Woodstock Wire: Enterprise Security News

October 18, 2019

Want to Secure Your APIs? You'll Need OAuth 2.0 for That

Infosec -- Okta Blog - We're experiencing the rise of the API economy. Whether it's for a backend system, partner-facing website, or a mobile application...

October 18, 2019 07:23 PM

For Cybersecurity, It's That Time of the Year Again

Infosec -- Infosec Island - Autumn is the "hacking season," when hackers work to exploit newly-disclosed vulnerabilities before customers can install...

October 18, 2019 07:20 PM

When and how to write a GDPR DPIA

Infosec -- CSO Online - The EU's General Data Protection Regulation (GDPR) legislation isn't meant to be a mere compliance checklist. Unlike some other...

October 18, 2019 07:20 PM

Why all organizations must better protect sensitive data

Infosec -- Malwarebytes Unpacked - About two weeks ago, National Cybersecurity Awareness Month (NCSAM) kicked off with a new message stressing personal...

October 18, 2019 07:19 PM

Dangerous Kubernetes Bugs Allow Authentication Bypass, DoS

Infosec -- Threatpost - The flaws in the container technology, CVE-2019-16276 and CVE-2019-11253, are simple to exploit.

October 18, 2019 07:18 PM

Massachusetts Senator Introduces Legislation Imposing Obligations on Data Brokers

Infosec -- Office of Inadequate Security - Odia Kagan of Fox Rothschild writes: Sen. Ed Markey, D-Mass., has introduced a bill (S. 2577) imposing considerable...

October 18, 2019 07:13 PM

A Comprehensive Guide On How to Protect Your Websites From Hackers

Infosec -- The Hacker News - Humankind had come a long way from the time when the Internet became mainstream. What started as a research project ARPANET...

October 18, 2019 07:04 PM

Docker Containers Riddled with Graboid Crypto-Worm

Infosec -- Threatpost - A worm with a randomized propagation method is spreading via the popular container technology.

October 18, 2019 07:01 PM

Top Linux antivirus software

Infosec -- CSO Online - The last several years have seen a startling increase in malware that targets Linux. Some estimates suggest that Linux malware account...

October 18, 2019 06:59 PM

How SSO Helps Organizations Migrate to the Cloud-Without Sacrificing Security

Infosec -- Okta Blog - Have you ever tried to sign into an application just before an important meeting, only to use an incorrect password, get locked out...

October 18, 2019 06:59 PM

5 Steps to Protect Against Ransomware Attacks

Infosec -- Dark Reading - Paying a ransom is strongly discouraged by experts. So, how do you protect your organization?

October 18, 2019 06:58 PM

Adobe Releases Out-of-Band Security Patches for 82 Flaws in Various Products

Infosec -- The Hacker News - No, it's not a patch Tuesday.



It's the third Tuesday of the month, and as The Hacker News shared an early heads-up late last...

October 18, 2019 06:58 PM

Ping Identity Expands into Northern Europe with New Office as Market for Identity Security Grows

Business Wire -- Ping Identity (NYSE: PING), a pioneer in Intelligent Identity, today announced an expansion of its Northern European operation with the opening...

October 18, 2019 05:23 PM

October 16, 2019

Elastic adds endpoint security to its expanding toolset

Tech -- TechCrunch - Elastic acquired Endgame Security in June for $234 million, and as a result of that deal, today the company announced Elastic Endpoint...

October 16, 2019 03:59 PM

October 15, 2019

Elastic Introduces Elastic Endpoint Security

Business Wire -- Elastic N.V. (NYSE: ESTC), the company behind Elasticsearch and the Elastic Stack, today announced the introduction of Elastic Endpoint Security,...

October 15, 2019 06:18 PM

Clean IT Up: Cyber Hygiene Controls Tips

Infosec -- TripWire - The State of Security - October is national cybersecurity awareness month, and with the recent hacks at Door Dash, the discovery of...

October 15, 2019 05:30 PM

Firefox Blocks Inline and Eval JavaScript on Internal Pages to Prevent Injection Attacks

Infosec -- The Hacker News - In an effort to mitigate a large class of potential cross-site scripting issues in Firefox, Mozilla has blocked execution of...

October 15, 2019 05:29 PM

Private Cloud vs Public Cloud Security Challenges

Infosec -- TripWire - The State of Security - As a system administrator during the early days of the "cloud revolution" I found the "cloud" metaphor an...

October 15, 2019 04:04 PM

Tamper Protection Arrives for Microsoft Defender ATP

Infosec -- Dark Reading - The feature, designed to block unauthorized changes to security features, is now generally available.

October 15, 2019 04:04 PM

Sudo Flaw Lets Linux Users Run Commands As Root Even When They're Restricted

Infosec -- The Hacker News - Attention Linux Users!



A vulnerability has been discovered in Sudo-one of the most important, powerful, and commonly used...

October 15, 2019 04:03 PM

Europol: Ransomware remains top threat in IOCTA report

Infosec -- Malwarebytes Unpacked - The European Union Agency for Law Enforcement Cooperation, or Europol, just released its annual Internet Organized Crime...

October 15, 2019 04:03 PM

Firefox vulnerable to trivial CSP bypass

Infosec -- The Daily Swig - Exploit allows potentially malicious content to bypass browser's defenses

October 15, 2019 04:02 PM

Cybersecurity becoming bigger IT recruitment factor

Infosec -- Barracuda - At a time when most businesses are finding it difficult to hire and retain IT professionals, business leaders may want to consider...

October 15, 2019 04:02 PM

Millions of computers at risk as Windows 7 nears end of life

Infosec -- The Daily Swig - Users and sysadmins have just three months to upgrade

October 15, 2019 04:02 PM

More than 30 Security Vulnerabilities Surfaced and $33,750 awarded to Hackers in Eighth Department of Defense Bug Bounty Program with HackerOne

Business Wire -- Through partnership with the Defense Digital Service, the U.S. Department of Defense (DoD) and HackerOne today announced the results of the Department's...

October 15, 2019 03:46 PM

SAIC Presents 10 Veterans With CyberWarrior Scholarships to Enhance Their Cybersecurity Careers

Business Wire -- Science Applications International Corp. (NYSE: SAIC) has selected 10 veteran recipients for its CyberWarrior(tm) Scholarship. In collaboration...

October 15, 2019 03:45 PM

Malware Attack Knocks Pitney Bowes' Systems Offline

Media -- PYMNTS.com - Shipping and technology behemoth Pitney Bowes is the latest in a string of high-profile companies to be hit in a cyberattack.

TechCrunch...

October 15, 2019 03:10 PM

October 14, 2019

4 no-brainer online security measures we need to start practicing now

Think -- Big Think - NoneThe sheer number of massive data breaches and known security vulnerabilities online today should be enough to scare us into better...

October 14, 2019 04:22 PM

Equifax data breach FAQ: What happened, who was affected, what was the impact?

Infosec -- CSO Online - In March 2017, personally identifying data of hundreds of millions of people was stolen from Equifax, one of the credit reporting...

October 14, 2019 04:00 PM

Imperva explains how hackers stole AWS API Key and accessed to customer data

Infosec -- Security Affairs - Imperva shared details on the incident it has recently suffered and how hackers obtain data on Cloud Web Application Firewall...

October 14, 2019 03:59 PM

Climbing the Vulnerability Management Mountain: Reaching Maturity Level 1

Infosec -- TripWire - The State of Security - The time at ML:0 can be eye-opening form many organizations. There are generally a lot of assets discovered...

October 14, 2019 03:38 PM

Chinese communist party's app is reportedly spying on its 100M users

Media -- The Next Web - A report from the German cybersecurity firm Cure53 suggests the Chinese communist party's app, Study the Great Nation, has 'superuser'...

October 14, 2019 03:27 PM

FIN7 Hackers group is back with a new loader and a new RAT

Infosec -- Security Affairs - FireEye Mandiant discovered that the FIN7 hacking group added new tools to its cyber arsenal, including a module to target...

October 14, 2019 02:13 AM

SIM cards used in 29 countries are vulnerable to Simjacker attack

Infosec -- Security Affairs - Security researchers at Adaptive Mobile who discovered the SimJacker issue have published the list of countries where mobile...

October 14, 2019 02:12 AM

7 SMB Security Tips That Will Keep Your Company Safe

Infosec -- Dark Reading - With National Cybersecurity Awareness Month as a backdrop, industry leaders weigh in on how SMBs can more effectively protect...

October 14, 2019 02:11 AM

Imperva: Data Breach Caused by Cloud Misconfiguration

Infosec -- Threatpost - Hackers were able to steal an AWS administrative API key housed in a compute instance left exposed to the public internet.

October 14, 2019 02:11 AM

Build Your Cybersecurity Toolkit at Black Hat Europe in December

Infosec -- Dark Reading - Now's the time to start planning what to see and do at Black Hat Europe, which is jam-packed with relevant Briefings and Arsenal...

October 14, 2019 02:10 AM

Creative Wi-Fi Passwords

Infosec -- Dark Reading - Let's see a hacker figure out one of these.

October 14, 2019 02:09 AM

Why are cyber insurers incentivizing clients to invest in specific vendors?

Infosec -- CyberScoop - The cyber insurance industry is taking baby steps away from a long and messy infancy. For the hundreds of companies that offer policies,...

October 14, 2019 02:09 AM

Top cybersecurity certifications to consider for your IT career

Infosec -- Security Affairs - With the right cybersecurity certifications, you can attain your goals seamlessly and in a fast way and speed up your career.

October 14, 2019 02:08 AM

Imperva releases post-mortem over August data breach

Infosec -- The Daily Swig - 'Now, more than ever, we commit to our vision, where data and applications are kept safe'

October 14, 2019 02:07 AM

UNIX Co-Founder Ken Thompson's BSD Password Has Finally Been Cracked

Infosec -- The Hacker News - A 39-year-old login password of Ken Thompson, the co-creator of the UNIX operating system among, has finally been cracked that...

October 14, 2019 02:07 AM

Hacking Is Not a Crime! Additional Thoughts from DEFCON 2019

Infosec -- TripWire - The State of Security - In my previous post, I spoke about all of the different DEFCON villages where attendees can learn about and...

October 14, 2019 02:07 AM

Imperva Details Response to Customer Database Exposure

Infosec -- Dark Reading - The cloud security's CEO and CTO lay out the timeline of events and the steps customers should take to protect their accounts.

October 14, 2019 02:06 AM

Introducing Okta DynamicScale: Accelerating Digital Transformation for Global Businesses

Infosec -- Okta Blog - Today at Okta's inaugural Showcase event, we're proud to announce the launch of Okta DynamicScale, a high-capacity customer identity...

October 14, 2019 02:05 AM

Akamai Snaps Up ChameleonX to Tackle Magecart

Infosec -- Dark Reading - The Israel-based ChameleonX aims to protect websites from cyberattacks targeting payment data.

October 14, 2019 02:04 AM

Works of Art: Cybersecurity Inspires 6 Winning Ideas

Infosec -- Dark Reading - The Center for Long Term Cybersecurity recently awarded grants to six artists in a contest to come up with ideas for works with...

October 14, 2019 02:04 AM

New Reductor Nation-State Malware Compromises TLS

Infosec -- Schneier on Security - Kaspersky has a detailed blog post about a new piece of sophisticated malware that it's calling Reductor. The malware...

October 14, 2019 02:03 AM

Cyber insurance: here to stay, whether we like it or not

Infosec -- Malwarebytes Unpacked - Cyber insurance has been a big talking point in infosec circles for many months now. We've mentioned it in passing ourselves...

October 14, 2019 02:03 AM

Identity & Access Management: The Cornerstone of Enterprise Security

Infosec -- The Identity Quotient Blog - Privileged Access Management (PAM) is a sub-discipline within the identity governance framework. PAM can be implemented...

October 14, 2019 02:02 AM