Resources

Blog

Foreign Intelligence Agency Targeted Norway's Labour Party, Report Police

National police have notified Norway's Labour Party parliamentary group that a foreign intelligence agency targeted its members. On 2 February, the Norwegian Police Security Service (PST) notified the Labour Party that hackers had targeted the group in autumn 2016. Labor, which is the biggest party in Norway's Parliament, subsequently sent out a...
Blog

The Evolution of Phishing

If you've got an email account or social media profile, it's likely you've come across phishing of some kind before. In a sentence, phishing is the fraudulent attempt to steal personal information by social engineering: the act of criminal deception. Verizon's latest Data Breach Investigations Report notes that "social engineering remains worryingly...
Blog

The Shamoon v2 Saga Continues

Shamoon v2 is a tenacious piece of malware that recently participated in attacks against 15 Saudi government agencies and private companies. Shamoon compromises hard drives and leaves them completely erased and inoperable. It first appeared in 2012 when it targeted one Saudi company, an assault which today is widely recognized as one of the most...
Blog

Ransomware Attack Causes County to Shut Down IT System

A county located in Ohio has suspended its IT system after a ransomware attack affected computers inside its government center. Licking County officials first discovered there was a problem when they couldn't open files saved to some government computers. When they rebooted those machines, they saw a ransom note and contacted the IT department. IT...
Blog

Gaza Cybergang Group Targeting ME Governments with Downeks, Quasar RAT

Several high-profile attack campaigns targeting Middle Eastern companies have recently come to the attention of the security community. One of the first operations we heard about occurred on November 17, 2016, when Shamoon resurfaced and leveraged Disstrack malware to wipe the computers at an energy organization based in Saudi Arabia. Apparently, ...
Blog

Ignorance is Bliss? An Enormous WordPress Zero-Day has Been Secretly Fixed

What has happened? A severe zero-day vulnerability has been fixed in WordPress, which - if left unpatched - could allow a malicious attacker to modify the content of any post or page on a WordPress site. Woah! Any post or page could be hijacked? Yes, it's as though you've handed the reins of your site over to a malicious hacker and said - "publish...
Blog

Does DoD-Level Security Work in the Real World?

I began my career in Information Security working for the Department of Defense, first for a Naval research facility, then Naval Intelligence, and finally with the National Security Agency. Information security for my first assignment meant locking your classified materials in a safe when you left the office at night, and making sure the office door...
Blog

The Internet Isn’t Vulnerable – It’s a Weapon

In the United States, there is a basic rule of thumb that at some point after a block of metal undergoes a certain amount of manufacturing, it becomes a rifle. When approximately 80 percent of the manufacturing is complete, the metal is not a weapon; at 81 percent, it is. A weapon is dangerous; it is often regulated, and more often than not, it has...
Blog

Static Code Analysis and You

I have been involved in several efforts to integrate static code analysis into software projects—none have been terribly successful. Most have resulted in hours of time spent identifying and removing false positives. So, when I read Travis Smith's recent post about Fallible static code analysis, I was immediately struck with the need to add my two...
Blog

Small Companies Overconfident about Their Security Posture, Finds Survey

Today, there are many factors that prevent businesses from effectively assessing and mitigating digital security risk. One contributor to The State of Security kicked off 2017 by discussing four of these causes. I won't spoil the article for you. I will say, however, that data access and asset control feature heavily in the post. That's only to be...
Blog

Inception and the Road from Security Serendipity

You spin the top and wait to see if it continues in kinetic motion or if it falls to the pull of gravitational force. You trust that the road chosen to walk the path of serendipity toward an anticipated culmination of the correct state of scientific innovation – which, in this case, has been forged to deliver a true state of cyber security is...
Blog

Netflix Membership Piracy Scam Tricks Users into Installing Ransomware

Computer criminals are luring in users with a Netflix membership account piracy scam and tricking them into installing ransomware. The scam starts when a Windows/PC user downloads what they believe is a Netflix login generator. These types of tools are usually available on websites that host cracked applications and offer access to premium web...
Blog

Authoritative Asset Repository: What’s That?!

A Configuration Management Database (CMDB) is a repository that is an authoritative source of information of what assets are on the corporate network. At least, that’s what it’s supposed to be. However, in many of my recent discussions, the more common definition given for CMDB is “a struggle.” Does that sound familiar? If so, keep reading. If not,...
Blog

Dozens of Android VPN Apps Fail to Protect Users' Privacy, Study Reveals

One of the best friends a user can have in today's digital age is a virtual private network (VPN). This tool masks a user's IP address and tunnels their data through a network of servers. In so doing, a VPN helps a user anonymously and more securely browse the web. Unfortunately, not all VPNs fulfill that purpose. A group of researchers from Queen...
Blog

U.S. Top-Ranked Globally in 2016 Data Breaches, Finds Report

The United States takes the number one spot worldwide in data breaches disclosed last year, revealed a new report analyzing breach activity in 2016. Risk Based Security’s annual report released on Wednesday found that the U.S. accounted for nearly half – 47.5 percent – of all incidents, and a whopping 68.2 percent of all exposed records. Close to 2...
Blog

Hacker Sentenced to Nine Months in Jail for 'Celebgate' Scandal

A hacker has received nine months in prison for compromising hundreds of people's accounts as part of the 'Celebgate' scandal. From 23 November 2013 through August 2014, Edward Majerczyk, 29, of Orland Park, Illinois orchestrated a phishing scheme that targeted 30 celebrities and 270 others. He sent each victim an email that directed them to a...