Resources

Blog

Six System and Software Vulnerabilities to Watch Out for in 2019

Wouldn’t it be an easier life if we didn’t have to worry about the exploitation of vulnerabilities in solutions and software on which we have spent good time and resources? A world where correctly configured systems configured were left alone to perform their functions until they became redundant and/or needed replacing? It is a beautiful dream....
Blog

FaceApp Concerns: Myth or Mess?

There’s a lot of conversation regarding FaceApp right now. I have friends talking about it on Facebook, politicians are tweeting about it, CNN and Forbes have reported on it, and my favorite YouTuber Philip DeFranco covered it. People around the world are torn on the privacy implications of this application, yet the person who started this dumpster...
Blog

Multi-Cloud Security Best Practices Guide

A multi-cloud network is a cloud network that consists of more than one cloud services provider. A straightforward type of multi-cloud network involves multiple infrastructure as a service (IaaS) vendors. Can you use AWS and Azure together? For example, you could have some of your cloud network’s servers and physical network provided by Amazon Web...
Blog

Communication – The Forgotten Security Tool

Security professionals have many tools in their toolbox. Some are physical in nature. (WireShark, Mimikatz, endpoint detection and response systems and SIEMs come to mind.) Others not so much. (These assets include critical thinking faculties, the ability to analyze complex processes, a willingness—some call it a need—to dig in and find the root cause...
Blog

Ransomware Attack Disrupts Some Services at Onondaga County Libraries

A crypto-ransomware attack has disrupted some services at all library locations across Onondaga County in New York State. On 16 July, the Onondaga County Public Library system published a tweet in which it explained that many of its public services were unavailable. https://twitter.com/OCPL_CNY/status/1151123985616244736?ref_src=twsrc%5Etfw WSYR-TV...
Blog

Back to Basics: Infosec for Small and Medium-Sized Businesses

Too many small and medium-sized businesses (SMBs) are under the belief that purchasing “This One Product” or “This One Managed Service” will provide all the security their network requires. If this were true, large corporations with huge IT budgets would never have data breaches! Before you start buying expensive new technology to protect your...
Blog

Open Invitation to Help Develop Infosec Community Resources

It may be possible to democratize security by making it more accessible to average companies through community resources. We have an idea or two but we would appreciate your thoughts. At the 2019 RSA conference, Matt Chiodi, Chief Security Officer of Palo Alto Networks stated: “… small organizations are using on average between 15 and 20 tools,...
Blog

Free Decryptor Released for Ims00rry Ransomware

Security researchers have released a free decryption utility which victims of Ims00rry ransomware can use to recover their files. On 12 July, anti-virus and anti-malware solutions provider Emsisoft made the decryptor available to the public. The firm published a follow-up post about is tool two days later. ...
Blog

Climbing the Vulnerability Management Mountain: Gearing Up and Taking Step One

As I discussed in the first blog in this series, the purpose of this series is to guide you on your journey up the Vulnerability Management Mountain (VMM). Like climbing a mountain, there is a lot of planning and work required, but when you get to the top, the view is amazing and well worth the journey. For the first phase, let's start by planning...
Blog

Mayors Say They'll No Longer Pay Ransoms Connected to Security Events

Mayors in the United States have collectively declared that they'll no longer meet attackers' ransom demands in connection to a digital security event. At its 87th annual meeting, the U.S. Conference of Mayors approved a resolution entitled, "Opposing Payment To Ransomeware Attack Perpetrators." This decree makes clear that the Conference, the...
Blog

Apple says its Walkie-Talkie app could be exploited to spy on iPhones

Apple has chosen to temporarily disable a key feature of the Apple Watch after a critical vulnerability was discovered that could allow someone to eavesdrop on another person without their knowledge. The Apple Watch feature at the heart of the problem is Apple's Walkie-Talkie app which allows users to "push to talk" with other Apple Watch owners via...
Blog

How Do You Protect Your Children When They Go Online?

When you are thinking about a very special holiday gift for your kid, one of the first things that spring to mind is a smartphone, tablet or laptop. It’s common knowledge that these devices aren’t very useful unless connected to the Internet. But how do you make sure your children are on the safe side when they go online? According to studies, kids...
Blog

Malvertising Campaign Redirects to RIG Exploit Kit, ERIS Ransomware

A malvertising campaign is redirecting users to the RIG exploit kit for the purpose of loading ERIS ransomware onto vulnerable machines. Over the 5-7 July weekend, security researcher nao_sec discovered a malvertising campaign that was abusing the popcash ad network to redirect users to a landing page for the RIG exploit kit. The researcher told...
Blog

VERT Threat Alert: July 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s July 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-839 on Wednesday, July 10th. In-The-Wild & Disclosed CVEs CVE-2019-0865 This vulnerability describes a denial of service that occurs when SymCrypt processes specially crafted digital...
Blog

New York Passes a Law that Further Expands Cyber Protection

The New York State Legislature recently passed a bill that aims to protect New York residents, regardless of the location of the business. The law, known as the Stop Hacks and Improve Electronic Data Security (SHIELD) Act is designed to address unauthorized access of data. The bill expands the definition of “Breach of the security of the system” by...
Blog

ATT&CK Structure Part II: From Taxonomy to Ontology

In Part I, I described some structural problems in MITRE’s ATT&CK adversarial behavior framework. We looked at a couple of examples of techniques that vary greatly in terms of abstraction as well as techniques that ought to be classified as parent and sub-technique. Both examples are borne out of the lack of hierarchical structure among techniques...