Woodstock Wire: Enterprise Security News

August 20, 2018

How WAF-as-a-Service Addresses Critical Customer Vulnerabilities

Enterprise -- MSPmentor - Web applications represent a significant security vulnerability for most companies, but very few are adequately addressing the problem.

August 20, 2018 04:56 PM

How's that encryption coming, buddy? DNS requests routinely spied on, boffins claim

Enterprise -- The Register - Uninvited middlemen may be messing with message

Most people's DNS queries - by which browsers and other software resolve domain...

August 20, 2018 03:06 PM

Heart-stopping security news: Hackers can now get into pacemakers

FastCompany -- The hack could be used to shock someone's heart, or to withhold a shock when it's needed.

A security flaw in a pacemaker made by Medtronic makes...

August 20, 2018 01:40 AM

Why adding bugs to software can make it safer

Think -- MIT Technology Review - Filling code with benign bugs overwhelms malicious attackers looking for more serious errors, cybersecurity researchers...

August 20, 2018 01:03 AM

August 19, 2018

Gartner Survey Says Cloud Computing Remains Top Emerging Business Risk

Business Wire -- Cloud computing ranks as the top risk concern for executives in risk, audit, finance and compliance, according to the latest survey by Gartner,...

August 19, 2018 11:19 PM

EZShield Acquires IdentityForce

Business Wire -- EZShield, a portfolio company of The Wicks Group ("Wicks") and the leader in digital identity protection and resolution, today announced it has...

August 19, 2018 11:13 PM

IBM Opens X-Force Red Lab in Austin

SiliconHills -- IBM has always been at the forefront of cybersecurity since the earliest days of the Internet. At the South Florida Sun-Sentinel, I interviewed...

August 19, 2018 11:11 PM

2.6 billion records exposed in 2,308 disclosed data breaches in H1

Infosec -- Security Affairs - According to a report from cyber threat intelligence firm Risk Based Security some 2.6. billion data records have been exposed...

August 19, 2018 10:43 PM

Ensuring Web Applications Are Hardened, Secure

Infosec -- Dark Reading - Ofer Maor of Synopsys Software Integrity Group describes how automated testing can non-intrusively pinpoint where developers may...

August 19, 2018 10:42 PM

$115M Anthem Data Breach Deal Gets Final Nod

Infosec -- Office of Inadequate Security - Kevin Stawicki reports: A California federal judge on Thursday gave final approval to a $115 million deal that...

August 19, 2018 10:42 PM

Supplementing the SOC with Cyber-as-a-Service

Infosec -- Dark Reading - Raytheon Cyber Protection Solutions CTO Mark Orlando suggests under-resourced SOCs enhance their effectiveness at-scale by tapping...

August 19, 2018 10:40 PM

Linux Kernel Project rolled out security updates to fix two DoS vulnerabilities

Infosec -- Security Affairs - Linux kernel maintainers have rolled out security updates for two DoS vulnerabilities tracked as SegmentSmack and FragmentSmack.

Linux...

August 19, 2018 10:40 PM

The state of cybersecurity at small organizations

Infosec -- CSO Online - ESG recently completed a research survey of 400 cybersecurity and IT professionals working at small organizations (i.e. 50 to 499...

August 19, 2018 10:37 PM

Five Web Application Security Best Practices

Infosec -- Dyn - The internet is central to today's businesses. Websites and applications are where companies and customers interact, often sharing sensitive...

August 19, 2018 10:35 PM

ProtonMail's open source encryption library, OpenPGPjs, has passed an independent security audit

Infosec -- ProtonMail - As part of our commitment to open source, we maintain the OpenPGPjs encryption library. After some recent code enhancements, OpenPGPjs...

August 19, 2018 10:34 PM

Chatbots Say Plenty About New Threats to Data

Infosec -- Flashpoint - Chatbots are becoming a useful customer interaction and support tool for businesses. These bots are powered by an artificial intelligence...

August 19, 2018 10:34 PM

Some 2.6 billion data records exposed in first half of 2018

Infosec -- WeLiveSecurity - The newly-released report provides an overview of the data breach landscape in the first half of this year

August 19, 2018 10:34 PM

Chinese Cyberespionage Originating From Tsinghua University Infrastructure

Infosec -- Recorded Future - Recorded Future analyzed new malware targeting the Tibetan...

August 19, 2018 10:33 PM

How to automate the import of third-party threat intelligence feeds into Amazon GuardDuty

Enterprise -- Amazon AWS Blog - Amazon GuardDuty is an AWS threat detection service that helps protect your AWS accounts and workloads by continuously monitoring...

August 19, 2018 10:29 PM

What is Nmap? Why you need this network mapper

Enterprise -- Network World News - Network administrators, IT managers and security professionals face a never-ending battle, constantly checking on what exactly...

August 19, 2018 10:28 PM

How to protect your infrastructure from DNS cache poisoning

Enterprise -- Network World News - Domain Name System (DNS) is our root of trust and is one of the most critical components of the internet. It is a mission-critical...

August 19, 2018 09:45 PM

Cisco's $2.35 billion Duo acquisition front and center at earnings call

Tech -- TechCrunch - When Cisco bought Ann Arbor, Michigan security company, Duo for a whopping $2.35 billion earlier this month, it showed the growing...

August 19, 2018 03:41 AM

August 17, 2018

Cybersecurity Threats on the Rise in 2018: BEC Attacks Increase 55% and CHA Up 37%

Globe Newswire -- Technology - Mid-Year Global Security Report Provides insights to Help IT Leaders Better Protect Against Attacks Mid-Year Global Security Report...

August 17, 2018 07:19 PM

Comodo CA Acquires Website Disaster Recovery Leader CodeGuard

Globe Newswire -- Technology - 1-click restore for website issues is vital to businesses; Comodo CA continues to expand its offerings to help businesses and their...

August 17, 2018 07:18 PM

August 16, 2018

Security gaps identified in Internet protocol 'IPsec'

Life -- EurekAlert - In collaboration with colleagues from Opole University in Poland, researchers at Horst Gortz Institute for IT Security (HGI) at...

August 16, 2018 08:18 PM

Customizing Wireshark - Changing Your Column Display

Enterprise -- Palo Alto Networks Blog - Wireshark is a free protocol analyzer that can record and display packet captures (pcaps) of network traffic. This...

August 16, 2018 04:42 PM

PhishPoint Phishing Attack - A new technique to Bypass Microsoft Office 365 Protections

Infosec -- Security Affairs - Security experts from the cloud security firm Avanan have discovered a new technique dubbed PhishPoint, that was used by hackers...

August 16, 2018 04:22 PM

Caller ID Spoofing - What It Is and What to Do About It

Infosec -- TripWire - The State of Security - What is Caller ID? Caller identification (Caller ID) is a service that allows the receiver of a phone call...

August 16, 2018 04:22 PM

Email Phishers Using New Way to Bypass Microsoft Office 365 Protections

Infosec -- The Hacker News - Phishing works no matter how hard a company tries to protect its customers or employees.



Security researchers have been warning...

August 16, 2018 04:21 PM

Threat Analyst Insights: How to Avoid Drowning in a Sea of Cybersecurity News

Infosec -- Recorded Future - Staying on top of the ever-evolving threat landscape can feel daunting for most security professionals. It seems as if there...

August 16, 2018 04:20 PM

Fileless attacks

Enterprise -- MSPmentor - Hackers are increasingly turning to fileless attacks because they are 10 times more likely to succeed than file-based attacks. These...

August 16, 2018 04:17 PM

Linux and L1TF

Enterprise -- Network World News - Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting...

August 16, 2018 03:59 PM

Malicious software infects 500,000 devices

Enterprise -- IT Manager Daily - More than 500,000 routers have been affected by VPNFilter, malware that can steal sensitive data and manipulate everything...

August 16, 2018 03:40 PM

August 15, 2018

Imperva Completes the Acquisition of Prevoty

Business Wire -- Imperva completes acquisition of Prevoty a leader in RASP

August 15, 2018 07:26 PM

Zscaler Becomes the First Cloud Services Provider to Receive FedRAMP Authorization for a Dedicated Zero Trust Remote Access Platform

Business Wire -- Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today announced that Zscaler Private Access-Government (ZPA(tm)-Government), its application...

August 15, 2018 07:23 PM

Why you should consider crowdsourcing IT security services

Infosec -- CSO Online - A crucial part of securing IT infrastructure, applications and services is asking independent white hat hackers to hack it. Hackers...

August 15, 2018 07:12 PM

The Inside Job: When Microsoft MFA Fails

Infosec -- Okta Blog - In today's threat landscape, cybersecurity vulnerabilities can originate from a variety of places. An exploitable gap in one vendor's...

August 15, 2018 07:10 PM

Microsoft Flaw Allows Full Multi-Factor Authentication Bypass

Infosec -- Threatpost - This is similar to taking a room key for a building and turning it into a skeleton key that works on every door in the building.

August 15, 2018 07:09 PM

Microsoft ADFS Vulnerability Lets Attackers Bypass MFA

Infosec -- Dark Reading - The flaw lets an attacker use the same second factor to bypass multifactor authentication for any account on the same ADFS service.

August 15, 2018 07:09 PM

So You Got a SaaS Security Awareness Training Platform, Now What?

Infosec -- The PhishLabs Blog - After months of talks, budget approvals, and getting stakeholder buy in, you finally have the security awareness tool of...

August 15, 2018 07:07 PM

Microsoft Patch Tuesday: 60 vulnerabilities resolved including two active exploits

Enterprise -- ZDNet News - A total of 19 vulnerabilities are deemed critical, including two zero-day flaws being actively used in the wild.

August 15, 2018 06:50 PM

Threat Brief: Cyber Attackers Using Your Home Router To Bring Down Websites

Enterprise -- Palo Alto Networks Blog - In recent research, Palo Alto Networks found attackers were targeting home routers to take control and use them for...

August 15, 2018 06:48 PM

10 Steps to Successfully Educate Your Clients' End Users about Cybersecurity

Enterprise -- The ChannelPro Network - In the last year, phishing was involved in 93% of successful security breaches. But we shouldn't point the finger at...

August 15, 2018 06:46 PM

PTC courts security researchers to find IoT vulnerabilities

Enterprise -- ZDNet News - PTC adopts a shared responsibility model to security as it aims to shore up its ThingWorx ecosystem and court researchers looking...

August 15, 2018 06:46 PM

Cybersecurity industry booming in Springs, but worker shortage remains

Enterprise -- Digital Colorado - A recent study from the Colorado Springs Chamber & EDC reveals that cybersecurity brings a nearly $1 billion annual benefit...

August 15, 2018 06:45 PM

Three more data-leaking security holes found in Intel chips as designers swap security for speed

Enterprise -- The Register - Apps, kernels, virtual machines, SGX, SMM at risk from attack

Intel will today disclose three more vulnerabilities in its processors...

August 15, 2018 06:44 PM

How Does GDPR Affect Email Retention and Archiving?

Enterprise -- The Data Center Journal - You probably received more than a few emails from companies notifying you of changes to their privacy policy in the...

August 15, 2018 06:43 PM

Machine Learning Is Becoming a Must in Data Center Network Security

Enterprise -- Data Center Knowledge - The volume of data traveling on networks and sophistication of attack tools are outpacing human experts' capabilities.

August 15, 2018 06:42 PM

Microsoft ADFS vulnerability allows hackers to bypass multifactor authentication

Enterprise -- SiliconANGLE - A newly discovered vulnerability in Microsoft Corp.'s Activity Directory Federation Services allows hackers to bypass multifactor...

August 15, 2018 06:33 PM

Protecting Our Customers through the Lifecycle of Security Threats

Electronics -- Intel - By Leslie Culbertson

Intel's Product Assurance and Security (IPAS) team is focused on the cybersecurity landscape and constantly working...

August 15, 2018 06:26 PM