Woodstock Wire: Enterprise Security News

June 25, 2019

Amazon Web Services rolls out Control Tower and Security Hub, courting big business customers

Tech -- GeekWire - Amazon Web Services CEO Andy Jassy introduces AWS Security Hub in November. It's now generally available after a preview period, along...

June 25, 2019 09:03 PM

Twistlock Releases Twistlock 19.07 with an enhanced enterprise manageability and configurability while continuing to leverage automation and learning

Globe Newswire -- Twistlock, the leading provider of container and cloud-native security solutions, today announced the availability of Twistlock 19.07. This release...

June 25, 2019 07:13 PM

Threat Stack Announces Microsoft Windows Server Support

Business Wire -- Threat Stack, the leader in cloud security and compliance for infrastructure and applications, today announced it has expanded its host-level...

June 25, 2019 05:13 PM

It's Here - The 2019 Forrester Global Map Of Privacy Rights And Regulations

Think -- Forrester Blogs - Security and risk leaders consistently rank compliance with global privacy regulations as one of their top three challenges....

June 25, 2019 04:48 PM

Raspberry Pi Used in JPL Breach

Infosec -- Dark Reading - NASA report shows exfiltration totaling more than 100 GB of information since 2009.

June 25, 2019 04:19 PM

Getting Started with Local Security Groups

Infosec -- SecurityInnovation.com - For several months we have been profiling experienced security practitioners as well as those still getting...

June 25, 2019 04:18 PM

Free proxy service runs on top of Linux Ngioweb Botnet

Infosec -- Security Affairs - Researchers from Netlab, discovered a website offering free and commercial proxy servers leveraging a huge botnet (Ngioweb)...

June 25, 2019 04:18 PM

4 security concerns for low-code and no-code development

Infosec -- CSO Online - Low-code and no-code development promises to speed up the deployment of new applications and to allow non-technical users to create...

June 25, 2019 04:17 PM

A Google Cloud Platform Primer with Security Fundamentals

Infosec -- TripWire - The State of Security - We've previously discussed best practices for securing Microsoft Azure and Amazon Web Services, but this time...

June 25, 2019 04:17 PM

EU-US Privacy Shield legal showdown now set for July 9

Tech -- TechCrunch - A legal challenge to a data transfer mechanism that's used by thousands of companies to authorize taking European citizens' personal...

June 25, 2019 03:20 PM

Rapid7 Helps Security and DevOps Teams Identify Misconfigurations to Further Secure Cloud Environments

Globe Newswire -- Technology - On the heels of earning Amazon Web Services Security Competency status, Rapid7 advances cloud security productivity with Cloud Configuration...

June 25, 2019 03:17 PM

Chrome 'Has Become Surveillance Software. It's Time to Switch'

Slashdot -- "You open your browser to look at the Web. Do you know who is looking back at you?" warns Washington Post technology columnist Geoffrey A. Fowler:



Over...

June 25, 2019 02:45 PM

Five reasons "hacking back" is a recipe for cybersecurity chaos

Think -- MIT Technology Review - A new US bill would make it legal for private companies to chase hackers across the internet. It's a terrible idea that...

June 25, 2019 04:17 AM

Bird Miner, a macOS miner that runs by emulating Linux

Infosec -- Security Affairs - Security experts at Malwarebytes have discovered a new macOS crypto miner, tracked as Bird Miner, that works by emulating...

June 25, 2019 01:37 AM

OpenSSH to protect keys in memory against side-channel attacks

Infosec -- CSO Online - The OpenSSH project has received a patch that prevents private keys from being stolen through hardware vulnerabilities that allow...

June 25, 2019 01:36 AM

Credit Union Giant Desjardins suffered a massive data breach

Infosec -- Security Affairs - Desjardins credit union announced a data breach that exposed personal banking information of 2.9 million customers.

June 25, 2019 01:36 AM

Today's Top Public Cloud Security Threats ...And How to Thwart Them

Infosec -- Infosec Island - Many enterprises today have inadvertently exposed proprietary information by failing to properly secure data stored in public...

June 25, 2019 01:35 AM

How Intelligent Context Mitigates the Challenge of Alert Triage

Infosec -- Recorded Future - This is the second blog in a three-part series examining the impact of threat intelligence on security operations. In our first...

June 25, 2019 01:35 AM

Patrolling the New Cybersecurity Perimeter

Infosec -- Dark Reading - Remote work and other developments demand a shift to managing people rather than devices.

June 25, 2019 01:35 AM

Apply Military Strategy to Cybersecurity at Black Hat Trainings Virginia

Infosec -- Dark Reading - This special October event in Alexandria, Virginia offers unique, practical courses in everything from data breach response to...

June 25, 2019 01:34 AM

June 24, 2019

Firefox 67.0.4 Released - Mozilla Patches Second 0-Day Flaw This Week

Infosec -- The Hacker News - Okay, folks, it's time to update your Firefox web browser once again-yes, for the second time this week.



After patching a...

June 24, 2019 08:20 PM

Microsoft fixed CVE-2019-1105 flaw in Outlook for Android

Infosec -- Security Affairs - Microsoft has addressed an important vulnerability (CVE-2019-1105) in Outlook for Android, potentially affected over 100 million...

June 24, 2019 08:20 PM

Another vulnerability found in Dell's security bloatware, users must update ASAP

Tech -- Digital Trends - A serious security vulnerability in Dell's SupportAssist software has been disclosed by cybersecurity firm SafeBreach. Dell...

June 24, 2019 05:14 PM

NASA hacked: 500 MB of mission data stolen through a Raspberry Pi computer

Tech -- Digital Trends - NASA's Jet Propulsion Laboratory was hacked last year by an attacker who used a Raspberry Pi computer. The hacker took advantage...

June 24, 2019 05:06 PM

Tripwire's Vulnerability Management Solution Awarded 5-Star Review from SC Media

Business Wire -- Vulnerability management solution Tripwire IP360 awarded top rating in SC Media review

June 24, 2019 01:26 AM

Zscaler Appoints James Cater as Vice President and General Manager of EMEA

Business Wire -- Zscaler announces James Cater as Vice President and General Manager of EMEA.

June 24, 2019 01:26 AM

June 23, 2019

Important Flaw in Outlook App for Android Affects Over 100 Millions Users

Infosec -- The Hacker News - Microsoft today released an updated version of its "Outlook for Android" that patches an important security vulnerability in...

June 23, 2019 11:43 PM

The Physical Security Intelligence Cycle

Infosec -- Flashpoint - By Ian W. Gray - At first, the differences between cyber and physical security can seem stark. One is largely characterized by...

June 23, 2019 11:42 PM

More Than Half of Phishing Sites Now Use HTTPS

Infosec -- The PhishLabs Blog - As Google Chrome and other web browsers further embrace HTTPS in a visual way, it's becoming a requirement that threat actors...

June 23, 2019 11:41 PM

Dell quietly patched a security vulnerability that affected millions of users

Infosec -- CyberScoop - Computing giant Dell released a security advisory Thursday encouraging customers to patch a software vulnerability the company says...

June 23, 2019 11:40 PM

Out of the Blue: How Recorded Future Identified Rogue Cobalt Strike Servers

Infosec -- Recorded Future - What Is Cobalt Strike?

It all began with cybersecurity professionals realizing that sometimes the best defense is a good offense....

June 23, 2019 11:37 PM

A new website explains data breach risk

Infosec -- CSO Online - Data breaches are so common that even a theft of a billion records of seriously confidential information barely makes the news....

June 23, 2019 11:36 PM

What is a Trojan horse? How this tricky malware works

Infosec -- CSO Online - Trojan horse definition

A Trojan or Trojan horse is a variety of malware that disguises itself as something you want in order to...

June 23, 2019 11:36 PM

Azure Security Expert Series: Learn best practices and Customer Lockbox general availability

Enterprise -- Microsoft Azure - With more computing environments moving to the cloud, the need for stronger cloud security has never been greater. But what...

June 23, 2019 11:32 PM

How to host and manage an entire private certificate infrastructure in AWS

Enterprise -- Amazon AWS Blog - AWS Certificate Manager (ACM) Private Certificate Authority (CA) now offers the option for managing online root CAs and a full...

June 23, 2019 11:31 PM

Google Releases Open Source Cryptographic Tool

Media -- PYMNTS.com - Google has released an open source cryptographic tool called Private Join and Compute that allows for different datasets to calculate...

June 23, 2019 10:06 PM

With GDPR's 'Right of Access,' Who Really Has Access?

Infosec -- Dark Reading - How a security researcher learned organizations willingly hand over sensitive data with little to no identity verification.

June 23, 2019 09:06 PM

Kali Linux Roadmap (2019/2020)

Infosec -- Kali Linux - Now that our 2019.2 release is out, we thought we would take this opportunity to cover some of the changes and new features we have...

June 23, 2019 08:53 PM

US gov't warns against phishing emails posing as DHS cybersecurity alerts

Infosec -- The Daily Swig - Crooks trick recipients with fake security awareness campaign

June 23, 2019 08:52 PM

Another Remote Code Execution flaw in WebLogic exploited in the wild

Infosec -- Security Affairs - Oracle released emergency patches for another critical remote code execution vulnerability affecting WebLogic Server.

June 23, 2019 08:47 PM

Firefox Releases Critical Patch Update to Stop Ongoing Zero-Day Attacks

Infosec -- The Hacker News - If you use the Firefox web browser, you need to update it right now.



Mozilla earlier today released Firefox 67.0.3 and Firefox...

June 23, 2019 08:45 PM

The 7 Habits of Highly Effective Vulnerability Management

Infosec -- TripWire - The State of Security - On the surface, vulnerability management (VM) is nearly ubiquitous. If you ask someone whether their organization...

June 23, 2019 08:44 PM

Using Oracle WebLogic? Put down your coffee, drop out of Discord, grab this patch right now: Vuln under attack

Enterprise -- The Register - Emergency security fix emitted for remote code exec hole exploited in the wild

Oracle has issued an emergency critical update...

June 23, 2019 08:25 PM

Fortinet expands SaaS cloud offerings, launches branch offering to secure the WAN

Enterprise -- Computer Dealer News - Fortinet made some moves recently.

June 23, 2019 08:17 PM

Oracle patches another actively-exploited WebLogic zero-day

Enterprise -- ZDNet News - New wave of attacks against Oracle WebLogic servers using a brand new zero-day detected over the weekend.

June 23, 2019 07:48 PM

Cybersecurity: Three hacking trends you need to know about to help protect yourself

Enterprise -- ZDNet News - Cyberattacks are changing again. Here's what to watch out for.

June 23, 2019 07:48 PM

TextIQ, a machine learning platform for parsing sensitive corporate data, raises $12.6M

Tech -- TechCrunch - TextIQ, a machine learning system that parses and understands sensitive corporate data, has raised $12.6 million in Series A funding...

June 23, 2019 07:18 PM

Check Point Research Launches CPR-Zero

Globe Newswire -- Technology - Check Point Software Technologies is now largest cyber security company to publicly share comprehensive list of all vulnerability...

June 23, 2019 05:56 AM

New McAfee Report Finds Eighty-Seven Percent of Companies Experience Business Acceleration from Use of Cloud Services

Business Wire -- McAfee, the device-to-cloud cybersecurity company, today released a special edition of its Cloud and Risk Adoption Report, focused on the business...

June 23, 2019 05:25 AM