Woodstock Wire: Enterprise Security News

October 16, 2019

Elastic adds endpoint security to its expanding toolset

Tech -- TechCrunch - Elastic acquired Endgame Security in June for $234 million, and as a result of that deal, today the company announced Elastic Endpoint...

October 16, 2019 03:59 PM

October 15, 2019

Elastic Introduces Elastic Endpoint Security

Business Wire -- Elastic N.V. (NYSE: ESTC), the company behind Elasticsearch and the Elastic Stack, today announced the introduction of Elastic Endpoint Security,...

October 15, 2019 06:18 PM

Clean IT Up: Cyber Hygiene Controls Tips

Infosec -- TripWire - The State of Security - October is national cybersecurity awareness month, and with the recent hacks at Door Dash, the discovery of...

October 15, 2019 05:30 PM

Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks

Infosec -- The Hacker News - In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of...

October 15, 2019 05:29 PM

Private Cloud vs Public Cloud Security Challenges

Infosec -- TripWire - The State of Security - As a system administrator during the early days of the "cloud revolution" I found the "cloud" metaphor an...

October 15, 2019 04:04 PM

Tamper Protection Arrives for Microsoft Defender ATP

Infosec -- Dark Reading - The feature, designed to block unauthorized changes to security features, is now generally available.

October 15, 2019 04:04 PM

Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

Infosec -- The Hacker News - Attention Linux Users!



A vulnerability has been discovered in Sudo-one of the most important, powerful, and commonly used...

October 15, 2019 04:03 PM

Europol: Ransomware remains top threat in IOCTA report

Infosec -- Malwarebytes Unpacked - The European Union Agency for Law Enforcement Cooperation, or Europol, just released its annual Internet Organized Crime...

October 15, 2019 04:03 PM

Firefox vulnerable to trivial CSP bypass

Infosec -- The Daily Swig - Exploit allows potentially malicious content to bypass browser's defenses

October 15, 2019 04:02 PM

Cybersecurity becoming bigger IT recruitment factor

Infosec -- Barracuda - At a time when most businesses are finding it difficult to hire and retain IT professionals, business leaders may want to consider...

October 15, 2019 04:02 PM

Millions of computers at risk as Windows 7 nears end of life

Infosec -- The Daily Swig - Users and sysadmins have just three months to upgrade

October 15, 2019 04:02 PM

More than 30 Security Vulnerabilities Surfaced and $33,750 awarded to Hackers in Eighth Department of Defense Bug Bounty Program with HackerOne

Business Wire -- Through partnership with the Defense Digital Service, the U.S. Department of Defense (DoD) and HackerOne today announced the results of the Department's...

October 15, 2019 03:46 PM

SAIC Presents 10 Veterans With CyberWarrior Scholarships to Enhance Their Cybersecurity Careers

Business Wire -- Science Applications International Corp. (NYSE: SAIC) has selected 10 veteran recipients for its CyberWarrior(tm) Scholarship. In collaboration...

October 15, 2019 03:45 PM

Malware Attack Knocks Pitney Bowes' Systems Offline

Media -- PYMNTS.com - Shipping and technology behemoth Pitney Bowes is the latest in a string of high-profile companies to be hit in a cyberattack.

TechCrunch...

October 15, 2019 03:10 PM

October 14, 2019

4 no-brainer online security measures we need to start practicing now

Think -- Big Think - NoneThe sheer number of massive data breaches and known security vulnerabilities online today should be enough to scare us into better...

October 14, 2019 04:22 PM

Equifax data breach FAQ: What happened, who was affected, what was the impact?

Infosec -- CSO Online - In March 2017, personally identifying data of hundreds of millions of people was stolen from Equifax, one of the credit reporting...

October 14, 2019 04:00 PM

Imperva explains how hackers stole AWS API Key and accessed to customer data

Infosec -- Security Affairs - Imperva shared details on the incident it has recently suffered and how hackers obtain data on Cloud Web Application Firewall...

October 14, 2019 03:59 PM

Climbing the Vulnerability Management Mountain: Reaching Maturity Level 1

Infosec -- TripWire - The State of Security - The time at ML:0 can be eye-opening form many organizations. There are generally a lot of assets discovered...

October 14, 2019 03:38 PM

Chinese communist party's app is reportedly spying on its 100M users

Media -- The Next Web - A report from the German cybersecurity firm Cure53 suggests the Chinese communist party's app, Study the Great Nation, has 'superuser'...

October 14, 2019 03:27 PM

FIN7 Hackers group is back with a new loader and a new RAT

Infosec -- Security Affairs - FireEye Mandiant discovered that the FIN7 hacking group added new tools to its cyber arsenal, including a module to target...

October 14, 2019 02:13 AM

SIM cards used in 29 countries are vulnerable to Simjacker attack

Infosec -- Security Affairs - Security researchers at Adaptive Mobile who discovered the SimJacker issue have published the list of countries where mobile...

October 14, 2019 02:12 AM

7 SMB Security Tips That Will Keep Your Company Safe

Infosec -- Dark Reading - With National Cybersecurity Awareness Month as a backdrop, industry leaders weigh in on how SMBs can more effectively protect...

October 14, 2019 02:11 AM

Imperva: Data Breach Caused by Cloud Misconfiguration

Infosec -- Threatpost - Hackers were able to steal an AWS administrative API key housed in a compute instance left exposed to the public internet.

October 14, 2019 02:11 AM

Build Your Cybersecurity Toolkit at Black Hat Europe in December

Infosec -- Dark Reading - Now's the time to start planning what to see and do at Black Hat Europe, which is jam-packed with relevant Briefings and Arsenal...

October 14, 2019 02:10 AM

Creative Wi-Fi Passwords

Infosec -- Dark Reading - Let's see a hacker figure out one of these.

October 14, 2019 02:09 AM

Why are cyber insurers incentivizing clients to invest in specific vendors?

Infosec -- CyberScoop - The cyber insurance industry is taking baby steps away from a long and messy infancy. For the hundreds of companies that offer policies,...

October 14, 2019 02:09 AM

Top cybersecurity certifications to consider for your IT career

Infosec -- Security Affairs - With the right cybersecurity certifications, you can attain your goals seamlessly and in a fast way and speed up your career.

October 14, 2019 02:08 AM

Imperva releases post-mortem over August data breach

Infosec -- The Daily Swig - 'Now, more than ever, we commit to our vision, where data and applications are kept safe'

October 14, 2019 02:07 AM

UNIX Co-Founder Ken Thompson's BSD Password Has Finally Been Cracked

Infosec -- The Hacker News - A 39-year-old login password of Ken Thompson, the co-creator of the UNIX operating system among, has finally been cracked that...

October 14, 2019 02:07 AM

Hacking Is Not a Crime! Additional Thoughts from DEFCON 2019

Infosec -- TripWire - The State of Security - In my previous post, I spoke about all of the different DEFCON villages where attendees can learn about and...

October 14, 2019 02:07 AM

Imperva Details Response to Customer Database Exposure

Infosec -- Dark Reading - The cloud security's CEO and CTO lay out the timeline of events and the steps customers should take to protect their accounts.

October 14, 2019 02:06 AM

Introducing Okta DynamicScale: Accelerating Digital Transformation for Global Businesses

Infosec -- Okta Blog - Today at Okta's inaugural Showcase event, we're proud to announce the launch of Okta DynamicScale, a high-capacity customer identity...

October 14, 2019 02:05 AM

Akamai Snaps Up ChameleonX to Tackle Magecart

Infosec -- Dark Reading - The Israel-based ChameleonX aims to protect websites from cyberattacks targeting payment data.

October 14, 2019 02:04 AM

Works of Art: Cybersecurity Inspires 6 Winning Ideas

Infosec -- Dark Reading - The Center for Long Term Cybersecurity recently awarded grants to six artists in a contest to come up with ideas for works with...

October 14, 2019 02:04 AM

New Reductor Nation-State Malware Compromises TLS

Infosec -- Schneier on Security - Kaspersky has a detailed blog post about a new piece of sophisticated malware that it's calling Reductor. The malware...

October 14, 2019 02:03 AM

Cyber insurance: here to stay, whether we like it or not

Infosec -- Malwarebytes Unpacked - Cyber insurance has been a big talking point in infosec circles for many months now. We've mentioned it in passing ourselves...

October 14, 2019 02:03 AM

Identity & Access Management: The Cornerstone of Enterprise Security

Infosec -- The Identity Quotient Blog - Privileged Access Management (PAM) is a sub-discipline within the identity governance framework. PAM can be implemented...

October 14, 2019 02:02 AM

Critical Security Vulnerability Disclosed in iTerm2 App

Infosec -- TripWire - The State of Security - A critical vulnerability has been discovered in the popular iTerm2 application, an open source terminal emulator...

October 14, 2019 02:02 AM

SAP October 2019 Security Patch Day fixes 2 critical flaws

Infosec -- Security Affairs - SAP addressed two critical vulnerabilities (Hot News) as part of the October 2019 Security Patch Day.

October 14, 2019 01:26 AM

20 DevSecOps Pros Reveal the Most Important Considerations in Building a DevSecOps Pipeline

Infosec -- Threat Stack - In a recent Threat Stack report, 44 percent of DevOps professionals we surveyed said that when it comes to security-related issues,...

October 14, 2019 01:25 AM

3 actions to take during cybersecurity awareness month

Infosec -- CSO Online - Are you aware that October is national cybersecurity awareness month? If you aren't, you're not alone. There's lots of cybersecurity...

October 14, 2019 01:25 AM

FIN6 Compromised E-commerce Platform via Magecart to Inject Credit Card Skimmers Into Thousands of Online Shops

Infosec -- TrendLabs Security Intelligence Blog - We discovered that the online credit card skimming attack known as Magecart or E-Skimming was actively...

October 14, 2019 01:24 AM

Multiple APT groups are exploiting VPN vulnerabilities, NSA warns

Infosec -- Security Affairs - NSA is warning of multiple state-sponsored cyberespionage groups exploiting enterprise VPN Flaws

October 14, 2019 01:22 AM

Centralized Access Management Needs to Be Secure and Selective

Infosec -- Okta Blog - Give a kid free reign in a candy shop, and you know what will happen. They won't fill their bag with gummy bears alone-they'll go...

October 14, 2019 01:22 AM

Bad News From the EU: High Court Blesses Global Takedown Order

Infosec -- EFF Deeplinks - The European Union seems to fallen in love with the idea of requiring service providers to edit the Internet, with predictable...

October 14, 2019 01:21 AM

How to protect against stalkerware, a murky but dangerous mobile threat

Infosec -- Malwarebytes Unpacked - Last week, we pledged that-in honor of National Cybersecurity Awareness and Domestic Violence Awareness months-we would...

October 14, 2019 01:20 AM

The Value of Dark Web Coverage for Third-Party Risk Management

Infosec -- Recorded Future - Everyone knows that a key ingredient to an effective third-party risk program is comprehensive, high-quality risk information....

October 14, 2019 01:19 AM

How concerned are you about the privacy challenges of your IoT devices?

Infosec -- WeLiveSecurity - An ESET survey of thousands of people in North America provides a peek into how they perceive the privacy and security of their...

October 14, 2019 01:19 AM

October 13, 2019

Experts Gather to Discuss Cybersecurity and Fraud during National Cyber Security Awareness Month

Business Wire -- iconectiv's Chief Information Security Officer, Michael Iwanoff, will be speaking at the 2019 Private Equity International Operating Partners...

October 13, 2019 11:53 PM

California's Privacy Act: What you need to know now

Tech -- TechCrunch - This week California's attorney general, Xavier Becerra, published draft guidance for enforcing the state's landmark privacy legislation.

The...

October 13, 2019 11:48 PM