Resources

Blog

How Federal Agencies Can Fulfill the Next Steps of the FCWAA

On 25 January 2019, the longest U.S. government shutdown in history came to an end. It’s unclear exactly what impact this closure had on the government’s digital security. A SecurityScorecard report found that the shutdown coincided with a rise of expired SSL certificates protecting .gov domains, thereby producing a slight dip in overall network...
Blog

AWS System Manager And The Dangers of Default Permissions

In September of 2018, Amazon Web Services (AWS) announced the addition of the Session Manager to the AWS Systems Manager. The session manager enables shell or remote desktop level access to your AWS EC2 Windows and Linux instances, along with other benefits. This is a great new feature, but care should be taken when enabling this capability. While...
Blog

Tribbles, Supply Chains and Industrial Cyber Security

In the original Star Trek episode “The Trouble with Tribbles,” an unscrupulous merchant, Cyrano Jones, gives a small furry animal called a Tribble to communications officer Uhura. Uhura takes the Tribble aboard the Starship Enterprise where the animal begins to quickly reproduce, thereby threatening to overrun the ship and cause significant damage....
Blog

When it Comes to NIST 800-171 Compliance - There’s ‘On Time’ and There’s ‘Lombardi Time’

If you wait to become 800-171 compliant, you won’t win contracts. That was the message we wanted to make loud and clear to over 200 federal contractors during last week’s Washington Technology (WT) webcast, Inside NIST 800-171: Cyber Requirements and the Risk of Non-Compliance. Currently, all DoD contractors that handle, process or store sensitive types of government information must comply with...
Blog

Optus Customers Saw Incorrect Info After Logging Into My Account Site

Some customers of Optus said they saw incorrect information when they attempted to log into their profiles using the My Account website. On 13 February, customers of Australia's second-largest telecommunications company took to Twitter to explain that they were having issues accessing their accounts. One such user explained that the My Account...
Blog

Hacker arrested for wave of fake bomb and shooting threats against schools

FBI agents have arrested a 20-year-old man alleged to have been part of a hacking gang that not only launched distributed denial-of-service (DDoS) attacks but also launched a wave of bomb and shooting threats against thousands of schools in the United States and United Kingdom. Timothy Dalton Vaughn of Winston-Salem, North Carolina, is alleged to be...
Blog

To Agent or Not to Agent: That Is the Vulnerability Management Question

With the evolution of technology comes new approaches to solving problems. Sometimes a new approach fixes the problem; sometimes it creates new ones. The good thing is as folks who work in fast-paced, high-tech environment, we information security professionals are great at quickly analyzing the new technologies and applying them to our daily lives....
Blog

VERT Threat Alert: February 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s February 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-817 on Wednesday, February 13th. In-The-Wild & Disclosed CVEs CVE-2019-0676 The first vulnerability in the list today is an Internet Explorer vulnerability that is already seeing active...
Blog

High Severity RunC Vulnerability Exposes Docker And Kubernetes Hosts

Often claimed as a worst-case scenario, a container breakout vulnerability has been discovered in RunC, the universal container runtime used by Docker, Kubernetes and other containerization systems. Further research has discovered that a similar version of the same vulnerability affects the LXC and Apache Mesos packages. Identified as CVE-2019-5736,...
Blog

Dunkin' Says Credential Stuffing Attacks Targeted DD Perks Accounts

Dunkin' Brands Inc. ("Dunkin'") said that bad actors recently used credential stuffing attacks to target some DD Perks accounts. Kari McHugh, senior director of customer relations at Dunkin', wrote in a sample letter sent to the Office of the Vermont Attorney General that the company detected a wave of credential stuffing attacks near the beginning...
Blog

Supply Chain Security – Sex Appeal, Pain Avoidance and Allies

Every security professional and every privacy professional understands that supply chain security is as important as in-house security. (If you don’t understand this, stop and read Maria Korolov’s January 25, 2019 article in CSO, What is a supply chain attack? Why you should be wary of third-party providers.) So how do you marshal the resources that you need to implement effective supply chain...
Blog

Phishers Leveraging Google Translate to Target Google and Facebook Users

Phishers are leveraging Google Translate in their attempts to steal the login credentials for users' Google and Facebook accounts. Larry Cashdollar, a member of Akamai's Security Intelligence Response Team (SIRT), received an email in early 2019 informing him that someone had accessed his Google account from a new Windows device. On his phone, the...
Blog

The Top Tactics to Be Successful at Secure DevOps

Today’s increasingly connected world, with access to mobile devices and cloud scale computing, is leading to disruption in business models and processes. To succeed, you have no option but to continuously deliver new value to customers at the increasing speed that they demand. Mark Andreessen, the founder of Netscape, said a few years back that ...
Blog

Google Chrome extension warns if your password has been leaked

Anyone who has a presence on the internet is likely to be suffering from breach fatigue. Data leaks are reported in the headlines on a daily basis, and users can feel so overwhelmed by the sheer number of breaches that they feel there's little they can do to keep ahead of hackers. It can almost feel like a full-time job as you try to determine if...
Blog

Software Vulnerabilities Used by 200 VT Towns Left Employees' SSNs Exposed

Vulnerabilities in software used by 200 Vermont municipalities left town employees' Social Security Numbers and other information exposed. Brett Johnson, owner of IT company simpleroute, discovered the flaws after two Vermont towns hired him to do some work for them back in 2017. According to a report in which he wrote about the weaknesses, Johnson...
Blog

Why Security Is Needed to Keep the CI/CD Pipeline Flowing Smoothly

Technology has advanced to a state where clients now expect a constant stream of updates for their software and applications. To fulfill this demand, developers commonly turn to what’s known as a CI/CD pipeline. As noted by Synopsys, this practice embraces two important software development concepts of today’s streamlined world: Continuous...
Blog

Cybersecurity Documentation: The Best Defense Is a Good Offense

Most people do not regard their cybersecurity and privacy documentation as a proactive security measure. On the contrary, many oftentimes view documentation as a passive effort that offers little protection to a company, generally an afterthought that must be addressed to appease compliance efforts. Where documentation may get some much-needed...