Resources

Blog

South Korean Cryptocurrency Exchange Coinrail Confirms Hacking Attempt

South Korean cryptocurrency exchange Coinrail said it's cooperating with law enforcement after suffering a hacking attempt. In a statement posted to its website, Coinrail revealed it was working with police to investigate an incident that might have exposed 30 percent of the total number of coins traded on the exchange. It placed the remaining 70...
Blog

Mapping the ATT&CK Framework to CIS Controls

For the better part of a decade, I have spent a good amount of time analyzing security and compliance frameworks. There is beauty to be found in every one of them. Some are very high level and leave the organization to interpret how to implement the various controls, such as the CIS Critical Security Controls. Others are incredibly prescriptive and...
Blog

Three Rhode Island State Agencies Affected by Malware Attack

A malware attack affected computing devices owned and operated by three state agencies in Rhode Island, confirmed the State's digital security teams. Rhode Island's Department of Children, Youth & Families, one of the departments affected by the malware attack. According to Call 12 for Action, the...
Blog

The Value of Capture the Flag Competitions

If you've ever attended an infosec or hacker conference, you're sure to have seen the Capture the Flag or CTF. As with anything in this industry, there are ebbs and flows in the debate of the value of the competitions. Some argue that they are unrealistic. Others champion them for the skills required and the creative thinking. Let's be real for a...
Blog

Can VPNs Really Be Trusted?

With hacking attacks, government surveillance and censorship constantly in the headlines, more and more people are looking for ways to increase their privacy online. One of the simplest and most popular solutions is to use a virtual private network. With a VPN, all your internet traffic is encrypted and tunneled through a third-party server, so it...
Blog

Atlanta Ransomware Attack Wiped Out Years of Police Dashcam Footage

A ransomware attack targeting the city of Atlanta wiped out years of dashcam footage generated by the Atlanta Police Department. In an exclusive interview with The Atlanta Journal-Constitution and Channel 2 Action News, Atlanta Police Chief Erika Shields revealed that a March ransomware attack against the city cost the Department years of dashcam...
Blog

Women in Information Security: Virginia Robbins

Last time, I had a great chat with Anna Westelius. She has a lot of experience with everything from web security to Linux driver development, and I learned a lot from her. This time, I had the pleasure of talking with Virginia Robbins, otherwise known as fl3uryz. Not only is she an expert in malware detection; she also founded The Diana Initiative,...
Blog

2018 VERT IoT Hack Lab Training

I’m pleased to announce that next month, I will be offering the two-day training series A Guided Tour of Embedded Software Hacks at Shakacon X as well as at Black Hat USA in August. As a reminder, I will also be back at SecTor with reloaded material for a one-day Brainwashing Embedded Systems advanced class aimed at students who have already...
Blog

Scammers Targeting Booking.com Users with Phishing Messages

UPDATE 05/06/18: Booking.com sent over the following statement in an email: Security and the protection of our partner and customer data is a top priority at Booking.com. Not only do we handle all personal data in line with the highest technical standards, but we are continuously innovating our processes and systems to ensure robust security on our...
Blog

How to Protect Your Organization From Within

While stories of international espionage and government-sponsored hack attacks may captivate public attention, cyber security threats that originate from inside an organization pose a remarkably large threat. In fact, research suggests that insider threats account for anywhere from 60 to 75 percent of data breaches. Insider threats can range from...
Blog

The Future of Nano IoT Security

Imagine you're sitting on your couch relaxing on a Sunday afternoon when your smart device alerts you that you are having a heart attack or that you have gone into renal failure. You jump up, head to the ER and spend hours on test after test only to discover that nothing's wrong with you. So, what happened? Bad actors hacked your device, a type of...
Blog

Lagging Legacy Systems: How Federal Agencies Are Tackling Old IT

If you're a U.S. taxpayer, you've likely heard how Tax Day 2018 was uniquely rocky for the Internal Revenue Service (IRS). A series of technical problems prevented the IRS from processing tax returns filed electronically on 17 April. The agency rebooted its systems and restored them later that night, but it nevertheless extended the deadline for...
Blog

Dozens of Vulnerabilities Found Under Hack the DTS Bug Bounty Program

The Hack the DTS bug bounty program uncovered dozens of vulnerabilities in the Defense Travel System serving the Department of Defense. On 30 May, vulnerability coordination platform HackerOne revealed the results of Hack the DTS. Nineteen trusted security researchers participated in the 29-day program and submitted 100 vulnerability reports over...
Blog

Tripwire Patch Priority Index for May 2018

Tripwire's May 2018 Patch Priority Index (PPI) brings together the top vulnerabilities from Microsoft and Adobe. First on the patch priority list this month are patches for Microsoft Browsers and Scripting Engine. The patches for Internet Explorer resolve a security feature bypass vulnerability and the patches for Edge resolve memory corruption,...
Blog

Insurance Software Provider Exposed Clients' Data Stored on S3 Bucket

An insurance software provider exposed clients' sensitive data that it had stored on an Amazon Simple Storage Solution (S3) bucket. Andrew Lech, founder of AgentRun, confirmed the breach in an email sent out to the insurance agency management software company's clients. As quoted by ZDNet: We were migrating to this bucket during an application...
Blog

The State of ICS: One Year Into the Cyber Executive Order

It's been a full year since the new administration issued its first cyber executive order, “Presidential Executive Order (EO) on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure,” with an emphasis on leadership accountability and a risk management approach to cybersecurity strategies, policies and practices. The EO...