Woodstock Wire: Enterprise Security News

January 18, 2021

A Security Vulnerability Management Guide

Enterprise -- DevOps.com - Living in a container-native world is not easy. Containers have a reputation for being a point of entry for security vulnerabilities for many organizations. In 2015, according to a research paper, over 40% of Docker images distributed through...

January 18, 2021 09:10 PM

SolarWinds hack is quickly reshaping Congress's cybersecurity agenda

Infosec -- CSO Online - The federal government and private sector are still reeling from the SolarWinds supply chain hack, and Congress is on edge as it begins a new term beset by fears of domestic terrorism. It would seem all bets are off in terms of the previous...

January 18, 2021 08:15 PM

Network Security: Predictions for 2021

Enterprise -- Palo Alto Networks Blog - For me, the simplest way to summarize 2020 is with one word: unpredictable. Though each year has a level of unpredictability, 2020 was an extreme example. As we look forward into 2021, we hope for positive changes, but 2020 will...

January 18, 2021 08:04 PM

AI set to replace humans in cybersecurity by 2030, says Trend Micro

Enterprise -- ZDNet Blogs - In 2021 Trend Micro predicts that cybercriminals will look to home networks as a critical launch pad to compromising corporate IT and IoT networks.

January 18, 2021 08:03 PM

SolarLeaks website offers source code stolen in SolarWinds hack for sale

Enterprise -- SiliconANGLE - In the latest twist on the SolarWinds hacking story, a site called SolarLeaks is selling stolen data from the hack, including source code from Microsoft Corp., Cisco Systems Inc., FireEye Inc. and SolarWinds Worldwide LLC. The SolarLeaks...

January 18, 2021 07:57 PM

SolarWinds defense: How to stop similar attacks

Enterprise -- ZDNet Blogs - The Linux Foundation, which knows a thing or two about building secure software, has suggestions on how we can avoid SolarWinds type attacks in the future. It won't be easy. But it must be done.

January 18, 2021 07:55 PM

Phishing warning: These are the brands most likely to be impersonated by crooks, so stay alert

Enterprise -- ZDNet News - Cyber criminals know how many of us are working from home and are looking to exploit that situation with phishing emails designed to copy big brands.

January 18, 2021 07:44 PM

An Introduction to Kubernetes Security using Falco

Enterprise -- Cloud Native Computing Foundation - Guest post originally published on InfraCloud's blog by Frederick Fernando As Kubernetes continues to grow in adoption, it is important for us to know how to secure it. In a dynamic infrastructure platform such as Kubernetes,...

January 18, 2021 07:14 PM

LogRhythm acquires threat detection startup MistNet

Enterprise -- SiliconANGLE - Security intelligence firm LogRhythm Inc. announced today it has acquired threat detection startup MistNet.IO Inc. for an undisclosed price. Founded in 2016, MistNet offers a security threat detection and prevention platform that is designed...

January 18, 2021 07:12 PM

Billions were stolen in blockchain hacks last year

Enterprise -- ZDNet News - The total value of the losses from 122 attacks in 2020 would be worth $3.8 billion today.

January 18, 2021 07:08 PM

Evolving Threat Landscapes: Learning from the SolarWinds Breach

Enterprise -- Cisco Blogs - During 2020 we saw a huge expansion and adoption of online services precipitated by a global pandemic. By all accounts, a good proportion of these changes will become permanent, resulting in greater reliance on resilient, secure services...

January 18, 2021 07:07 PM

SolarWinds malware was sneaked out of the firm's Orion build environment 6 months before anyone realised it was there - report

Enterprise -- The Register - Crowdstrike tech analysts explain how they think it slipped under the radar

The malware that was utilised to hack SolarWinds checked to see whether software used to compile the firm's Orion product was running before deploying its payload,...

January 18, 2021 07:06 PM

Digital Defense, Inc. Integrates with Palo Alto Networks Cortex XSOAR to Automate Proactive Response Based on Vulnerability and Threat Risk

Enterprise -- VMblog - Digital Defense, Inc. is now integrated with Palo Alto Networks Cortex XSOAR (previously Demisto), the industry's first extended security...

January 18, 2021 07:03 PM

Cybersecurity teams are struggling with burnout, but the attacks keep coming

Enterprise -- ZDNet News - Coronavirus has forced many organisations to force security teams to work remotely - and that's making the job of securing whole businesses against threats much harder.

January 18, 2021 06:49 PM

macOS malware used run-only AppleScripts to avoid detection for five years

Enterprise -- ZDNet Blogs - The macOS.OSAMiner has been active since 2015, primarily infecting users in Asia.

January 18, 2021 06:46 PM

In case you hadn't heard, SolarWinds was hacked by Moscow, says Kaspersky Lab

Enterprise -- The Register - Brave move for Russian firm to finger its own govt over cyber badness

Kaspersky Lab reckons the SolarWinds hackers may have hailed from the Turla malware group, itself linked to Russia's FSB security service....

January 18, 2021 06:07 PM

Third malware strain discovered in SolarWinds supply chain attack

Enterprise -- ZDNet News - CrowdStrike, one of the two security firms formally investigating the hack, sheds some light on how hackers compromised the SolarWinds Orion app build process.

January 18, 2021 06:06 PM

Making renewing certificates easier at Microsoft with Microsoft Azure

Enterprise -- Microsoft IT Showcase - Cybersecurity is a constant challenge at Microsoft.

To protect the connections between computer servers, resources, and their users, the company regularly uses digital certificates signed by trusted authority providers.

Every quarter,...

January 18, 2021 06:05 PM

How to approach threat modeling

Enterprise -- Amazon AWS Blog - In this post, I'll provide my tips on how to integrate threat modeling into your organization's application development lifecycle. There are many great guides on how to perform the procedural parts of threat modeling, and I'll briefly...

January 18, 2021 06:04 PM

The Best Cybersecurity Tools for Small Businesses

Enterprise -- IT Business Edge - Check out this list for the best cybersecurity tools for small businesses including endpoint detection and response (EDR) and antivirus software.

January 18, 2021 06:03 PM

Accenture buys Brazilian security firm Real Protect

Enterprise -- ZDNet News - The company will extend the consultancy's managed cybersecurity and security services.

January 18, 2021 06:01 PM

World-wide cost of investigating SolarWinds Orion hack could be $100 billion, says one estimate

Enterprise -- IT World Canada - A Canadian expert thinks the cost could be closer to $1 billion. Also, Kaspersky finds similarities between Orion backdoor and another created by a different hacker

January 18, 2021 05:59 PM

Network Security and Containers - Same, but Different

Enterprise -- Cisco Blogs - Introduction

Network and security teams seem to have had a love-hate relationship with each other since the early days of IT. Having worked extensively and built expertise with both for the past few decades, we often notice how each have...

January 18, 2021 05:54 PM

Capitol attack's cybersecurity fallout: Stolen laptops, lost data and possible espionage

Enterprise -- ZDNet News - The January 6 attack on Election Day certification proceedings in the US Capitol Building has deep cybersecurity ramifications.

January 18, 2021 05:53 PM

6 essential activities to help developers build in IoT cybersecurity

Aspencore -- EDN - For many development teams, the idea of building cybersecurity into their IoT design can seem daunting. Striking a balance between adding functionality and minimizing implementation cost can quickly lead to confusion and frustration without a systematic...

January 18, 2021 03:18 AM

January 17, 2021

A security researcher commandeered a country's expired top-level domain to save it from hackers

Tech -- TechCrunch - In mid-October, a little-known but critically important domain name for one country's internet space began to expire.

The domain - scpt-network.com - was one of two nameservers for the .cd country code top-level domain, assigned to the Democratic...

January 17, 2021 09:13 PM

Two kids found a screensaver bypass in Linux Mint

Infosec -- Security Affairs - The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver.

The maintainers of the Linux Mint project have addressed a security bug that could have allowed...

January 17, 2021 08:48 PM

January 16, 2021

Joker's Stash, the largest carding site, is shutting down

Infosec -- Security Affairs - Joker's Stash to shut down on February 15, 2021.

Joker's Stash, the largest carding marketplace online announced that it was shutting down its operations on February 15, 2021.

January 16, 2021 11:41 PM

NSA Suggests Enterprises Use 'Designated' DNS-over-HTTPS' Resolvers

Infosec -- The Hacker News - The U.S. National Security Agency (NSA) on Friday said DNS over HTTPS (DoH) - if configured appropriately in enterprise environments - can help prevent "numerous" initial access, command-and-control, and exfiltration techniques used...

January 16, 2021 11:39 PM

Microsoft Implements Windows Zerologon Flaw 'Enforcement Mode'

Infosec -- Threatpost - Starting Feb. 9, Microsoft will enable Domain Controller "enforcement mode" by default to address CVE-2020-1472.

January 16, 2021 10:36 PM

Rob Joyce named new NSA cybersecurity director

Infosec -- CyberScoop - Rob Joyce, the National Security Agency's special U.S. liaison officer at the U.S. Embassy in London, will replace Anne Neuberger as director in the agency's Cybersecurity Directorate, the NSA announced Friday.

January 16, 2021 09:59 PM

CyberArk Receives Cyber Catalyst SM Designation From Global Cyber Insurance Leaders

Business Wire -- CyberArk (NASDAQ: CYBR), today announced that CyberArk Core Privileged Access Security has received a Cyber CatalystSM designation. Created by Marsh, a global leader in insurance broking and risk management, the Cyber Catalyst program...

January 16, 2021 01:09 AM

Apple Kills MacOS Feature Allowing Apps to Bypass Firewalls

Infosec -- Threatpost - Security researchers lambasted the controversial macOS Big Sur feature for exposing users' sensitive data.

January 16, 2021 01:05 AM

Verisign Outreach Program Remediates Billions of Name Collision Queries

Infosec -- Verisign - A name collision occurs when a user attempts to resolve a domain in one namespace, but it unexpectedly resolves in a different namespace. Name collision issues in the public global Domain Name System (DNS) cause billions of unnecessary and...

January 16, 2021 01:05 AM

January 15, 2021

Sophos Named Common Vulnerability and Exposure Numbering Authority

Globe Newswire -- Sophos, a global leader in next-generation cybersecurity, today announced that it has been named a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA) in the CVE program, a recognized international standard for identifying and naming...

January 15, 2021 08:31 PM

Dynatrace Integrates Real-Time Vulnerability Detection With Snyk Intel Data

Business Wire -- Dynatrace announced today that its Application Security Module now directly links the vulnerabilities it identifies to the Snyk Intel database

January 15, 2021 08:28 PM

LogRhythm Acquires Threat Detection Platform MistNet

Business Wire -- LogRhythm announces it has acquired MistNet, a cloud-based analytics platform that delivers vast network visibility and accurate threat detection.

January 15, 2021 08:23 PM

The top five security threats to watch in 2021

Infosec -- Barracuda - Life-saving vaccines may be on the way, but for many of us 2021 will be a lot like the past 12 months, at least until the latter part of the year. That means remote working in large numbers. It means growing use of online services and applications...

January 15, 2021 08:18 PM

CISA tells agencies to consider ad blockers to fend off 'malvertising'

Infosec -- CyberScoop - The U.S. Cybersecurity and Infrastructure Security Agency urged federal agencies on Thursday to deploy ad-blocking software and standardize web browser usage across their workforces in order to fend off advertisements implanted with malware.

January 15, 2021 08:15 PM

Businesses Struggle with Cloud Availability as Attackers Take Aim

Infosec -- Dark Reading - Researchers find organizations struggle with availability for cloud applications as government officials warn of cloud-focused cyberattacks.

January 15, 2021 08:14 PM

Expert discovered a DoS vulnerability in F5 BIG-IP systems

Infosec -- Security Affairs - A security researcher discovered a flaw in the F5 BIG-IP product that can be exploited to conduct denial-of-service (DoS) attacks.

The security expert Nikita Abramov from Positive Technologies discovered a DoS vulnerability, tracked...

January 15, 2021 08:05 PM

New Analysis Puts Magecart Interconnectivity into Focus

Infosec -- RiskIQ - RiskIQ's recent analysis of Magecart infrastructure has shown its massive scale and put its interconnectivity into focus. Our most recent research takes two email addresses evoking the name of one of the most prominent bulletproof hosting providers...

January 15, 2021 08:04 PM

Through the Eyes of a Cybersecurity CEO: Trends For 2021

Infosec -- SecurityInnovation.com - Advice for Executives to Watch Next Year

2020 completely changed the way workforces operate. Digital transformation went from an emerging trend to a necessity for survival. Certain industries were brought to their...

January 15, 2021 07:59 PM

Cybercriminals are Bypassing Multi-factor Authentication to Access Organisation's Cloud Services

Infosec -- TripWire - The State of Security - The US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning to companies to better protect their cloud-based accounts after several recent successful attacks....

January 15, 2021 07:53 PM

Top Cyber Threat Predictions of 2021

Media -- ELE Times - The Year 2020 brought a historic pandemic and bad actors leveraging COVID-19-themed threats to test our security operations and our unprecedented shift to remote work life. As we enter 2021, these concerns are still at the forefront, but we...

January 15, 2021 06:59 PM

January 14, 2021

17 types of Trojans and how to defend against them

Infosec -- CSO Online - Computer Trojans received their name from the infamous mythological horse. The Trojan's basic mission is to mislead people of its real goal. A Trojan is malicious software that usually needs to be launched by the user or another malicious...

January 14, 2021 07:22 PM

CISA warns of recent successful cyberattacks against cloud service accounts

Infosec -- Security Affairs - The US CISA revealed that several recent successful cyberattacks against various organizations' cloud services.

The Cybersecurity and Infrastructure Security Agency (CISA) announced that several recent successful cyberattacks hit...

January 14, 2021 07:21 PM

What is Decentralized Identity?

Infosec -- Okta Blog - What is Decentralized Identity?

Decentralized identity, often used interchangeably with "self-sovereign identity" (SSI), is gaining ground as an alternative to today's centralized...

January 14, 2021 07:20 PM

SolarWinds Attackers May Have Hit Mimecast, Driving New Concerns

Infosec -- Dark Reading - Mimecast no longer uses the SolarWinds Orion network management software that served as an attack vector for thousands of organizations.

January 14, 2021 07:20 PM

FBI aims for stronger cyber strategy as US grapples with SolarWinds fallout

Infosec -- CyberScoop - While dealing with a massive cyber-espionage campaign against the U.S. government, the FBI is trying to quietly implement a new strategy aimed at better tracking foreign hackers.

FBI officials last spring gave the head of the National...

January 14, 2021 07:19 PM