Woodstock Wire: Enterprise Security News

Infosec -- Dark Reading - It's time to tap the large reservoir of talent with analytical skills to help tackle cybersecurity problems. Train workers in cybersecurity details while using their ability to solve problems.

Infosec -- Security Affairs - Cybersecurity researchers warn of new malware, tracked as OrBit, which is a fully undetected Linux threat.



Cybersecurity researchers at Intezer have uncovered a new Linux malware, tracked as OrBit, that is still undetected.

Infosec -- The Hacker News - The maintainers of the OpenSSL project have released patches to address a high-severity bug in the cryptographic library that could potentially lead to remote code execution under certain scenarios.

The issue, now assigned the identifier...

Enterprise -- ZDNet News - Kali Linux, the Linux of choice for hackers and security pros, is now available on the Linode cloud.

Enterprise -- CRN-UK - US-based reseller SHI has revealed that it was the target of a "co-ordinated and professional malware attack" over the 4 July celebration weekend.

The company, which provides IT products and services to businesses around the world,...

Enterprise -- CRN - Said it caused various disruptions over the weekend.

Enterprise -- SiliconANGLE - Researchers have discovered a supply chain attack that uses packages hosted on the Node Package Manager, the manager for the Node.js JavaScript platform. Detailed today by Reverse Engineer Karlo Zanki at Reversing Labs Inc., the software...

Enterprise -- DevOps.com - A survey of 600 DevOps professionals conducted by strongDM, a platform for managing access to IT infrastructure, found nearly two-thirds (64%) had productivity impacted on a daily or weekly basis because of access issues. It's not surprising...

Enterprise -- Computer Dealer News - Cybersecurity product manufacturers are being urged to adapt their applications to detect abuse of a new commercial attack simulation tool being used by threat actors. The warning, issued today by researchers at Palo Alto Networks'...

Enterprise -- ZDNet News - The rise of quantum computing, deepfakes, the Internet of Things and more are among the things that could create very real challenges for cybersecurity going forwards.

Think -- Gartner Blog Network - Identity governance and administration (IGA) is the system of record for identity management, access administration, and admin-time authorization.



IGA controls incrasingly have to identify and mitigate access risk across a variety...

Woodstock Wire -- This news area will be shut down during July 2022



Clicking the story link will take you to a new site that covers this news area

Enterprise -- SiliconANGLE - Unknown hackers have claimed to have stolen data on as many as a billion mainland Chinese residents and are attempting to sell the data on a hacking forum. The data is alleged to have been stolen from the Shanghai National Police database...

Infosec -- CSO Online - Identity and access issues topped the list of concerns of IT pros in the Cloud Security Alliance's annual Top Threats to Cloud Computing: The Pandemic 11 report released earlier this month. "Data breaches and data loss were the top concerns...

Infosec -- Dark Reading - With more staff working remotely, identity, authentication, and access (IAA) has never been more important. Microsoft has a new response.

Infosec -- The Daily Swig - We take a look at the latest additions to security researchers' armory

Infosec -- CyberScoop - Cybersecurity leaders from the White House, Citibank and Google came together to promote stronger cooperation between public and private sector organizations at the Google Cloud Security Summit earlier this year. They asserted that these...

Infosec -- Dark Reading - The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly.

Infosec -- Dark Reading - In the always-changing world of cyberattacks, preparedness is key.

Enterprise -- The Register - Industrial systems' security got 99 problems and CVEs are one. Or more

The latest threat security research into operational technology (OT) and industrial systems identified a bunch of issues - 56 to be exact - that criminals could use...

Enterprise -- SiliconANGLE - Google LLC's Threat Analysis Group said today it has blocked more than 30 malicious domains linked to hack-for-hire groups from Russia, India and the United Arab Emirates. The hack-for-hire firms have been actively targeting Gmail and...

Enterprise -- The Register - Relax, most of the vulnerabilities so far have, er, no fix

Jenkins, an open-source automation server for continuous integration and delivery (CI/CD), has published 34 security advisories covering 25 plugins used to extend the software....

Enterprise -- Computer Dealer News - Threat actors are installing a backdoor into installations of Microsoft's Internet Information Services (IIS) Windows web server that isn't being caught by some online file scanning services, say Kaspersky researchers. They also...

Enterprise -- SiliconANGLE - Microsoft Corp. has issued a patch for a vulnerability in Service Fabric that allows attackers to gain root privileges on a node and then take over other nodes in a cluster. Service Fabric hosts more than 1 million applications and runs...

Enterprise -- ZDNet News - Easy to find and exploit, these flaws could give hackers a chance to take over your systems.

Enterprise -- IT Business Edge - Many employees and contractors work offsite in home networks, coffee shops, hotels, and other untrusted networks. Meanwhile, many cloud applications and data repositories have also migrated outside of the centralized control of an organization's...

Woodstock Wire -- During the month of July, I will be stepping away from this news area going forward.



It has been a pleasure providing news in this area for the since 2001..



If you click the story link, it will take you to a new site that covers this type of news.

PR Newswire -- Resecurity, a cybersecurity and intelligence company, today announced its award-winning...

PR Newswire -- SecurityMetrics is proud to announce that they have won the following awards from Cyber Defense Magazine (CDM), the industry's leading electronic information security magazine: "Most Innovative Cybersecurity Book" for the SecurityMetrics Guide to...

Business Wire -- CyberArk (NASDAQ: CYBR), the global leader in Identity Security, today announced the details of CyberArk Impact 2022. The global cybersecurity conference will bring together Identity Security professionals to connect, learn, collaborate and discuss the...

Business Wire -- Codenotary launched SBOM Operator for Kubernetes in both its open source Community Attestation Service, as well as Codenotary's Trustcenter.

Business Wire -- Security attacks targeting software supply chains have dramatically increased over the past several years. According to the Open Source Security Foundation (OpenSSF) Scorecard project, over-privileged automated workflow tokens are a high-risk...

Business Wire -- Okta, Inc. (NASDAQ:OKTA), the leading independent identity provider, today announced the launch of a Nonprofit Cybersecurity Portfolio and $1,020,000 in grants to support better security across the social sector. Stemming from Okta's three-year commitment...

Business Wire -- Island is introducing its groundbreaking Enterprise Browser to users in the U.K. and across Europe. Infosecurity Europe attendees will have the opportunity to explore the features of the Enterprise Browser firsthand at booth #T86. Island is one of cybersecurity's...

Enterprise -- DevOps.com - Software engineers are always under pressure to build more software, faster. At the same time, there is increasing regulatory and market pressure for secure software that meets users' and regulators' requirements for data privacy. This...

Infosec -- The Hacker News - In the world of cybersecurity, reputation is everything. Most business owners have little understanding of the technical side, so they have to rely on credibility.

Founded back in 2005, Palo Alto Networks is a cybersecurity giant that...

Infosec -- Dark Reading - Security teams - who are already fighting off malware challenges - are also facing renewed attacks on cloud assets and remote systems.

Infosec -- The Hacker News - WordPress websites using a widely used plugin named Ninja Forms have been updated automatically to remediate a critical security vulnerability that's suspected of having been actively exploited in the wild.

The issue, which relates to...

Tech -- Digital Trends - Microsoft has launched Microsoft Defender for individuals as a new online security application for Microsoft 365 subscribers.

Tech -- Digital Trends - Firefox has just announced that Total Cookie Protection is now available by default to every user of the browser. The feature is meant to protect your privacy.

Tech -- GeekWire - Microsoft announced Tuesday that it will acquire Miburo, a small company that helps customers detect and respond to foreign information operations. Microsoft said the acquisition will help the tech giant "expand its threat detection and analysis...

Life -- Lifehacker - Every piece of tech carries the risk of bugs and security flaws, but Macs running Apple's M1 chips are apparently vulnerable to an all-new category of threat. Security researchers at MIT's Computer Science & Artificial Intelligence Laboratory...

Globe Newswire -- Myota, Inc., a provider of advanced cybersecurity solutions that enable businesses to withstand and recover from ransomware and data breach attacks, today announced that the US Patent and Trademark Office (USPTO) has issued a new patent, No. 11,281,790...

Globe Newswire -- HashiCorp, Inc. (NASDAQ: HCP), a leading provider of multi-cloud infrastructure automation software, today announced Vault Enterprise has achieved Federal Information Processing Standard (FIPS) 140-2 Level 1 after validation from Leidos, the independent...

Business Wire -- CyberArk (NASDAQ: CYBR), the global leader in Identity Security, today announced new CyberArk Endpoint Privilege Manager functionality that extends protection to Linux platforms. Now, security and IT professionals can easily enforce least privilege and...

Infosec -- Cloudflare - Last week, Cloudflare automatically detected and mitigated a 26 million request per second DDoS attack - the largest HTTPS DDoS attack on record.The attack targeted a customer website using Cloudflare's Free plan. Similar to the previous...

Infosec -- Security Affairs - Organizations face the constant need to protect these APIs from attacks so they can protect organizational data.



Organizations are rapidly opening their ecosystem through Application Programming Interfaces (API) by ensuring seamless...

Infosec -- Record by Recorded Future - Ransomware groups and nation-state actors have begun exploiting a widespread zero-day vulnerability in all supported versions of Atlassian Confluence Server and Data Center unveiled late last month, according to Microsoft....

Infosec -- CSO Online - Machine learning and artificial intelligence (AI) are becoming a core technology for some threat detection and response tools. The ability to learn on the fly and automatically adapt to changing cyberthreats give security teams an advantage.However,...

Infosec -- The Hacker News - The Iranian state-sponsored threat actor tracked under the moniker Lyceum has turned to using a new custom .NET-based backdoor in recent campaigns directed against the Middle East.

"The new malware is a .NET based DNS Backdoor which...