Woodstock Wire: Enterprise Security News

Aspencore -- EETimes - This is the second in a series on automotive cybersecurity columns providing perspectives on key cybersecurity developers. This post also includes some perspectives on OEM and Tier 1 activities, albeit limited, as manufacturers release little...

Globe Newswire -- Technology - New Products and Enhancements Help SOC Teams Achieve Greater Cyber Resilience and Solidify Sumo Logic as a Leader in Rapidly-Evolving SIEM and SOAR Markets;

Globe Newswire -- Today Maltego Technologies GmbH, provider of the globally known graphical link analysis tool, and Farsight Security, Inc., a leading cybersecurity provider of DNS intelligence solutions, announced that Farsight DNSDB Transforms for Maltego, first launched...

Business Wire -- Impact Live 2021 - CyberArk (NASDAQ: CYBR), the global leader in Identity Security, today announced the availability of CyberArk Cloud Entitlements Manager, CyberArk Endpoint Privilege Manager and CyberArk Workforce Identity on Amazon Web Services Marketplace...

Business Wire -- Impact Live 2021 - CyberArk (NASDAQ: CYBR), the global leader in Identity Security, today announced major advancements to the CyberArk Identity Security Platform to help secure high-risk access and broaden protection across cloud and hybrid environments....

Business Wire -- Cyber attackers targeted industries resulting in a 341% year-over-year increase in DDoS attacks, according to Nexusguard's 2020 Threat Report.

Business Wire -- Yubico releases results of a study into current attitudes and adaptability to at-home corporate cybersecurity of those in the UK, Germany and France

Business Wire -- ForgeRock's 2021 Consumer Identity Breach Report Reveals Unprecedented 450% Surge in Breaches Containing Usernames and Passwords

Business Wire -- Gigamon is proud to announce that it has been selected as the Market Leader in Network Security and Management from Cyber Defense Magazine

Infosec -- FraudWatch Intl - The internet has undoubtedly become one of the most important tools in business. Thanks to the internet, the global marketplace is made more accessible-you can easily create immediate connections and keep in touch with your stakeholders...

Infosec -- FraudWatch Intl - Phishing has damaged hundreds if not thousands of companies in the digital age, mainly since it targets the most vulnerable aspect of cybersecurity: the human element. To determine if your employees are knowledgeable enough about cybersecurity...

Enterprise -- The Register - New approach against malware pushers mirrors how American authorities handle terrorism cases

The White House has issued a communique to business leaders [PDF] urging them to take the threat of ransomware a bit more seriously....

Enterprise -- Linux Magazine - The latest iteration of security fan-favorite, Kali Linux has been released with new tools, themes, and plenty of improvements.

Enterprise -- EfficientIP - Requirements of today's IT infrastructure

IT infrastructure has become extremely complex and in perpetual evolution to match ever evolving business needs. In addition to planning the needs for building and running new IT and Network services,...

Enterprise -- Azure Updates - New enhancements and updates released for general availability (GA) in Azure Security Center in May 2021.

Enterprise -- Azure Updates - Public preview enhancements and updates released for Azure Security Center in May 2021.

Tech -- The Verge - An analysis of the cyberattack on Colonial Pipeline found that the hackers were able to access the company's network using a compromised VPN password, Bloomberg reported. The hack led to a ransomware payout of $4.4...

Tech -- TechCrunch - Dan Schoenbaum is a two-time CEO and a two-time COO in cybersecurity. Today, he is a managing partner at High Tide Advisors, a boutique consulting...

Tech -- TechCrunch - Cybersecurity giant FireEye has agreed to sell its products business to a consortium led by private equity firm Symphony Technology Group for $1.2 billion.

The all-cash deal will split FireEye, the maker of network and email cybersecurity...

Infosec -- The Hacker News - Code-hosting platform GitHub Friday officially announced a series of updates to the site's policies that delve into how the company deals with malware and exploit code uploaded to its service.

"We explicitly permit dual-use security...

Infosec -- Security Affairs - Hackers are actively scanning the Internet for VMware vCenter servers vulnerable against a critical RCE flaw recently fixed by VMware.



Threat actors are actively scanning the Internet for VMware vCenter servers affected by a critical...

Infosec -- Security Affairs - Operators behind the Necro Python botnet have added new features to their bot, including VMWare and server exploits.



Experts from Cisco Talos have recently observed a new Necro Python bot campaign and noticed that its developers...

Infosec -- Office of Inadequate Security - VB reports: In an analysis of more than 100 of the biggest and most well-known data breaches of the last decade, Imperva Research Labs found that 75.9% of data stolen in these breaches was personally identifiable information...

Infosec -- Dark Reading - Cyber threats are staring you in the face, but you can't see them.

Infosec -- ISC2 Blog - Faced with significant obstacles to build their cybersecurity teams, organizations increasingly are looking within to find transferrable talent for cybersecurity roles. It's a practice strongly endorsed by (ISC)2 in the recently published...

Infosec -- The Hacker News - Google on Thursday said it's rolling new security features to Chrome browser aimed at detecting suspicious downloads and extensions via its Enhanced Safe Browsing feature, which it launched a year ago.

To this end, the search giant said...

Infosec -- Security Affairs - Cisco addressed multiple security flaws, including high-severity vulnerabilities, in Webex Player, SD-WAN software, and ASR 5000 series software.



Cisco has addressed multiple vulnerabilities in its products, including high-risk flaws...

Infosec -- The Akamai Blog - By: Josh Johnson - We're excited to announce the availability of EdgeKV, a distributed key-value store database that enables EdgeWorkers to leverage data stored at the edge when deploying custom code across our serverless computing platform....

Infosec -- The Daily Swig - Lasso bug roped up and corralled by Enterprise Application Access developers

Infosec -- Threatpost - REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests.

Infosec -- The Hacker News - A new set of critical vulnerabilities has been disclosed in the Realtek RTL8170C Wi-Fi module that an adversary could abuse to gain elevated privileges on a device and hijack wireless communications.

"Successful exploitation would lead...

Infosec -- CSO Online - Multi-factor authentication (MFA) continues to embody both the best and worst of business IT security practice. As Roger Grimes wrote in this article about two-factor hacks three years ago, when MFA is done well it can be effective, but when...

Infosec -- Dark Reading - Most malicious emails get blocked, but the ones that get through linger around dangerously long, a new study shows.

Infosec -- Security Affairs - A critical zero-day vulnerability in the Fancy Product Designer WordPress plugin exposes more than 17,000 websites to attacks.



Researchers from the Wordfence team at WordPress security company Defiant warn that a critical zero-day...

Infosec -- Dark Reading - Security pros discuss the most typical ways attackers leverage Microsoft 365 and share their guidance for defenders.

Infosec -- Schneier on Security - The New York Times has a long story on the DarkSide ransomware gang.

A glimpse into DarkSide's secret communications in the months leading up to the Colonial Pipeline attack reveals a criminal operation on the rise, pulling in millions...

Infosec -- The Identity Quotient Blog - The future of work depends on SaaS and today's approach needs a remix. How your identity security strategy needs to reconsider what you consider "visibility" and the dangerous gaps that exist with your current approach.

Media -- Control.com News - Johnson Controls and DigiCert partner to improve security and push forward the digital transformation of smart buildings with a public key infrastructure (PKI).

Globe Newswire -- Technology - Becomes a certified Teams security and compliance partner for data loss prevention Becomes a certified Teams security and compliance partner for data loss prevention

Globe Newswire -- Secureworks(r) (NASDAQ:SCWX), a global leader in cybersecurity, today announced that Chief Executive Officer Michael R. Cote is retiring as CEO and a member of the Secureworks Board of Directors, effective Sept. 3, 2021. The Secureworks Board of Directors...

Business Wire -- Ping Identity, the Intelligent Identity solution for the enterprise, announced the addition of Jason Wolf as Chief Revenue Officer. Wolf is a highly accomplished sales leader holding his most recent role as chief revenue officer at SAP, overseeing the...

Business Wire -- At Security Connect, VMware releases the 2021 Global Security Insights Report, detailing the impact of cyberattacks and breaches on organizations.

Business Wire -- Over 90% of organizations in UK have experienced a DNS attack, a rise from last year according to 2021 Global DNS Threat Report.

Business Wire -- Blancco, the industry standard in data erasure, reinforces cybersecurity in Vietnam, opening Hanoi office on 16th floor of Daeha Business Center.

Business Wire -- ERI has published the new book, "The Insecurity of Everything: How Hardware Data Security is Becoming the Most Important Topic in the World."

Tech -- BGR - One news publication I've written a fair amount of content for always required that writers prepare and submit invoices in PDF form, ostensibly because they're less susceptible to manipulation compared to a garden variety text-based document. At...

Business Wire -- Ping Identity (NYSE: PING), the Intelligent Identity solution for the enterprise, showcases a continued commitment to open standards through the achievement of the Financial-grade API Client Initiated Back-Channel Authentication (FAPI-CIBA) certification....

Infosec -- Have I been pwned - In 2013 (exact date unknown), the Chinese e-commerce service JD suffered a data breach that exposed 13GB of data containing 77 million unique email addresses. The data also included usernames, phone numbers and passwords stored as...

Infosec -- Barracuda - Every time there is a major security breach every cybersecurity professional gets the same queasy feeling in the pit of their stomach. They all know the difference between their organization and the unfortunate victims of attacks like the...

Infosec -- Dark Reading - The authors of Epsilon Red have offloaded many tasks that are usually integrated into the ransomware -- such as Volume Shadow Copy deletion -- to PowerShell scripts.