Woodstock Wire: Enterprise Security News

April 23, 2019

5 Reasons Why Cybersecurity Can't Remain Effective Without WHOIS Database Download

TMCnet -- With close to two billion websites now in operation and tens of billions of dollars lost to cyber crime each year, companies need all the help...

April 23, 2019 10:42 PM

Can a Wi-Fi network ever be completely secure?

PhysOrg.com -- There are many ways in which hackers and crackers can break into a Wi-Fi network. It is trivial if the network uses out of date security protocols...

April 23, 2019 10:12 PM

Taking Digital Authentication To The Next Level

Media -- PYMNTS.com - Gaming companies are taking digital authentication to the next level. Smart agents are rising to bring better customer service and...

April 23, 2019 09:45 PM

Symantec Joins U.S. Department of Defense's Defense Industrial Base Cyber Security Program

Business Wire -- Symantec has become a member of the United States' Department of Defense's (DOD) Defense Industrial Base (DIB) Cybersecurity (CS) program.

April 23, 2019 09:19 PM

Analysis: Abuse of Custom Actions in Windows Installer MSI to Run Malicious JavaScript, VBScript, and PowerShell Scripts

Infosec -- TrendLabs Security Intelligence Blog - by Llallum Victoria (Threats Analyst) - Windows Installer uses Microsoft Software Installation (MSI) package...

April 23, 2019 08:34 PM

Top 10 global cybersecurity hubs for 2019

Infosec -- CSO Online - Expected and surprising contenders for top cybersecurity hubs

April 23, 2019 08:32 PM

Iran-linked APT34: Analyzing the webmask project

Infosec -- Security Affairs - Security expert Marco Ramilli published the findings of a quick analysis of the webmask project standing behind the DNS attacks...

April 23, 2019 08:32 PM

Who Gets Targeted Most in Cyberattack Campaigns

Infosec -- Dark Reading - Attackers are changing both their tactics and targets in an attempt to remain criminally successful, Proofpoint's study found.

April 23, 2019 08:31 PM

Embassies targeted in ongoing spearphishing campaign that weaponized Microsoft Excel files

Infosec -- CyberScoop - Embassies around the world have been targeted in a recent spate of spearphishing email attacks from Russian hackers, according to...

April 23, 2019 08:31 PM

jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites

Infosec -- Security Affairs - The popular jQuery JavaScript library is affected by a rare prototype pollution vulnerability that could allow attackers to...

April 23, 2019 08:29 PM

Information Security Is Not an IT Risk, It's a Business Risk

Infosec -- Recorded Future - Our guest today is Brian Haugli. He's a partner at Side Channel Security, a consulting firm in the Boston area. Prior to forming...

April 23, 2019 08:27 PM

4 Tips to Protect Your Business Against Social Media Mistakes

Infosec -- Dark Reading - Don't let social media become the go-to platform for cybercriminals looking to steal sensitive corporate information or cause...

April 23, 2019 08:24 PM

Xerox Adds Real-Time Network Protections for MFPs

Enterprise -- Channelnomics - Xerox Adds Real-Time Network Protections for MFPs

Security enhancements for AltaLink devices promise enhanced first...

April 23, 2019 08:06 PM

Six Essentials for Your Cloud Security Program

Enterprise -- Palo Alto Networks Blog - In traditional on-premises systems, organizations are responsible for securing everything - from the physical premises...

April 23, 2019 08:04 PM

Avanade, Capgemini also hit by Wipro hackers

Enterprise -- CRN - Service providers under phishing attack.

April 23, 2019 06:05 PM

Azure.Source - Volume 79

Enterprise -- Microsoft Azure

April 23, 2019 05:58 PM

Detecting threats targeting containers with Azure Security Center

Enterprise -- Microsoft Azure - More and more services are moving to the cloud and bringing their security challenges with them. In this blog post, we will...

April 23, 2019 05:58 PM

Cisco urges patch of critical router flaw

Enterprise -- CRN - ASR 9000 Series can be exploited remotely without user credentials.

April 23, 2019 05:56 PM

Mitigating recent HTTP/2 DoS vulnerabilities with BIG-IP

Enterprise -- F5 DevCentral - F5 Networks Threat Research team have been looking into the HTTP/2 protocol in order to assess the potential risks and possible...

April 23, 2019 05:52 PM

Seattle cybersecurity startup Critical Informatics raises $9.6M and gets a new name - CI Security

Tech -- GeekWire - CI Security's Kraken Signal on the wall of its office.

A cybersecurity startup that pairs software with analysts...

April 23, 2019 04:33 PM

A hotspot finder app exposed 2 million Wi-Fi network passwords

Tech -- TechCrunch - A popular hotspot finder app for Android exposed the Wi-Fi network passwords for more than two million networks.

The app, downloaded...

April 23, 2019 04:11 PM

April 22, 2019

Microsoft Office now the most targeted platform, as browser security improves

Infosec -- CSO Online - Microsoft Office has become cybercriminals' preferred platform when carrying out attacks, and the number of incidents keeps increasing,...

April 22, 2019 03:59 PM

Six Myths People Still Believe About GDPR

Infosec -- TripWire - The State of Security - The General Data Protection Regulation (GDPR) came into force in May 2018, and by the letter of the law, virtually...

April 22, 2019 03:20 PM

How to quickly and securely wipe your data off almost any device

Enterprise -- ZDNet Blogs - If you have any sensitive data at all - and these days who doesn't? - at some point you are going to need to find a way to securely...

April 22, 2019 03:20 PM

Popular jQuery JavaScript library impacted by prototype pollution flaw

Enterprise -- ZDNet Blogs - Prototype pollution flaws are "the next big thing" in JavaScript security research.

April 22, 2019 03:51 AM

How to Set up Fraud Alerts to Prevent Identity Theft

AddictiveTips -- In this guide, we'll explain how to set up fraud alerts for free with any of the Big 3 credit bureaus in the US. We'll also cover why fraud alerts...

April 22, 2019 01:33 AM

60 Million records of LinkedIn users exposed online

Infosec -- Security Affairs - Researcher discovered eight unsecured databases exposed online that contained approximately 60 million records of LinkedIn...

April 22, 2019 01:03 AM

Morele.net - 2,467,304 breached accounts

Infosec -- Have I been pwned - In October 2018, the Polish e-commerce website Morele.net suffered a data breach. The incident exposed almost 2.5 million...

April 22, 2019 01:03 AM

Google is going to block logins from embedded browsers against MitM phishing attacks

Infosec -- Security Affairs - Google this week announced that it is going to block login attempts from embedded browser frameworks to prevent man-in-the-middle...

April 22, 2019 01:02 AM

Cybersecurity emerges as weakest link in digital supply chain

Infosec -- Barracuda - As supply chains increasingly become digitized nation states are targeting the weakest cybersecurity links in these supply chains...

April 22, 2019 01:01 AM

Block Chain and DNS: Improving Security

Infosec -- InfoSecWriters.com - Contributed by Abraham Flores

DNS technology acts as the backbone of the internet but suffers from serious vulnerabilities...

April 22, 2019 12:59 AM

These are the most commonly hacked passwords - is one of them yours?

Enterprise -- ZDNet News - Your name, your favorite football team and your favourite band: The UK's National Cyber Security Centre has released a list of the...

April 22, 2019 12:30 AM

PayPal receives patent for ransomware detection technology

Enterprise -- ZDNet Blogs - PayPal engineer develops novel approach to detecting and stopping ransomware attacks.

April 22, 2019 12:28 AM

'Malicious software attack' knocked the Weather Channel off-air for more than an hour

Tech -- Mashable - The FBI is currently investigating a "malicious software attack" that interrupted the Weather Channel's non-stop 24-hour-a-day coverage.


April 22, 2019 12:11 AM

April 19, 2019

Navigating the AI hype in security: 3 dos and 2 don'ts

Infosec -- CSO Online - I've been needling the artificial intelligence (AI) hype bubble since 2015 when, after managing a CalTech research grant, I saw...

April 19, 2019 04:41 PM

Broadcom WiFi Driver bugs expose devices to hack

Infosec -- Security Affairs - Experts warn of security flaws in the Broadcom WiFi chipset drivers that could allow potential attackers to remotely execute...

April 19, 2019 04:41 PM

Small businesses remain a rich target for ransomware criminals

Infosec -- Barracuda - Cybercrime continues to evolve and new threats appear on a regular basis, but the most effective attacks never go away. While spear...

April 19, 2019 04:41 PM

6 Takeaways from Ransomware Attacks in Q1

Infosec -- Dark Reading - Customized, targeted ransomware attacks were all the rage.

April 19, 2019 04:40 PM

The cybersecurity helpline protecting citizens from digital attacks

Infosec -- The Daily Swig - Access Now offers 24/7 advice to victims of cybercrime

April 19, 2019 04:38 PM

Phishing Trends and Intelligence Report

Infosec -- PhishLabs - This year's report focuses on the growing social engineering threat.

Regardless of advancements in technology, social engineering...

April 19, 2019 04:38 PM

Without Targeted Threat Intelligence, Vulnerability Management Teams Face an Uphill Challenge (Part 2)

Infosec -- Recorded Future - In the first of this three-part series, we examined the current state of vulnerability management, which evidence suggests...

April 19, 2019 04:37 PM

Azure resources to assess risk and compliance

Enterprise -- Microsoft Azure - This blog post was co-authored by Lucy Raikova, Senior Program Manager, Azure Global - Financial Services.

It is vital for...

April 19, 2019 04:34 PM

U.S. Congress Finally Gets Some Good Ideas About IoT Security

Electronics -- IEEE Spectrum - U.S. Congress Finally Gets Some Good Ideas About IoT security

In 2016, attacks such as the...

April 19, 2019 04:25 PM

Someone hacked The Weather Channel

Tech -- BGR - We live in an age where companies suffer data breaches and hacks of various types on a disturbingly regular basis. Credit card companies,...

April 19, 2019 04:14 PM

April 18, 2019

Help wanted: security pros looking to jump-start careers

Business Wire -- Infosec and CompTIA are now accepting applications for four cybersecurity scholarships - wanting to impact the cyber workforce gap.

April 18, 2019 09:08 PM

The first DDoS attack was 20 years ago. This is what we've learned since.

Think -- MIT Technology Review - On the 20th anniversary of the first distributed denial of service attack, cybersecurity experts say the internet must...

April 18, 2019 08:46 PM

The cybersecurity helpline protecting citizens from nation-state attacks

Infosec -- The Daily Swig - Access Now offers 24/7 advice to victims of cybercrime

April 18, 2019 08:31 PM

Ransomware Attack Targeted Data Intelligence Firm Verint

Infosec -- TripWire - The State of Security - Bad actors used a ransomware attack to target the Israeli offices of the customer engagement and digital intelligence...

April 18, 2019 08:27 PM

How to stop infosec pros from speaking geek to management

Enterprise -- IT World Canada - At a cyber risk conference experts advise CISOs on how to talk to non-IT people and get the money they want

April 18, 2019 08:26 PM