What's this Maze thing I keep hearing about? Maze is a particularly sophisticated strain of Windows ransomware that has hit companies and organizations around the world and demanded that a cryptocurrency payment be made in exchange for the safe recovery of encrypted data. There's been plenty of ransomware before. What makes Maze so special? Like...

DoppelPaymer ransomware allegedly struck a U.S. coastal city in Los Angeles County by stealing its unencrypted data and then encrypting its devices. As reported by Bleeping Computer, the operators of DoppelPaymer updated their "Dopple Leaks" leak site with a post entitled "City of Torrance, CA." This post contained numerous links to files that...

Digital attackers used spearphishing campaigns to target oil and gas companies with samples of the AgentTesla infostealer family. In the first campaign spotted by Bitdefender, malicious actors sent out emails that appeared to originate from Egyptian state oil company Engineering for Petroleum and Process Industries (Enppi). Those emails invited...

Just a couple of weeks back I posted to The State of Security an article titled “Finally Some Good News: NERC Proposes Deferment of 3 CIP standards,” and, as suspected, the Federal Energy Regulatory Commission (FERC) approved the extension officially on April, 17th with this order. Having approved NERC’s petition submitted on April 6th, FERC...

Building an effective and resilient organization on a budget isn't a small task. When it comes to cybersecurity budgets, there are many different aspects that need to be considered. Thankfully, alignment with industry best practice and recognized security frameworks adds a small amount of clarity to this challenge. When presenting the webcast “It’s...

Scams leveraging coronavirus 2019 (COVID-19) as a lure have stolen tens of millions of dollars from their victims. As of April 16, 2020, the Federal Trade Commission (FTC) had received 20,334 consumer reports of fraud attempts pertaining to the coronavirus since the beginning of the year. Those attacks that proved successful had caused their victims...

It’s hard not to say that 5G technology brings a lot of benefits. 5G entails faster download speeds, and yes, if you have a 5G-enabled handset, you could hear and appreciate the speed increases for videos, gaming, etc. However, 5G provides added benefits that go way above those for the everyday user. Let’s take a look at the high speed and low...

Millions of people have moved onto the Zoom video-conferencing platform as the coronavirus pandemic has forced them to work from their homes. According to Zoom's own statistics, its daily usage has soared from approximately 10 million daily users in December to over 200 million today. And although Zoom must be pleased to see so many more people...

Ragnar Locker ransomware demanded 1580 bitcoin (approximately $11 million) as ransom from Portuguese electric utilities company Energias de Portuga (EDP). As reported by Bleeping Computer, the operators of Ragnar Locker published a new post on their data leak website in which they claimed that they had stolen a large amount of data from the European...

Anyone who has had any experience on the offensive side of security has had fun with privilege escalation. There’s something exciting about exploiting a system to the point of getting root-level access. Since I have spent most of my time on the defensive side of the fence, the magic of escalating privileges rested in Exploiting for Privilege...

Officials revealed that malicious actors had succeeded in infiltrating the computer network serving New York's state government. According to the Wall Street Journal (WSJ), officials revealed on April 13 that New York's Office of Information Technology had discovered the security incident in late...

Today’s VERT Alert addresses Microsoft’s April 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-880 on Wednesday, April 15th. In-The-Wild & Disclosed CVEs CVE-2020-0935 A vulnerability in the OneDrive for Windows desktop application could allow an attacker to overwrite a targeted file...

A new wiper malware falsely informed victims in its infection notice that two security researchers had been responsible for attacking them. According to Bleeping Computer, users who downloaded programs from free software and crack sites found that they couldn't successfully authenticate themselves and unlock their Windows computers. Instead, their...

On March 27, 2020, President Trump signed an unprecedented $2 trillion stimulus package into law. The legislation received support from both chambers of the U.S. Congress for its goal to minimize the economic effects of the global coronavirus 2019 (COVID-19) pandemic, reported CNN. A key component of that package was the direction to provide...

Why is cybersecurity important to Education? Acknowledging recent reports of ransomware targeting educational institutions, it is no wonder that there have also been articles that attempt to lure in readers with “free” tools. What is disappointing is that these “free” tools are little more than marketing pieces that direct you to click on readily...

Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim Erlin, each episode brings on a new guest to explore the evolving threat landscape, technology trends, and cybersecurity best...

When I first started researching ATT&CK last year, Persistence was the tactic which made me fall in love. Even though I have been in the industry for some time, I learned more from digging into the various techniques here than any other tactic. While I knew about fun tricks like replacing sethc.exe with cmd.exe and hitting the shift key a bunch of...

New technologies often present interesting challenges for security teams, with cloud services such as AWS, Azure and GCP providing particularly novel cases in comparison to “classic” on-premise systems. As cloud services race to add new features that drive new customer interest and increase retention of existing clients, there is a very real risk of...

We all know there are a number of different security devices that need to be continually monitored because they represent attack vectors. That’s why understanding configuration management is critical to security hygiene. As practitioners, we need to adhere to CIS controls as they provide a critical baseline for maintaining our security framework and...