Woodstock Wire: Enterprise Security News

Infosec -- Security Affairs - Office furniture company Steelcase was hit by Ryuk ransomware attack that forced it to shut down its network to avoid the malware from spreading.



Steelcase is a US-based furniture company that produces office furniture, architectural...

Infosec -- TripWire - The State of Security - The worlds of information technology (IT) and operational technology (OT) are colliding. In July 2019, Automation.com cited a survey finding where 82% of respondents told Forrester and Nozomi Networks that their organizations...

Infosec -- TripWire - The State of Security - Digital attackers are increasingly turning their attention to the cloud. According to the 2020 Trustwave Global Security Report, the volume of attacks targeting cloud services more than doubled 7% in 2018 to 20% a year...

Infosec -- Dark Reading - More than half of respondents are planning to reduce their network firewall footprint because of what they see as limitations in the technology.

Infosec -- Verisign - This week, some of the brightest subject matter experts from across the U.S. and beyond gathered virtually to talk about women in cybersecurity, recognizing that the internet is filled with both opportunities and risks, and that it's up to...

Infosec -- CyberScoop - The FBI and departments of Defense and Homeland Security issued a joint alert Tuesday warning the private sector about what they say is a global hacking operation run by North Korean government-linked hackers.

The hacking group, known as...

Infosec -- The Daily Swig - Darknet auction spawns fears that attack might expose sensitive data from business customers

Globe Newswire -- Technology - Lightning-Fast Incident Response Minimizes Attack Damage and Reduces Recovery TimeSophos Rapid Response Identifies First Use of Buer Malware Dropper to Deliver Ransomware in New Wave of Ryuk Attacks

Business Wire -- Ping Identity (NYSE: PING), the intelligent identity solution for the enterprise, today announced PingZero, a suite of passwordless authentication features organizations can implement to deliver seamless digital experiences to employees and customers....

Business Wire -- FireEye announced financial results for Q3 2020.

Infosec -- Threatpost - Beyond admins, researchers say that 97 percent of all total Microsoft 365 users do not use multi-factor authentication.

Infosec -- CyberScoop - Zoom says a key deal earlier this year helped it globally implement an important security feature at a time when the videoconferencing app became a household word.

The company said Monday that it was officially rolling out end-to-end encryption...

Infosec -- The Daily Swig - Users urged to patch Ruckus vRIoT server software now

Infosec -- Security Affairs - A threat actor has stolen roughly $24 million worth of cryptocurrency assets from decentralized finance service Harvest Finance.



A hacker has stolen approximately $24 million worth of cryptocurrency assets from decentralized finance...

Infosec -- Threatpost - With Code42 Incydr, you can keep tabs on when and where your data is going - without restricting where or how your employees want to collaborate and work.

Business Wire -- Gigamon and Zscaler's combined cloud solution provides pervasive network traffic visibility of remote users and branch locations.

Aspencore -- EETimes - Data is increasingly transmitted across hostile territory or stored at a network edge. Critical operational data or intellectual property needs to be protected in industrial, operational technology, and Internet of things (IoT) settings.

Information...

Infosec -- TripWire - The State of Security - Amazon informed some of its customers about a security incident that involved the unauthorized disclosure of their email addresses. News of the security incident emerged over the weekend of October 23 when multiple users...

Infosec -- TripWire - The State of Security - You don't have to search very far in the news to see stories of websites being hacked and customer details being stolen. Stories about incidents involving industrial control systems (ICSes) and operational technology...

Infosec -- Recorded Future - How many of us can say that we get enough sleep, consistently? And not just the number of hours asleep, but the quality of sleep as well? In this busy world with work, family, and community obligations, good sleep often takes a backseat,...

Infosec -- Dark Reading - With a fuller picture of the Kubernetes threat matrix, security teams can begin to implement mitigation strategies to protect their cluster from threats.

Infosec -- CSO Online - The following vignette was the catalyst for multiple conversations between the authors about why it's as important for today's CISO to be a business leader as it is for them to be security professionals. While being a security professional...

Infosec -- CSO Online - Leaving your job on good terms involves many tasks, but nothing is more important than priming your replacement for success. Despite your reasons for moving on, helping the new CISO acquire the knowledge and skills needed to excel is crucial...

Infosec -- Security Affairs - A ransomware attack recently hit Georgia county government and reportedly disabled a database used to verify voter signatures.



A ransomware attack hit a Georgia county government early this month and disabled a database used to verify...

Infosec -- TripWire - The State of Security - The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that was established to transform the security landscape of the healthcare industry. Businesses that are found guilty of a breach...

Globe Newswire -- Imperva, Inc., (@Imperva) the cybersecurity leader whose mission is to protect data and all paths to it, has been named a Leader in the Gartner Magic Quadrant for Web Application Firewalls for the seventh consecutive year.

Business Wire -- Each year, the Department of Homeland Security designates October as National Cybersecurity Awareness Month. It's a good time to remember that not all scary scenarios are reserved for Halloween. While government and law enforcement resources are dedicated...

Media -- PYMNTS.com - When invoices are generated manually, there are plenty of opportunities for billing to go awry. This week's look at the latest in B2B payments fraud lands its focus on the invoice, used in a variety of ways by scammers to infiltrate B2B payment...

Justmeans -- In recognition of National #Cybersecurity Awareness Month, @AllianceData's Chief Security Officer, Mike Britton, shares how the company is taking a proactive approach to protecting employees, brand partners, & customers:...

Enterprise -- SiliconANGLE - Puppet Inc. today introduced Puppet Comply, a software product that enterprises can use to ensure their cloud and on-premises infrastructure adheres to cybersecurity requirements. Portland-based Puppet is the maker of one of the market's...

Enterprise -- ChannelBuzz.ca - Using external DNS providers has always been a questionable idea for an enterprise. The Internet Domain Name System (DNS) helps end-user applications...

Enterprise -- HAproxy - The live webinar will be held on Tuesday, November 10th, 2020 at following times:

EU times: 5 PM GMT, 6 PM CET

US times: 12 noon EST, 11 AM CDT, 10 AM MDT, 9 AM...

Enterprise -- ChannelE2E - To minimize the risk of a cyberattack, follow these six tips to harden your OS, according to guidance from Jay Ryerse at ConnectWise.

Enterprise -- Data Center Knowledge - IBM's Cloud Pak for Security now includes all pillars of threat management, including detection, investigation and response, and streamlines response efforts.

Enterprise -- ChannelBuzz.ca - In addition to their Prisma Cloud 2.0 announcement, Palo Alto Networks has announced the availability of their first Canadian-based cloud region.Palo Alto Networks has launched the 2.0 version of their Prisma Cloud platform, the company's...

Infosec -- Security Affairs - Experts warn of a phishing campaign that already targeted up to 50,000 Office 365 users with a fake automated message from Microsoft Teams.



Secruity researchers reported that up to 50,000 Office 365 users have been targeted by a...

Infosec -- Barracuda - Another day, another pandemic-enabled scam. Criminals are now attacking K-12 schools by posing as parents who are using email to submit assignments to the teacher. The premise is that the student had trouble using the online classroom system,...

Infosec -- Barracuda - Have you tuned in for Below the Surface yet? Streaming live on LinkedIn, Barracuda's new series offers candid discussions with key Barracuda experts on all the latest and greatest cybersecurity news, as well as Barracuda's recent research,...

Infosec -- The Hacker News - Microsoft, in collaboration with MITRE, IBM, NVIDIA, and Bosch, has released a new open framework that aims to help security analysts detect, respond to, and remediate adversarial attacks against machine learning (ML) systems.

Called...

Infosec -- WeLiveSecurity - Why are connected medical devices vulnerable to attack and how likely are they to get hacked? Here are five digital chinks in the armor.

Infosec -- Dark Reading - KashmirBlack has been targeting popular content management systems, such as WordPress, Joomla, and Drupal, and using Dropbox and GitHub for communication to hide its presence.

Infosec -- Dark Reading - But that's not the only type of web attack cybercriminals have been profiting from.

Infosec -- Dark Reading - While the usual security certs remain popular, interest in privacy skills and cloud experience are pushing new credentials into the market.

Infosec -- Threatpost - Up to 50,000 Office 365 users are being targeted by a phishing campaign that purports to notify them of a "missed chat" from Microsoft Teams.

Infosec -- Recorded Future

Infosec -- CSO Online - One of the smartest moves you can make to protect employees, especially those working from home, is to encourage them to use a password manager. It's one of the easiest, too.Keyword best practices pertain to complexity, change frequency and...

Infosec -- TripWire - The State of Security - Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers. The flaw, discovered by vulnerability...

Infosec -- Security Affairs - VMware patched several flaws in its ESXi, Workstation, Fusion and NSX-T products, including a critical code execution vulnerability.



VMware has fixed several vulnerabilities in its ESXi, Workstation, Fusion and NSX-T products, including...

Infosec -- TripWire - The State of Security - There are two significant trends occurring right now that shouldn't be a surprise to anyone reading this post. First, businesses are gathering and leveraging more and more data to improve their core services. Second,...

Infosec -- Threatpost - Over half of Oracle's flaws in its quarterly patch update can be remotely exploitable without authentication; 65 are critical, and two have CVSS scores of 10 out of 10.