Woodstock Wire: Enterprise Security News

September 24, 2017

Surviving Ransomware by keeping things simple

Infosec -- Salted Hash - DERBYCON - Ransomware is a topic everyone knows about, but unless you've experienced a Ransomware attack, it's hard to really describe...

September 24, 2017 03:13 AM

Google released a Chrome 61 update that patches 2 High-Risk Flaws

Infosec -- Security Affairs - Google has just released an updated version of Chrome 61, version 61.0.3163.100, that addresses 3 security flaws, two of which...

September 24, 2017 03:12 AM

A Guide to Common Types of Two-Factor Authentication on the Web

Infosec -- EFF Deeplinks - Two-factor authentication (or 2FA) is one of the biggest-bang-for-your-buck ways to improve the security of your online accounts....

September 24, 2017 03:12 AM

'Confidential' Verizon credentials, server logs left publicly exposed

Infosec -- CyberScoop - Stop us if you've heard this before: Sensitive data was left publicly exposed on an Amazon Web Services S3 storage server owned...

September 24, 2017 03:11 AM

"WAF Prevents Massive Data Breach at Equifax"... The headline that could have been, but wasn't...

Infosec -- Barracuda - The entire Equifax saga is quite popcorn worthy in a way, with the daily revelations of new events and actions. That is, if you aren't...

September 24, 2017 03:11 AM

Ransomware Attacks Have Entered the Realm of the Insidious and Vile

Infosec -- Barracuda - Ransomware attacks have taken an especially nasty turn in the last week. An individual or group of people going by the pseudonym...

September 24, 2017 03:11 AM

Linux Trojan Using Hacked IoT Devices to Send Spam Emails

Infosec -- The Hacker News - Botnets, like Mirai, that are capable of infecting Linux-based internet-of-things (IoT) devices are constantly increasing and...

September 24, 2017 03:10 AM

Samba Update Patches Two SMB-Related MiTM Bugs

Infosec -- Threatpost - Samba released three security updates, including two related to SMB connections that could be abused by an attacker already on the...

September 24, 2017 03:10 AM

OptionsBleed - The Apache HTTP Server Now Bleeds

Infosec -- TrendLabs Security Intelligence Blog - A new vulnerability in the Apache HTTP server was found recently. Designated as CVE-2017-9798, this vulnerability...

September 24, 2017 03:09 AM

GDPR is coming: Is it a costly burden or marketing opportunity?

Enterprise -- SiliconANGLE - The financial penalties for non-compliance are significant. The requirement to know where all data is kept and be able to delete...

September 24, 2017 12:24 AM

Five ideas to build a better IT security strategy in the enterprise

Enterprise -- ZDNet Blogs - Struggling to get the boss to take security seriously? Here are some pointers that can help the board get on-board.

September 24, 2017 12:21 AM

September 22, 2017

Cyber Professionals to Face-off in Panoply Capture the Cyber Flag Competition at (ISC)2 Security Congress

PR Newswire: Business Technology -- (ISC)2 today announced that Panoply, the network assessment and network defense competition, will take place during the 2017 (ISC)2 Security...

September 22, 2017 06:03 PM

Thales Joins the Microsoft Enterprise Cloud Alliance

PR Newswire: Business Technology -- Thales, a leader in critical information systems, cybersecurity and data security, is now a member of the Microsoft Enterprise Cloud Alliance...

September 22, 2017 05:58 PM

Cybersecurity Leaders Set to Converge during National Cybersecurity Awareness Month at the 2017 CyberMaryland Conference

PR Newswire: Business Technology -- The state of Maryland is the center of cybersecurity activities for the federal government and is once again bringing together those across the...

September 22, 2017 05:53 PM

Convergence of IoT Applications Can Untangle Cybersecurity Challenges, says Frost & Sullivan

PR Newswire: Business Technology -- The convergence of Internet of Things (IoT) applications with emerging technologies such as artificial intelligence (AI), Big Data, and context-aware...

September 22, 2017 05:48 PM

TrustArc Launches GDPR Privacy Workshop Series

PR Newswire: High Tech Security -- TrustArc, the data privacy management company, today announced its new GDPR Privacy Workshop series, scheduled to take place in 25+ major cities...

September 22, 2017 05:46 PM

SANS Miami Security Training Event to Help InfoSec Professionals Better Prepare for Cyber Attacks and Data Breaches

PR Newswire: High Tech Security -- SANS Institute, the global leader in information security training, today announced SANS Miami 2017 taking place November 6 - 11. SANS Miami...

September 22, 2017 05:46 PM

SANS Announces its Return to San Francisco for Winter Security Training Event

PR Newswire: High Tech Security -- SANS Institute, the global leader in information security training, today announced its return to San Francisco November 27 - December 2. SANS...

September 22, 2017 05:46 PM

PKWARE Brings Persistent Encryption to Turnkey Key Management with Smartcrypt Appliances

PR Newswire: High Tech Security -- PKWARE, a global leader in data security, today announced the launch of four virtual and hardware key management appliances. The appliances will...

September 22, 2017 05:44 PM

SaltDNA Announces Secure Calls from Desktop App

PR Newswire: High Tech Security -- SaltDNA, a Cybersecurity 500 company and the leader in secure mobile communications for the enterprise, is delighted to announce the extension...

September 22, 2017 05:44 PM

Tripwire Study: Most Organizations Worried Technical Skills Gap Will Leave Them Exposed to Security Vulnerabilities

Business Wire: Hardware -- Tripwire releases new study that looked at the state of technical skills in cybersecurity.

September 22, 2017 05:18 PM

Neustar WAF Helps Organizations Combat Growing Application Layer Threats

Business Wire: Software -- Neustar, Inc., a trusted, neutral provider of real-time information services, today introduced its new Web Application Firewall (WAF)....

September 22, 2017 05:11 PM

SonicWall Named CyberSecurity Company of the Year

Business Wire: Software -- SonicWall has been selected as winner of the Overall CyberSecurity Company of the Year award from The CyberSecurity Breakthrough Awards.

September 22, 2017 05:10 PM

High-Tech Bridge Enhances Discovery Capacities of Its Phishing Detection Service

Business Wire: Software -- High-Tech Bridge, a web security company and a global provider of application security testing services, is pleased to announce...

September 22, 2017 05:08 PM

A Web Dev's checklist for maintaining page speed

Web Marketing -- Portent Blog - It's obvious to say that all websites need upkeep, but often times they are left as "good enough." Collecting dust, attracting...

September 22, 2017 04:48 PM

6 DoS attacks that made headlines

Infosec -- CSO Online - DDoS attacks in the newsImage by ThinkstockDenial-of-service (DoS) attacks have been part of the arsenal of cyberattackers for about...

September 22, 2017 04:45 PM

a-PATCH-e: Struts Vulnerabilities Run Rampant

Infosec -- TrendLabs Security Intelligence Blog - by Steve Povolny

Equifax confirmed the attack vector used in its data breach to be CVE-2017-5638, a vulnerability...

September 22, 2017 04:43 PM

Rudy Giuliani has had virtually no input on U.S. cybersecurity policy

Infosec -- CyberScoop - Eight months ago, Rudy Giuliani was named a top adviser to President Donald Trump on cybersecurity matters. Yet, former and current...

September 22, 2017 04:43 PM

Why Size Doesn't Matter in DDoS Attacks

Infosec -- Dark Reading - Companies both large and small are targets. Never think "I'm not big enough for a hacker's attention."

September 22, 2017 04:42 PM

Disable Apple's "Find My Device" to Stop Hackers From Ransoming Your Mac or iPhone [Updated]

Life -- Lifehacker - Hackers are using Apple's "Find My" service to remotely hold devices for ransom, reports MacRumors. Multiple people have tweeted...

September 22, 2017 04:31 PM

Hackers use stolen data from SEC for insider trading: Here's what it means

Enterprise -- SiliconANGLE - The U.S. Securities and Exchange Commission disclosed Wednesday that its internal systems had been compromised with hackers using...

September 22, 2017 03:49 PM

Bigger than WannaCry: A giant cyber attack will happen unless we rethink security, says GCHQ

Enterprise -- ZDNet News - A huge attack which makes WannaCry look like small fry will occur in the not to distant future - unless something changes.

September 22, 2017 03:39 PM

SEC Reveals Data Breach Caused By Software Application Vulnerability

Enterprise -- CRN - The event is the second major security data breach revealed this month that leveraged an application vulnerability to gain access to critical...

September 22, 2017 03:34 PM

Cybersecurity Becomes a Career Choice

Enterprise -- Information Week - Young people can't ignore the news. Data breaches are everywhere and they're beginning to realize that it's up to them to...

September 22, 2017 03:32 PM

Google offers zero-touch enrollment to simplify enterprise Android deployments

Enterprise -- SiliconANGLE - Google Inc. wants to help enterprise information technology administrators roll out its Android mobile platform in a more secure...

September 22, 2017 03:30 PM

September 21, 2017

Before the breach, Equifax sought to limit exposure to lawsuits

Denver Post -- Before Equifax discovered a massive computer breach that exposed sensitive information about millions of Americans, the company lobbied Congress...

September 21, 2017 05:19 PM

Equifax Breach: Setting the Record Straight

Infosec -- Krebs on Security - Bloomberg published a story this week citing three unnamed sources who told the publication that Equifax experienced a breach...

September 21, 2017 04:48 PM

The Apache "Optionsbleed" security hole explained [VIDEO]

Infosec -- Naked Security - If you're looking for a non-techie, plain English, verbal explanation of the Apache "Optionsbleed" security bug, watch this!

September 21, 2017 04:47 PM

Optionsbleed vulnerability can cause Apache servers to leak memory data

Infosec -- Security Affairs - The vulnerability Optionsbleed in Apache HTTP Server that can cause certain systems to leak potentially sensitive data in...

September 21, 2017 04:46 PM

Deep-Learning PassGAN Tool Improve Password Guessing

Infosec -- Threatpost - A deep-learning network known as a GAN has been applied to passwords, and a tool called PassGAN significantly improves the ability...

September 21, 2017 04:46 PM

Get Serious about IoT Security

Infosec -- Dark Reading - These four best practices will help safeguard your organization in the Internet of Things.

September 21, 2017 04:45 PM

Cyberattacks cost US enterprises $1.3 million on average in 2017

Infosec -- CSO Online - In 2017, the average cost of a data breach in North America is $1.3 million for enterprises and $117 million for small and medium-sized...

September 21, 2017 04:45 PM

Identity management firm SecureAuth acquired for $225 million, will merge with Core Security

Infosec -- CyberScoop - California-based identity management company SecureAuth was acquired for $225 million by K1 Investment Management, the company announced...

September 21, 2017 04:45 PM

10 Hot Cybersecurity Funding Rounds in Q3

Infosec -- Dark Reading - The first two quarters of 2017 have been the most active ever in five years from a cybersecurity investment standpoint. Here's...

September 21, 2017 04:44 PM

Office 365 Phishing attacks create a sustained insider nightmare for IT

Infosec -- CSO Online - DERBYCON - Earlier this month, Salted Hash deconstructed a Phishing email that had bypassed company filters and made into the general...

September 21, 2017 04:44 PM

PwC's phones are ringing as clock ticks toward GDPR deadline

Enterprise -- SiliconANGLE - When PricewaterhouseCoopers LLP, or PwC, surveyed legal and IT executives from major global firms earlier this year, it found...

September 21, 2017 04:20 PM

Linus Torvalds Invites Attackers to Join the Kernel Community

Enterprise -- Linux Magazine - He wants attackers to join the community instead of attacking their code.

September 21, 2017 03:55 PM

Sophos Launches New Cloud Partner Program To Capture Growing Public Cloud Security Opportunity

Enterprise -- CRN - The new partner program is designed to align partners better with the way customers buy around the public cloud, including allowing partners...

September 21, 2017 03:54 PM