Kroll acquires Redscan to expand cyber risk offering

Kroll announced that it has acquired Redscan, an cyber security services provider based in the United Kingdom. With the addition of Redscan and its extended detection and response (XDR) enabled security operations center (SOC) platform, Kroll expands i… Continue reading Kroll acquires Redscan to expand cyber risk offering

Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoing

With several exploits targeting CVE-2019-19781 having been released over the weekend and the number of vulnerable endpoints still being over 25,000, attackers are having a field day. Do you use Citrix’s Application Delivery Controller (ADC) or Ga… Continue reading Exploits for Citrix ADC and Gateway flaw abound, attacks are ongoing

SharePoint servers under attack through CVE-2019-0604

CVE-2019-0604, a critical vulnerability opening unpatched Microsoft SharePoint servers to attack, is being exploited by attackers to install a web shell. The web shell allows them to achieve continuous access to the system and, potentially, to the inte… Continue reading SharePoint servers under attack through CVE-2019-0604

Microsoft SharePoint vulnerability allows hackers to sift through servers, Saudi authorities warn

Hackers are exploiting a remote code execution vulnerability in Microsoft SharePoint to conduct reconnaissance on the networks of target organizations, a Saudi government cybersecurity agency said Thursday. In activity that private-sector researchers are also tracking, the unnamed hackers are gathering information on Microsoft Exchange and SQL servers in a sign “the attack is still in its first stages,” Saudi Arabia’s National Cybersecurity Authority (NCA) said in an advisory. The alert did not offer further information on the victims. The attacks are an example of how a file-sharing service can be abused to gather valuable information on a target. The vulnerability applies to older versions of SharePoint, an application organizations use to share and store documents. With a foothold on a network, the attackers have deployed a web shell script that can be used to manipulate data on a server, according to the NCA. The Saudi agency “observed a spike in scanning activities […]

The post Microsoft SharePoint vulnerability allows hackers to sift through servers, Saudi authorities warn appeared first on CyberScoop.

Continue reading Microsoft SharePoint vulnerability allows hackers to sift through servers, Saudi authorities warn

Cloudera, AlienVault, and CA – Business Security Weekly #96

Join Paul, Doug White, and Todd to talk about Security Innovation that includes: AlienVault, Cloudera, Splunk, Fortinet, CA and more! Full Show Notes Visit http://securityweekly.com/category/ssw for all the latest episodes! Hosts
The post Cloudera, Ali… Continue reading Cloudera, AlienVault, and CA – Business Security Weekly #96

SolarWinds, Mimecast, & AT&T – Enterprise Security Weekly #98

This week, Thoma Bravo to buy majority stake in cybersecurity firm Centrify, SolarWinds acquires real-time threat-monitoring service Trusted Metrics, Mimecast acquires Ataata, AT&T to acquire AlienVault, and more on this episode of Enterprise Secur… Continue reading SolarWinds, Mimecast, & AT&T – Enterprise Security Weekly #98

AT&T to acquire AlienVault

AlienVault, a San Mateo-Calif.-based cybersecurity company, is being acquired by AT&T, the two companies announced on Tuesday. The telecommunications giant looks to add AlienVault’s services and talent to its small business- and enterprise-focused cybersecurity portfolio. AlienVault is best known for two platforms. Its Unified Security Management product provides customers with threat detection and incident response, and the AlienVault Open Threat Exchange provides security researchers with a platform for crowdsourced threat intelligence. In April, AlienVault also launched a free threat-scanning service that leverages data contributed by researchers to its Open Threat Exchange. “We’re thrilled to join forces with AT&T. They bring a robust cybersecurity portfolio with an industry-leading technology ecosystem,” said Barmak Meftah, AlienVault’s president and CEO, in a statement. “This deal accelerates our ability to deliver on the AlienVault mission, which is to democratize threat detection and response to companies of all sizes.” AlienVault was founded in 2007 and has […]

The post AT&T to acquire AlienVault appeared first on Cyberscoop.

Continue reading AT&T to acquire AlienVault

RSA 2018 – Chaos Engineering

When surrounded with chaos, it is normal to cling to that which is comforting like a NGFW or SIEM.
The post RSA 2018 – Chaos Engineering appeared first on Anitian.
The post RSA 2018 – Chaos Engineering appeared first on Security Boulevard.
Continue reading RSA 2018 – Chaos Engineering

Are there too many cybersecurity companies?

The most potent global threat in 2018 may not be armed conflict or civil unrest, but cybersecurity. While cybersecurity awareness has increased with high profile breaches in recent years, the core problem remains of how industries can protect themselve… Continue reading Are there too many cybersecurity companies?

Previously unknown cyber-espionage group has successfully hacked in South America since 2015

A previously unknown and sophisticated hacking group has engaged in highly targeted cyber-espionage against a host of South American and Asian governments since at least early 2015, according to new research from Symantec. The hacking group called Sowbug, named after a sneaky but successful critter, has been conducting highly targeted attacks, according to Symantec, against organizations and governments in Argentina, Brazil, Ecuador, Peru, Brunei and Malaysia. Judging by the incidents being investigated, Sowbug’s goal appears to be very specific information on foreign policy and diplomacy in South America and Southeast Asia. It’s an exceptional event because this type of espionage is relatively rare in those regions, compared with North America, Europe and other areas of Asia. Sowbug has been successful in attacks against targeted foreign ministries, the U.S.-based Symantec said. The targeted governments and organizations have been informed of the breaches, the company said, and several are currently investigating to see if further […]

The post Previously unknown cyber-espionage group has successfully hacked in South America since 2015 appeared first on Cyberscoop.

Continue reading Previously unknown cyber-espionage group has successfully hacked in South America since 2015