 18 Apr 2019 15:43:20 - #cybersecurity #security

Establishing Information Security in Project Management

Infosec - TripWire - The State of Security - A person recently asked me if it was possible to implement ISO 27001 using a specific project management software...
Thu, 18 Apr 2019 14:41:15 - #tripwire #cybersecurity #security

Ongoing state-sponsored DNS hijacking campaign has compromised 40 entities

Infosec - CyberScoop - Hackers backed by a nation-state have successfully hijacked Domain Name System records to steal credentials from approximately 40...
Thu, 18 Apr 2019 14:41:14 - #cisco #cybersecurity #fireeye #threatintelligence #security

Automating Threat Intelligence Actions With Splunk Phantom Playbooks

Infosec - Recorded Future - Splunk Phantom helps security professionals work smarter, respond faster, and strengthen their defenses through automation...
Thu, 18 Apr 2019 14:13:22 - #cybersecurity #phishing #firewall #splunk #threatintelligence #security

Ad blocker firms rush to fix security bug

Infosec - Naked Security - If you're using an ad blocker to filter out online commercials, then beware: You might be vulnerable to a new attack revealed...
Thu, 18 Apr 2019 14:13:20 - #security

Adblock Plus filter can be exploited to execute arbitrary code in web pages

Infosec - Security Affairs - Expert discovered an exploit that could allow ad blocking filter list maintainers for the Adblock Plus, AdBlock, and uBlocker...
Thu, 18 Apr 2019 14:13:19 - #security

How OneLogin responded to its breach and regained customer trust

Infosec - CSO Online - Data breaches have become ubiquitous in today's businesses. In a world where companies of all shapes and sizes can become cyber...
Thu, 18 Apr 2019 14:13:18 - #cybersecurity #security

CVE-2019-0803 Windows flaw exploited to deliver PowerShell Backdoor

Infosec - Security Affairs - A recently fixed local privilege escalation flaw in windows (CVE-2019-0803) had been exploited by bad actors to deliver PowerShell...
Thu, 18 Apr 2019 14:13:17 - #microsoft #64bit #cybersecurity #security

Experts: Breach at IT Outsourcing Giant Wipro

Infosec - Krebs on Security - Indian information technology (IT) outsourcing and consulting giant Wipro Ltd. [NYSE:WIT] is investigating reports that its...
Thu, 18 Apr 2019 14:13:15 - #phishing #security

5 Steps for Reducing Risk From Leaked Credentials

Infosec - Recorded Future - Leaked credential dumps make the news every month. Each credential leak seems to be larger than the last one, which means your...
Thu, 18 Apr 2019 14:13:14 - #supplychain #cybersecurity #threatintelligence #security

Authentication Bypass Bug Hits Top Enterprise VPNs

Infosec - Threatpost - Business users of Cisco, F5 Networks, Palo Alto Networks and Pulse Secure platforms are impacted, according the U.S. government.
Thu, 18 Apr 2019 14:13:13 - #cisco #paloaltonetworks #security

The Single Cybersecurity Question Every CISO Should Ask

Infosec - Dark Reading - The answer can lead to a scalable enterprise security solution for 2019 and beyond.
Thu, 18 Apr 2019 14:13:12 - #cybersecurity #security

A new DDoS technique abuses HTML5 Hyperlink Audit Ping in massive attacks

Infosec - Security Affairs - Experts at Imperva discovered a new type of large-scale DDoS attack that abuses the HTML5 Ping-based hyperlink auditing feature....
Thu, 18 Apr 2019 13:42:51 - #ddos #imperva #security

Microsoft email breach gave hackers access to account information for months

Infosec - CyberScoop - Microsoft has experienced a data breach involving attackers leveraging a customer support account to access customers' email information,...
Thu, 18 Apr 2019 13:42:50 - #microsoft #cybersecurity #security

You're fired: Network-driven security does it better for distributed IT

Enterprise - SiliconANGLE - For many companies, the days of locking data behind monolithic cybersecurity walls are gone. Distributed computing systems and...
Thu, 18 Apr 2019 13:42:45 - #cybersecurity #iot #security

Basic hygiene still central to cyber security, infosec pros told

Enterprise - IT World Canada - At the ICRMC conference two CSOs offer advice on doing the basics, speaking to boards and artificial intelligence
Thu, 18 Apr 2019 13:42:40 - #cybersecurity #security

Oracle security warning: Customers told to patch ASAP to swat 297 bugs

Enterprise - ZDNet News - Update addresses multiple flaws that can be remotely exploited without user credentials.
Thu, 18 Apr 2019 13:42:39 - #oracle #security

Machine Learning powered detections with Kusto query language in Azure Sentinel

Enterprise - Microsoft Azure - This post is co-authored by Tim Burrell, Principal Security Engineering Manager and Dotan Patrich, Principal Software Engineer....
Thu, 18 Apr 2019 13:13:09 - #microsoft #cybersecurity #cloud #azure #firewall #machinelearning #security

Focus on Security - Best Practices for IT Pros

Enterprise - The ChannelPro Network - The cybersecurity threat landscape has never been larger with the continued rise of online business and cloud computing....
Thu, 18 Apr 2019 12:41:53 - #cybersecurity #iot #machinelearning #security

Hackers unleashed 40 million cyberattacks on Ecuador after Julian Assange's arrest

Tech - BGR - Julian Assange's arrest at the end of last week by British officials who finally snatched him at the London embassy in Ecuador where he'd...
Thu, 18 Apr 2019 12:13:23 - #cybersecurity #security

Presidential candidate John Delaney wants to create a Department of Cybersecurity

Tech - The Verge - On Tuesday, former Maryland representative and 2020 presidential candidate John Delaney announced a plan to create an independent...
Thu, 18 Apr 2019 11:42:18 - #cybersecurity #security

Check Point Software Technologies Reports 2019 First Quarter financial Results

Globe Newswire - Check Point(r) Software Technologies Ltd. (NASDAQ: CHKP), today announced its financial results for the first quarter ended March 31, 2019.
Thu, 18 Apr 2019 11:42:04 - #security

Just a little FYI: Filtering doodad in Adblock Plus opens door to third-party malware injection

Enterprise - The Register - Third-party providers of content filter rules could stiff netizens
A feature introduced last year in Adblock Plus and a few other...
Tue, 16 Apr 2019 14:06:37 - #cybersecurity #security

Microsoft admits hackers infiltrated Outlook, MSN and Hotmail accounts

Enterprise - Silicon Republic - Microsoft has confirmed that a group of hackers accessed MSN, Hotmail and Outlook accounts by compromising a customer support...
Tue, 16 Apr 2019 13:41:46 - #microsoft #cybersecurity #phishing #verizon #security

Criminals Turn Attention to Microsoft Office Vulnerabilities

Enterprise - Channelnomics - Criminals Turn Attention to Microsoft Office Vulnerabilities

Research from Kapsersky Lab shows 70% of attacks now...
Tue, 16 Apr 2019 13:41:42 - #microsoft #android #cybersecurity #security

Cyber security: This giant wargame is preparing for the next big election hack

Enterprise - ZDNet News - Power grids and water supplies under attack in fictional scenario as attackers meddle with elections in a small country.
Tue, 16 Apr 2019 13:41:38 - #cybersecurity #security

Scranos, a new rootkit malware, steals passwords and pushes YouTube clicks

Tech - TechCrunch - Security researchers have discovered an unusual new malware that steals user passwords and account payment methods stored in a victim's...
Tue, 16 Apr 2019 12:13:24 - #android #baidu #cybersecurity #phishing #botnet #security

Microsoft admits Outlook.com hackers were able to access emails

Tech - The Verge - Microsoft has admitted that its Outlook.com security breach was worse than the company initially revealed. The software maker started...
Tue, 16 Apr 2019 11:41:13 - #microsoft #maker #security

How to improve container security

Infosec - CSO Online - Gartner has named container security one of its top ten concerns for this year, so it might be time to take a closer look at this...
Mon, 15 Apr 2019 12:13:56 - #security

Apache Tomcat Patches Important Remote Code Execution Flaw

Infosec - The Hacker News - The Apache Software Foundation (ASF) has released new versions of its Tomcat application server to address an important security...
Mon, 15 Apr 2019 12:13:55 - #security

Why Cyber Security is Key to Enterprise Risk Management for all Organizations

Infosec - TripWire - The State of Security - Large organizations have always focused on managing risk, but the technological breakthroughs that have enhanced...
Mon, 15 Apr 2019 12:13:54 - #tripwire #cybersecurity #security

Google, Hyperledger launch online identity management tools

Enterprise - Computerworld - In two separate announcements last week, Google and Linux's Hyperledger project launched tools aimed at enabling secure identity...
Mon, 15 Apr 2019 12:13:53 - #blockchain #security

Kaspersky: 70 percent of attacks now target Office vulnerabilities

Enterprise - ZDNet News - That's more than four times the percentage the company was seeing two years before, in Q4 2016.
Mon, 15 Apr 2019 12:13:49 - #cybersecurity #security

Hackers gain access to Microsoft email accounts for nearly three months

Enterprise - SiliconANGLE - An unknown number of Microsoft Corp. email account users, including those using Outlook and Hotmail, may have had details of...
Mon, 15 Apr 2019 12:13:47 - #microsoft #security

Big Companies Thought Insurance Covered a Cyberattack. They May Be Wrong.

Tech - NY Times Technology - Citing a rarely used 'war exemption,' insurers say they aren't responsible for the 2017 NotPetya attack.
Mon, 15 Apr 2019 12:13:41 - #security