Woodstock Wire: Enterprise Security News

August 17, 2018

Cybersecurity Threats on the Rise in 2018: BEC Attacks Increase 55% and CHA Up 37%

Globe Newswire -- Technology - Mid-Year Global Security Report Provides insights to Help IT Leaders Better Protect Against Attacks Mid-Year Global Security Report...

August 17, 2018 07:19 PM

Comodo CA Acquires Website Disaster Recovery Leader CodeGuard

Globe Newswire -- Technology - 1-click restore for website issues is vital to businesses; Comodo CA continues to expand its offerings to help businesses and their...

August 17, 2018 07:18 PM

August 16, 2018

Security gaps identified in Internet protocol 'IPsec'

Life -- EurekAlert - In collaboration with colleagues from Opole University in Poland, researchers at Horst Gortz Institute for IT Security (HGI) at...

August 16, 2018 08:18 PM

Customizing Wireshark - Changing Your Column Display

Enterprise -- Palo Alto Networks Blog - Wireshark is a free protocol analyzer that can record and display packet captures (pcaps) of network traffic. This...

August 16, 2018 04:42 PM

PhishPoint Phishing Attack - A new technique to Bypass Microsoft Office 365 Protections

Infosec -- Security Affairs - Security experts from the cloud security firm Avanan have discovered a new technique dubbed PhishPoint, that was used by hackers...

August 16, 2018 04:22 PM

Caller ID Spoofing - What It Is and What to Do About It

Infosec -- TripWire - The State of Security - What is Caller ID? Caller identification (Caller ID) is a service that allows the receiver of a phone call...

August 16, 2018 04:22 PM

Email Phishers Using New Way to Bypass Microsoft Office 365 Protections

Infosec -- The Hacker News - Phishing works no matter how hard a company tries to protect its customers or employees.

Security researchers have been warning...

August 16, 2018 04:21 PM

Threat Analyst Insights: How to Avoid Drowning in a Sea of Cybersecurity News

Infosec -- Recorded Future - Staying on top of the ever-evolving threat landscape can feel daunting for most security professionals. It seems as if there...

August 16, 2018 04:20 PM

Fileless attacks

Enterprise -- MSPmentor - Hackers are increasingly turning to fileless attacks because they are 10 times more likely to succeed than file-based attacks. These...

August 16, 2018 04:17 PM

Linux and L1TF

Enterprise -- Network World News - Announced just yesterday in security advisories from Intel, Microsoft and Red Hat, a newly discovered vulnerability affecting...

August 16, 2018 03:59 PM

Malicious software infects 500,000 devices

Enterprise -- IT Manager Daily - More than 500,000 routers have been affected by VPNFilter, malware that can steal sensitive data and manipulate everything...

August 16, 2018 03:40 PM

August 15, 2018

Imperva Completes the Acquisition of Prevoty

Business Wire -- Imperva completes acquisition of Prevoty a leader in RASP

August 15, 2018 07:26 PM

Zscaler Becomes the First Cloud Services Provider to Receive FedRAMP Authorization for a Dedicated Zero Trust Remote Access Platform

Business Wire -- Zscaler, Inc. (NASDAQ: ZS), the leader in cloud security, today announced that Zscaler Private Access-Government (ZPA(tm)-Government), its application...

August 15, 2018 07:23 PM

Why you should consider crowdsourcing IT security services

Infosec -- CSO Online - A crucial part of securing IT infrastructure, applications and services is asking independent white hat hackers to hack it. Hackers...

August 15, 2018 07:12 PM

The Inside Job: When Microsoft MFA Fails

Infosec -- Okta Blog - In today's threat landscape, cybersecurity vulnerabilities can originate from a variety of places. An exploitable gap in one vendor's...

August 15, 2018 07:10 PM

Microsoft Flaw Allows Full Multi-Factor Authentication Bypass

Infosec -- Threatpost - This is similar to taking a room key for a building and turning it into a skeleton key that works on every door in the building.

August 15, 2018 07:09 PM

Microsoft ADFS Vulnerability Lets Attackers Bypass MFA

Infosec -- Dark Reading - The flaw lets an attacker use the same second factor to bypass multifactor authentication for any account on the same ADFS service.

August 15, 2018 07:09 PM

So You Got a SaaS Security Awareness Training Platform, Now What?

Infosec -- The PhishLabs Blog - After months of talks, budget approvals, and getting stakeholder buy in, you finally have the security awareness tool of...

August 15, 2018 07:07 PM

Microsoft Patch Tuesday: 60 vulnerabilities resolved including two active exploits

Enterprise -- ZDNet News - A total of 19 vulnerabilities are deemed critical, including two zero-day flaws being actively used in the wild.

August 15, 2018 06:50 PM

Threat Brief: Cyber Attackers Using Your Home Router To Bring Down Websites

Enterprise -- Palo Alto Networks Blog - In recent research, Palo Alto Networks found attackers were targeting home routers to take control and use them for...

August 15, 2018 06:48 PM

10 Steps to Successfully Educate Your Clients' End Users about Cybersecurity

Enterprise -- The ChannelPro Network - In the last year, phishing was involved in 93% of successful security breaches. But we shouldn't point the finger at...

August 15, 2018 06:46 PM

PTC courts security researchers to find IoT vulnerabilities

Enterprise -- ZDNet News - PTC adopts a shared responsibility model to security as it aims to shore up its ThingWorx ecosystem and court researchers looking...

August 15, 2018 06:46 PM

Cybersecurity industry booming in Springs, but worker shortage remains

Enterprise -- Digital Colorado - A recent study from the Colorado Springs Chamber & EDC reveals that cybersecurity brings a nearly $1 billion annual benefit...

August 15, 2018 06:45 PM

Three more data-leaking security holes found in Intel chips as designers swap security for speed

Enterprise -- The Register - Apps, kernels, virtual machines, SGX, SMM at risk from attack

Intel will today disclose three more vulnerabilities in its processors...

August 15, 2018 06:44 PM

How Does GDPR Affect Email Retention and Archiving?

Enterprise -- The Data Center Journal - You probably received more than a few emails from companies notifying you of changes to their privacy policy in the...

August 15, 2018 06:43 PM

Machine Learning Is Becoming a Must in Data Center Network Security

Enterprise -- Data Center Knowledge - The volume of data traveling on networks and sophistication of attack tools are outpacing human experts' capabilities.

August 15, 2018 06:42 PM

Microsoft ADFS vulnerability allows hackers to bypass multifactor authentication

Enterprise -- SiliconANGLE - A newly discovered vulnerability in Microsoft Corp.'s Activity Directory Federation Services allows hackers to bypass multifactor...

August 15, 2018 06:33 PM

Protecting Our Customers through the Lifecycle of Security Threats

Electronics -- Intel - By Leslie Culbertson

Intel's Product Assurance and Security (IPAS) team is focused on the cybersecurity landscape and constantly working...

August 15, 2018 06:26 PM

July's Most Wanted Malware: Attacks Targeting IoT and Networking Vulnerabilities on the Rise

Globe Newswire -- Technology - Cyber attacks targeting IoT and network router vulnerabilities doubled since May 2018, says Check Point's latest Global Threat Index...

August 15, 2018 05:54 PM

WISeKey Cybersecurity Growing by over 60% compared to same period last as more companies required ID Management to facilitate their compliance with GDPR

Globe Newswire -- Technology - WISeKey Cybersecurity Growing by over 60% compared to same period last as more companies required ID Management to facilitate...

August 15, 2018 05:26 PM

August 14, 2018

Alert Fatigue Is a Big Cybersecurity Problem

Infosec -- TripWire - The State of Security - Alarms and alerts surround us every day. From the moment our clocks wake us up in the morning, we rely on...

August 14, 2018 08:01 PM

The Data Security Landscape Is Shifting: Is Your Company Prepared?

Infosec -- Dark Reading - New ways to steal your data (and profits) keep cropping up. These best practices can help keep your organization safer.

August 14, 2018 07:59 PM

Oracle warns of CVE-2018-3110 Critical Vulnerability in Oracle Database product, patch it now!

Infosec -- Security Affairs - Last week Oracle disclosed a critical vulnerability in its Oracle Database product, the issue tracked as CVE-2018-3110 has...

August 14, 2018 07:53 PM

Multi-Cloud Security Best Practices Guide

Infosec -- TripWire - The State of Security - A multi-cloud network is a cloud network that consists of more than one cloud services provider. A straightforward...

August 14, 2018 07:53 PM

Zscaler's Zero Trust security framework wins U.S. government approval

Enterprise -- SiliconANGLE - With remote workers increasingly using cloud networks to access sensitive data, organizations are embracing new security models...

August 14, 2018 07:06 PM

Firefox now supports the newest internet security protocol

Tech -- TechCrunch - Last Friday, the Internet Engineering Task Force released the final version of TLS 1.3. This is a major update to TLS 1.2, the security...

August 14, 2018 06:35 PM

Fortinet Threat Landscape Report Reveals IoT Devices in the Home Are the Latest Target for Cryptojacking

Globe Newswire -- Technology - 96% of Firms Experienced at Least One Severe Exploit 96% of Firms Experienced at Least One Severe Exploit

August 14, 2018 03:55 PM

August 13, 2018

My brush with GDPR

Enterprise -- The Enterprisers Project - I ended up reporting a possible breach of data - my data. What I learned, for individuals and organizations.

August 13, 2018 05:20 PM

Black Box Launches Broadest Range of NIAP 3.0 Certified Secure KVM Switches

Globe Newswire -- Technology - New Black Box Secure KVM Switching Technology Mitigates Cybersecurity Risk in Critical Defense Systems New Black Box Secure KVM...

August 13, 2018 04:38 PM

Hacking the websites responsible for election information is so easy an 11 year-old did it

Tech -- TechCrunch - It's time to talk about election security.

Over the weekend at Def Con, the annual hacker convention in Las Vegas to discuss some...

August 13, 2018 05:02 AM

How to Setup IKEv2 VPN Using Strongswan and Let's encrypt on CentOS 7

HowtoForge -- Strongswan is an open source multiplatform IPSec implementation. It's an IPSec-based VPN solution that focuses on strong authentication mechanisms....

August 13, 2018 04:00 AM

Many cybersecurity jobs rely on problem-solving, not hacking skills

CNBC-Top Business -- People with experience in project management, analytics and data science, technical writing, law, policy, third-party oversight, or physical...

August 13, 2018 03:51 AM

Tripwire Releases State of Cyber Hygiene Report, Identifies Where Organizations Fall Behind on Basics

Business Wire -- Tripwire study finds that more than 60 percent of organizations are not leveraging established hardening benchmarks.

August 13, 2018 03:42 AM

Hackers can steal data from the enterprise using only a fax number

Enterprise -- ZDNet Blogs - Fax machines are still widely used by businesses and a communications protocol vulnerability is leaving them exposed to cyberattacks.

August 13, 2018 03:39 AM

Cybersecurity's insidious new threat: workforce stress

Think -- MIT Technology Review - This week's Black Hat event will highlight things like job-related stress and mental health issues in the cyber workforce.

August 13, 2018 03:24 AM

August 12, 2018

Former JP Morgan Chase Bank Employee Sentenced to Four Years in Prison for Selling Customer Account Information

Infosec -- Office of Inadequate Security - August 10 - Earlier today, in federal court in Brooklyn, Peter Persaud, a former personal banker at JP Morgan...

August 12, 2018 06:24 AM

Grey Hats Emerge as Cybersecurity Menace that Can No Longer Be Ignored

Infosec -- Barracuda - A new global survey of 900 cybersecurity professionals published this week by Malwarebytes suggests cybersecurity professionals have...

August 12, 2018 06:23 AM

How to protect your RDP access from ransomware attacks

Infosec -- Malwarebytes Unpacked - You didn't really think that the ransomware wave was coming to an end, did you? You'd be tempted to think so, given the...

August 12, 2018 06:23 AM

Cloud Intelligence Throwdown: Amazon vs. Google vs. Microsoft

Infosec -- Dark Reading - A closer look at native threat intelligence capabilities built into major cloud platforms and discussion of their strengths and...

August 12, 2018 06:20 AM