Woodstock Wire: Enterprise Security News

October 15, 2018

Staying secure in the smart era: Three rules for cyber security

Media -- eeNews Europe - Almost half of manufacturers have fallen victim to cybercrime, according to the Cyber Security Manufacturing Report 2018,...

October 15, 2018 03:59 PM

Workplace violence: the forgotten insider threat

Infosec -- Malwarebytes Unpacked - Organizations are no stranger to insider threats. In fact, for those who have been around long before the Internet, workplace...

October 15, 2018 03:53 PM

Branch.io Flaws may have affected as many as 685 million individuals

Infosec -- Security Affairs - More than 685 million users may have been exposed to XSS attacks due to a flaw in Branch.io service used by Tinder, Shopify,...

October 15, 2018 03:52 PM

Kali Linux for Vagrant: Hands-on

Enterprise -- ZDNet Blogs - The developers at Kali Linux have released a Vagrant distribution of their latest version. Here is a look at that release - and...

October 15, 2018 03:48 PM

Securing REST APIs With Client Certificates

Enterprise -- Architects Zone - This post is about an example of securing a REST API with a client certificate (a.k.a. X.509 certificate authentication).


October 15, 2018 03:47 PM

Verisign Presents DDoS Trends Report of Q2 2018

PR Newswire -- Observes a 35% increase in the number of attacks compared to Q1 2018 Verisign Distributed Denial of Service Trends, observed attack trends...

October 15, 2018 02:44 PM

Global payment companies test their data security readiness

Web Marketing -- Digital Commerce 360 - Global payment companies held their first joint cybersecurity war games to test their systems' readiness for...

October 15, 2018 04:40 AM

Elevating user trust in our API ecosystem

Web Marketing -- Google Developers - Google API platforms have a long history of enabling a vibrant and secure third-party...

October 15, 2018 04:17 AM

The Trouble With Cybersecurity Management

Think -- MIT Sloan Management Review - Cybersecurity is becoming top of mind for customers and organizations, as highly publicized data breaches and...

October 15, 2018 04:03 AM

Microsoft fixed the Zero-Day for JET flaw, but the fix is incomplete

Infosec -- Security Affairs - Experts from 0Patch revealed that the Microsoft Zero-Day Patch for JET Database Engine vulnerability (CVE-2018-8423) is incomplete.


October 15, 2018 04:01 AM

Supply Chain Security 101: An Expert's View

Infosec -- Krebs on Security - Earlier this month I spoke at a cybersecurity conference in Albany, N.Y. alongside Tony Sager, senior vice president and...

October 15, 2018 04:00 AM

6 ways to keep up with cybersecurity without going crazy

Infosec -- Malwarebytes Unpacked - As we dive headfirst into National Cybersecurity Awareness Month, it seems only fitting to discuss ways to stay on top...

October 15, 2018 03:58 AM

Five Eyes Intelligence agencies warn of popular hacking tools

Infosec -- Security Affairs - Security agencies belonging to Five Eyes (United States, United Kingdom, Canada, Australia and New Zealand) have released...

October 15, 2018 03:58 AM

Clarifying the Misconceptions: Monitoring and Auditing for Container Security

Infosec -- TripWire - The State of Security - An effective container security strategy consists of many parts. Organizations should first secure the build...

October 15, 2018 03:55 AM

Most Malware Arrives Via Email

Infosec -- Dark Reading - Watch out for messages with the word "invoice" in the subject line, too.

October 15, 2018 03:55 AM

Juniper Networks provides dozens of fix for vulnerabilities in Junos OS

Infosec -- Security Affairs - Juniper Networks has released security updates to address serious vulnerabilities affecting the Junos operating system.


October 15, 2018 03:53 AM

Calif. Law Takes Aim at Weak IoT Passwords

Infosec -- Threatpost - Concerns over data privacy and security push California to roll out the first legislation on connected devices.

October 15, 2018 03:52 AM

15 Years of Cybersecurity Awareness Month

Infosec -- The PhishLabs Blog - Each year in the month of October there are more things to be cognizant of than ghosts and ghouls, in fact something far...

October 15, 2018 03:51 AM

How Can Businesses Protect against Phishing Attacks on Employee Smartphones?

Infosec -- Infosec Island - Smartphones have become synonymous with everyday business operations, enabling employees to store important contact details,...

October 15, 2018 03:49 AM

A Tool to Strengthen Your Password Manager

Infosec -- Okta Blog - Password managers, such as Okta's SWA plugin can defend against phishing attacks. However, to prevent the compromise of passwords,...

October 15, 2018 03:48 AM

What is enterprise risk management? How to put cybersecurity threats into a business context

Infosec -- CSO Online - Enterprise risk management (ERM) is the process of assessing risks to identify both threats to a company's financial well-being...

October 15, 2018 03:48 AM

New Gallmaker APT group eschews malware in cyber espionage campaigns

Infosec -- Security Affairs - A previously unknown cyber espionage group, tracked as Gallmaker, has been targeting entities in the government, military...

October 15, 2018 03:48 AM

Meet 5 Women Shaping Microsoft's Security Strategy

Infosec -- Dark Reading - Profiles of some of the women currently leading Microsoft security operations - and their efforts to drive inclusivity.

October 15, 2018 03:47 AM

Bloomberg blunder highlights supply chain risks

Infosec -- Malwarebytes Unpacked - Ooh boy! Talk about a back-and-forth, he said, she said story!

No, we're not talking about that Supreme Court nomination....

October 15, 2018 03:47 AM

Proactive System Hardening: Continuous Hardening's Coming of Age

Infosec -- TripWire - The State of Security - The first article in this series examined configuration hardening-essentially looking at ports, processes...

October 15, 2018 03:44 AM

Security Vulnerabilities in US Weapons Systems

Infosec -- Schneier on Security - The US Government Accounting Office just published a new report: "Weapons Systems Cyber Security: DOD Just Beginning to...

October 15, 2018 03:40 AM

Researchers presented an improved version of the WPA KRACK attack

Infosec -- Security Affairs - Security researchers who devised last year the Key Reinstallation Attack, aka KRACK attack, have disclosed new variants of...

October 15, 2018 03:36 AM

Microsoft October Patch Tuesday Fixes 12 Critical Vulnerabilities

Infosec -- The Hacker News - Microsoft has just released its latest monthly Patch Tuesday updates for October 2018, fixing a total of 49 security vulnerabilities...

October 15, 2018 03:35 AM

When Endpoint Detection and Response (EDR) is not enough

Infosec -- Malwarebytes Unpacked - As cybercriminals continue to validate the reality that no prevention-based security control is going to stop every threat...

October 15, 2018 03:35 AM

Announcing Kali for Vagrant

Infosec -- Kali Linux - Inspired by a recent community blog post, we have decided to add a new official way for our community to use Kali. Starting now,...

October 15, 2018 03:19 AM

What is IAM? Identity and access management explained

Infosec -- CSO Online - IAM definition

Identity and access management (IAM) in enterprise IT is about defining and managing the roles and access privileges...

October 15, 2018 03:18 AM

Project Strobe, what will change after the Google security breach?

Infosec -- Security Affairs - Google announced a security breach that may have exposed data of over 500,000 users of its Google+ social network, these are...

October 15, 2018 03:17 AM

NIST and the Small Business: Addressing Cyber Insecurity

Infosec -- Infosec Island - In August, President Trump signed the NIST Small Business Cybersecurity Act, directing NIST to develop a streamlined version...

October 15, 2018 03:15 AM

Over 4.5 Billion Records Breached in H1 2018, Finds Report

Infosec -- TripWire - The State of Security - A recent report found that data breaches compromised a total of more than 4.5 billion records in the first...

October 15, 2018 03:13 AM

The Battle Between Build vs. Buy

Infosec -- Okta Blog - Every development team must decide which components to build in-house and which to offload to a 3rd party vendor. This decision...

October 15, 2018 03:08 AM

Tripwire For DevOps External Registry And Alert Capability

Infosec -- TripWire - The State of Security - Although many organizations are shifting security to the left and embracing the integration of security tools...

October 15, 2018 03:08 AM

Threat Intelligence by the Book

Infosec -- Recorded Future - The Recorded Future team is proud to have recently published its first book, "The Threat Intelligence Handbook - A Practical...

October 15, 2018 03:06 AM

Survey: How does your company handle cyberwarfare and cybersecurity?

Enterprise -- ZDNet News - Take this short, multiple choice survey and tell us about your company's cyberwarfare experience and cybersecurity strategies for...

October 15, 2018 02:22 AM

Detecting Malicious Campaigns with Machine Learning

Enterprise -- Palo Alto Networks Blog - We're always working to find new ways to protect customers and prevent successful attacks, and one recent addition...

October 15, 2018 02:21 AM

ICANN's internet DNS security upgrade apparently goes off without a glitch

Enterprise -- Network World News - So far so good. That's the report from Internet Corporation for Assigned Names and Numbers (ICANN) as it rolled out the...

October 15, 2018 02:17 AM

Five Eyes cyber agencies detail list of popular hacking tools

Enterprise -- IT World Canada - In an effort to help infosec pros, experts from cyber security agencies in Canada, the U.S., the U.K., Australian and New Zealand...

October 15, 2018 12:59 AM

October 14, 2018

Lightboard Lessons: The DNS Water Torture Attack

Enterprise -- F5 DevCentral - A Domain Name System (DNS) Water Torture attack involves attackers sending non-existent subdomain requests to an Authoritative...

October 14, 2018 06:59 AM

Azure Portal October update

Enterprise -- Microsoft Azure - This post was co-authored by Leon Welicki, Principal Group PM Manager.

We heard your feedback loud and clear: it is hard to...

October 14, 2018 06:58 AM

Colorado's candidates for governor offer a first glimpse into the importance they will place on cybersecurity - The Colorado Sun

Enterprise -- Digital Colorado - Both major candidates for Colorado governor on Monday pledged to step up the state's efforts to train more cybersecurity professionals...

October 14, 2018 06:32 AM

Announcing 'Navigating the Digital Age, Second Edition'

Enterprise -- Palo Alto Networks Blog - In 2015, Palo Alto Networks and the New York Stock Exchange organized a collection of essays designed to educate and...

October 14, 2018 06:30 AM

Akamai Announces Platform Enhancements Designed to Bolster Security and Agility for Digital Businesses

Enterprise -- DevOps.com - Adds intelligent security automation, advanced threat protection for web apps, deeper real-time insights, and improved efficiencies...

October 14, 2018 04:13 AM

DevSecOps and Development: Making the World Safer One Application at a Time

Enterprise -- DevOps.com - If you have been around software development much at all in the past five or 10 years, then you've certainly heard of DevOps and...

October 14, 2018 03:19 AM

How to protect your iCloud account

Tech -- Digital Trends - From Chinese hacking to identity theft, it's not surprising if you're a little worried about your iCloud data. Here's how to...

October 14, 2018 01:25 AM

October 12, 2018

Sophos adds an Endpoint Detection and Response option to its Intercept X Advanced portfolio

Enterprise -- ChannelBuzz.ca - Sophos supplements their Intercept X Advanced deep learning offering with EDR investigation and response capability, designed...

October 12, 2018 05:23 PM