Woodstock Wire: Enterprise Security News

July 23, 2021

Unbound Security partners with HashiCorp for integrated encryption key management

PR Newswire -- Unbound Security, leader in cryptographic key management and protection solutions, today announced its partnership with HashiCorp(r), the leader in multi-cloud infrastructure automation software, to deliver a fully integrated encryption key management...

July 23, 2021 05:28 PM

WISeKey's Zero Trust Solution Helps WISeID.com Users Prevent Pegasus Malware that Infects iPhones and Androids Devices

Globe Newswire -- Technology - WISeKey's Zero Trust Solution Helps WISeID.com Users Prevent Pegasus Malware that Infects iPhones and Androids Devices

July 23, 2021 04:19 PM

Sophos Acquires Braintrace to Boost Adaptive Cybersecurity Ecosystem with Braintrace's Network Detection and Response (NDR) Technology

Globe Newswire -- Technology - Provides Visibility into Suspicious Network Traffic Patterns, Adding Novel Threat Intelligence to Sophos' Fast-Growing Managed Threat Response (MTR) and Rapid Response Services, Extended Detection and Response (XDR) Technology and Data Lake

July 23, 2021 04:18 PM

Cloudflare Hits Milestone in FedRAMP Approval to Offer Zero Trust Cybersecurity to Government Agencies

Business Wire -- Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today announced that it is now listed in the FedRAMP marketplace, the federal government's rigorous cloud security assessment program....

July 23, 2021 03:52 PM

Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection

Business Wire -- Bugcrowd, the crowdsourced cybersecurity platform, today announced the United States Patent & Trademark Office has granted the company two patents for its proprietary systems and methods for identifying vulnerabilities in IT assets utilizing a crowdsourcing...

July 23, 2021 02:21 AM

Ping Identity Added to the Department of Homeland Security Continuous Diagnostics and Mitigation Approved Products List

Business Wire -- Ping Identity (NYSE: PING), the intelligent identity solution for the enterprise, announced two of its Identity and Access Management (IAM) solutions have been added to the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM)...

July 23, 2021 02:21 AM

July 20, 2021

Breaking Down the Threat of Going All-In With Microsoft Security

Infosec -- Dark Reading - Limit risk by dividing responsibility for infrastructure, tools, and security.

July 20, 2021 03:31 AM

Chinese government issues new vulnerability disclosure regulations

Infosec -- Security Affairs - Cyberspace Administration of China (CAC) issued new vulnerability disclosure regulations that oblige experts to report zero-days to the government.



The Cyberspace Administration of China (CAC) has issued a new exacerbated vulnerability...

July 20, 2021 03:30 AM

Enterprises see increasing security problems amid pandemic

Media -- DIGITIMES - With work- and study-at-home becoming new normal for people amid the COVID-19 pandemic, enterprises worldwide are now facing increasing threat of data breach and ransomware.

July 20, 2021 03:16 AM

July 18, 2021

Web Application Firewalls Aren't Protecting Cloud-Native Apps

Enterprise -- DevOps.com - Your web application firewall (WAF) is humming at the edges of your network, faithfully blocking malicious attacks before they can do any harm. Better yet, it's a next-generation WAF (NG-WAF). It consists of signatures, rules, and a sprinkle...

July 18, 2021 07:23 PM

Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers

Infosec -- Threatpost - HelloKitty joins the growing list of ransomware bigwigs going after the juicy target of VMware ESXi, where one hit gets scads of VMs.

July 18, 2021 05:02 AM

State Dept. to Pay Up to $10M for Information on Foreign Cyberattacks

Infosec -- Dark Reading - The Rewards for Justice program, a counterterrorism tool, is now aimed at collecting information on nation-states that use hackers to disrupt critical infrastructure.

July 18, 2021 05:00 AM

The Four Building Blocks for Any Security Team

Infosec -- Recorded Future - The COVID-19 pandemic has increased the threat surface as many organizations shifted to remote work and introduced new access points that could potentially be used by threat actors. For security teams-already faced with increasing challenges,...

July 18, 2021 04:59 AM

Zero Trust: Not As Scary As It Sounds

Infosec -- The Akamai Blog - If the term Zero Trust has been popping up in your news feed with astonishing frequency lately, you may be tempted to think that Zero Trust must be a brand-new technology cooked up in a research lab at MIT and powered by the latest artificial...

July 18, 2021 04:55 AM

Automatic Remediation of Kubernetes Nodes

Infosec -- Cloudflare - We use Kubernetes to run many of the diverse services that help us control Cloudflare's edge. We have five geographically diverse clusters, with hundreds of nodes in our largest cluster. These clusters are self-managed on bare-metal machines...

July 18, 2021 04:55 AM

Trickbot improve its VNC module in recent attacks

Infosec -- Security Affairs - Trickbot botnet is back, its authors implemented updates for the VNC module used for remote control of infected systems.



The Trickbot botnet continues to evolve despite the operations conducted by law enforcement aimed at dismantling...

July 18, 2021 04:48 AM

The hybrid workplace: What does it mean for cybersecurity?

Infosec -- WeLiveSecurity - How can organizations mitigate the risk of damaging cyberattacks while juggling the constantly changing mix of office and off-site workers?

July 18, 2021 04:43 AM

OneLogin Eases Adoption of Zero Trust Framework with Delegated Administration

Globe Newswire -- Technology - Launch of New Offering Comes on the Heels of the White House Cybersecurity Executive Order Launch of New Offering Comes on the Heels of the White House Cybersecurity Executive Order

July 18, 2021 04:26 AM

Microsoft attributes new SolarWinds attack to a Chinese hacker group

Tech -- The Verge - Microsoft's Threat Intelligence Center (MSTIC) reported on Tuesday that SolarWinds software was attacked with a zero-day exploit by a group of hackers it calls "DEV-0322." The hackers were...

July 18, 2021 02:53 AM

July 16, 2021

Cybersecurity Executive Rick Driggers Joins Accenture Federal Services

Business Wire -- Accenture Federal Services, (AFS), a subsidiary of Accenture, has hired cybersecurity expert and former CISA executive, Rick Driggers.

July 16, 2021 02:50 AM

July 14, 2021

CSC and SecurityScorecard Partner to Mitigate Domain Security Risks

Business Wire -- CSC and SecurityScorecard will provide domain security insights for evaluating enterprise cyber risk to SecurityScorecard users.

July 14, 2021 05:42 PM

Code-X Introduces First Commercially Available Lattice-Based Data Protection Platform Validated by the United States Department of Defense

Business Wire -- Code-X today emerged from stealth to launch the first-ever commercially available lattice-based data protection platform validated by the United States Department of Defense (U.S. DOD) and intelligence community. The Code-X platform was recently tested...

July 14, 2021 03:32 PM

AttackIQ Announces $44 Million in Series C Funding to Fuel Global Growth and Vision of Security Optimization

Business Wire -- AttackIQ(r), the leading independent vendor of Breach and Attack Simulation (BAS) systems, today announced a $44 million Series C funding round led by Atlantic Bridge. Saudi Aramco Energy Ventures (SAEV) and Gaingels also joined existing investors Index...

July 14, 2021 03:30 PM

July 13, 2021

DigiCert Announces Availability of New Verified Mark Certificates: Companies Can Add Their Logo in Email Inboxes to Improve Brand Recognition and Email Engagement

PR Newswire -- DigiCert, Inc., the world's leading provider of TLS/SSL and PKI solutions, today announced that it is now issuing Verified Mark Certificates, compliant with the BIMI standard and available for purchase at scale via DigiCert CertCentral(r), DigiCert...

July 13, 2021 11:50 PM

How to choose the best SIEM software

Infosec -- CSO Online - To protect your enterprise against security threats, you need maximum visibility. That's the fundamental notion behind SIEM (security information and event management) software, which is essential to the security defenses of most large and...

July 13, 2021 11:41 PM

Brand Impersonation Emails. Our guide to stay safe.

Infosec -- FraudWatch Intl - Brand impersonation is one popular catalyst of online fraud nowadays, and no other form of cybercrime has become as troublesome to deal with as this one. Impersonation involves hackers or phishers posing as well-known brands. Their intent...

July 13, 2021 11:40 PM

7 Types Of Phishing Attacks. How To Protect Your Business

Infosec -- FraudWatch Intl - Phishing is a deceptively simple cyberattack. At its core, it is a form of fraud: A message, most commonly an email, is disseminated to target or targets with the intent to have them perform a specific action, such as clicking a link,...

July 13, 2021 11:40 PM

SolarWinds says hackers used a zero-day flaw for 'targeted attacks' in a new breach

Infosec -- CyberScoop - The federal contractor at the heart of a cyber-espionage campaign that caused months of consternation throughout the U.S. government says hackers have struck again.



SolarWinds says an attacker leveraged a software vulnerability in a company...

July 13, 2021 11:32 PM

ACSC: Australian organizations compromised through ForgeRock vulnerability

Infosec -- Record by Recorded Future - Australia's main cyber-security agency said on Friday that it identified a number of Australian organizations that have been compromised through the exploitation of a vulnerability in ForgeRock OpenAM, an open-source application...

July 13, 2021 11:26 PM

Microsoft discovers SolarWinds zero-day exploited in the wild

Infosec -- Record by Recorded Future - US software company SolarWinds has released security updates on Saturday to patch a vulnerability in its Serv-U file transferring technology that is being actively exploited in the wild.

July 13, 2021 11:25 PM

Joining Microsoft is the Next Stage of the RiskIQ Journey

Infosec -- RiskIQ - Today Microsoft announced its intent to acquire RiskIQ, representing the next stage of our journey that's been more than a decade in the making. We couldn't be more excited to join forces to enable the global community to defend against the rising...

July 13, 2021 11:22 PM

Microsoft confirms it's buying cybersecurity startup RiskIQ

Tech -- TechCrunch - Microsoft has confirmed it's buying RiskIQ, a San Francisco-based cybersecurity company that provides threat intelligence and cloud-based software as a service for organizations.

Terms of the deal, which will see RiskIQ's threat intelligence...

July 13, 2021 03:56 PM

Accenture Named a Leader Among European Cybersecurity Consulting Providers, According to Independent Research Firm

Business Wire -- Accenture was named a Leader in the latest Forrester Research report on European cybersecurity consulting providers.

July 13, 2021 03:41 PM

McAfee Partners With Visa to Offer Holistic Security Solutions for Visa Business Cardholders

Business Wire -- McAfee Corp. (Nasdaq: MCFE) - McAfee today announced a new partnership with Visa that enables Visa financial institution partners in North America and EMEA to offer award-winning internet security to Visa Business cardholders. Visa Business cardholders...

July 13, 2021 03:40 PM

ThreatQuotient Advances Industry Threat Intelligence Sharing With Stronger Data Curation Capabilities

Business Wire -- ThreatQuotient releases ThreatQ Data Exchange simplifying bidirectional sharing of intelligence data within the ThreatQ platform.

July 13, 2021 02:42 AM

FireEye Appoints Erin Joe as SVP of Strategy and Alliances

Business Wire -- Erin Joe will be responsible for Mandiant strategy development and implementation, as well as key alliances in both the government and private sector.

July 13, 2021 01:45 AM

July 12, 2021

Multi-finger, Palm, Vein: Isorg Takes Biometrics to the Next Level

Aspencore -- EETimes Europe - As the world transitions to a digital economy, biometrics authentication represents a prerequisite for higher levels of security and data privacy. France-based Isorg announced it has closed a third round of financing to support the deployment...

July 12, 2021 04:22 PM

Magecart hackers hide stolen credit card data into images and bogus CSS files

Infosec -- Security Affairs - Magecart hackers continuously improve their exfiltration techniques to evade detection, they are hiding stolen credit card data into images.



Magecart hackers have devised a new technique to obfuscating the malware within comment...

July 12, 2021 03:58 PM

Microsoft reportedly to acquire cybersecurity startup RiskIQ for more than $500M

Tech -- GeekWire - Bloomberg reported Sunday that Microsoft will acquire RiskIQ for more than $500 million in cash. Founded in 2009, RiskIQ sells "attack surface management" software and helps companies protect their web, social, and mobile exposures. The startup,...

July 12, 2021 03:52 PM

How to send an anonymous email

Infosec -- Malwarebytes Unpacked - Sometimes readers ask us how to send an anonymous email or how criminals and scammers manage to send anonymous emails. Since this is not an easy question to answer, because, for starters, there are several ways to interpret the...

July 12, 2021 03:51 AM

Microsoft awarded $13.6 million to security researchers in the past 12 months

Infosec -- Record by Recorded Future - Microsoft said it awarded more than $13.6 million as monetary rewards to security researchers through its public bug bounty programs over the past 12 months.

July 12, 2021 03:49 AM

Sophos Acquires Capsule8 for Linux Server & Container Security

Infosec -- Dark Reading - The deal was announced the same day ZeroFox bought Dark Web intelligence firm Vigilante as a wave of security M&A continues.

July 12, 2021 03:43 AM

Vulnerability Scanning vs. Penetration Testing

Infosec -- TripWire - The State of Security - It amazes me how many people confuse the importance of vulnerability scanning with penetration testing. Vulnerability scanning cannot replace the importance of penetration testing, and penetration testing, on its own,...

July 12, 2021 03:42 AM

Software company Exact ramps up scanning services with latest buy

Enterprise -- Channel Partner Insight - The acquisition bolsters Exact's portfolio which is in line with its core strategy



Software solutions specialist Exact has acquired Netherlands-based go2UBL in a bid to further support the digital transformation...

July 12, 2021 03:35 AM

Thoma Bravo Preps Next Technology Investment Funds

Enterprise -- ChannelE2E - Next Thoma Bravo private equity funds may emerge in late 2021. Existing technology & software investments include Barracuda, ConnectWise, N-able, Proofpoint & Sophos.

July 12, 2021 03:25 AM

Morgan Stanley discloses data breach following attack on third-party vendor

Enterprise -- SiliconANGLE - Morgan Stanley has disclosed that some of its corporate customers had their data stolen following a data breach at a third-party vendor. The data breach involved Guidehouse Inc., a company that provides account maintenance services to...

July 12, 2021 03:23 AM

Boosting IT Security with AI-driven SIEM

Enterprise -- IT Business Edge - Employing SIEM (security information and event management) software provides the enterprise with threat monitoring, event correlation, incident response, and reporting. SIEM collects, centralizes, and analyzes log data through enterprise...

July 12, 2021 03:20 AM

Red Hat Report: IT Sensitive to Kubernetes Security Issues

Enterprise -- Data Center Knowledge - Nearly all survey respondents in a recent State of Kubernetes Security report cited at least one incident stemming from Kubernetes security issues.

July 12, 2021 03:20 AM

Privileged Identity Management with Azure Lighthouse enables Zero Trust

Enterprise -- Microsoft Azure - Recent incidents from ransomware to supply chain compromises have shown both the interconnectedness of our digital world and the critical need to secure these digital assets from attackers, criminals, and other hostile third parties....

July 12, 2021 03:17 AM