Resources

Blog

My SecTor Story: Root Shell on the Belkin WeMo Switch

*Updated 12/7/2015 – NOTE: The WeMo attack vector described in this article was resolved with WeMo firmware release 2.00.8643. Customers are encouraged to install the latest update immediately. There were many activities hosted at SecTor 2015. My favorite activity was the Internet of Things Hack Lab sponsored by Tripwire. The term Internet of...
Blog

How to Make Risk More Tangible for your Board

You know that cybersecurity risks exist for your company; so does your board. They know cybersecurity is a business issue, and they also know they need to be concerned about what it means to their business. But more often than not, the board doesn’t have a concrete understanding of how they can actually help. In a recent paper, Top 5 Tips for...
Blog

There Is Nothing New Under the Sun

The actual origination of the above phrase (worth reading in full) is Ecclesiastes 1:9, the Old Testament. With respect to whatever religion you worship, the point is simply to highlight the naivety in assuming something to be new or original without paying due attention to available mavens. Every “new” idea has some sort of precedent or echo from...
Blog

New Toolset Linked to Wiper Malware in Sony Hack, Finds Researchers

Researchers have discovered two new utilities that are closely associated with the wiper malware used to disrupt the computer networks of Sony Pictures Entertainment last year. After phishing for employees' login information, the attackers responsible for the breach used a strain of wiper malware known as "Destover" to wipe the files off of company...
Blog

5 Ransomware Safety Tips for Online Retailers

Just in time for the holiday shopping season, cybercriminals have developed a destructive new form of ransomware that targets the websites of online retailers. According to independent security journalist Brian Krebs, fraudsters have been leveraging the malware – dubbed ‘Linux.Encoder.1’ – to essentially hold a site’s files, pages and images for...
Blog

On Password Managers, Perspective and Patience

Throughout October this year, many tips for National Cyber Security Awareness Month focused on the password problem, including the usual warnings about weak passwords and the same password used in multiple places (known as “password re-use”). Every one of those tips (including more than one written by me) advises the use of a password manager to...
Blog

"Onion-Layered" Incidents Among Top Cybercrime Trends Observed by IBM

Security researchers with IBM have named "onion-layered" security incidents one of the top cybercrime trends they are observing in Q4 2015. In their report IBM X-Force Threat Intelligence Quarterly, 4Q 2015, the researchers explain that an onion-layered security incident involves a second, more damaging and sophisticated attack that follows an...
Blog

Security Mentors: Honoring Those Who Fuel Our Love of Infosec

Thanksgiving is a time for reflection. It provides us with a space for acknowledging all those many people and life experiences that one way or another enrich our lives, year after year. With the spirit of Thanksgiving in mind, we have gathered together the comments of some of the industry's leading professionals on who they are thankful for fueling...
Blog

The Irony of Ethics in Malware

In the last few days, I have seen multiple articles on ransomware in my news feeds (including a shameless reference back to our own post on The State of Security). As I read these, it occurred to me that there is an ironic similarity between these schemes and legitimate companies. The criminals running these malware and ransomware schemes have to be...
Blog

Cloud Computing: Putting Your Files on Someone Else’s Computer

If your organization decides to put their corporate files – or their customers’ files – onto someone else’s computer, i.e., implement cloud computing, what security effort should those organizations undertake to ensure the safety of their data? That is the question that we find our customers looking to Tripwire to help them answer. As a Tripwire...
Blog

Phishing Email Scam Targeting DHL Customers

Security researchers have identified a new phishing email scam that is targeting customers of the DHL global delivery service. Analysts with the Comodo Antispam Labs team reveal in a blog post that the phishing email purports itself to be sent from DHL Worldwide and uses the subject line "DHL Shipping Delivery Tracking Number" to support this...
Blog

A LastPass Hack with a Happy Ending

In September, Black Hat Europe announced an interesting talk that entitled “Even the LastPass will be stolen, deal with it”. As reported in an earlier article, it was anticipated (based on the description on the conference announcement) that the “Remember Password” option was the likely attack vector. The presentation was delivered last week, and as...
Blog

Rethinking Effective Endpoint Threat Protection

Given the number and sophistication of threats stalking today's digital landscape, it is incumbent on organizations to improve their cyber resiliency. However, this task is not as easy as it sounds. Our network environments have evolved far beyond the confines of what antivirus solutions or firewalls alone can protect. The Internet of Things (IoT)...
Blog

Cloudsota Trojan Found Preinstalled on Tens of Thousands of Tablets

A security firm has discovered that tens of thousands of tablets sold on Amazon.com and elsewhere came pre-loaded with the Cloudsota Trojan. Chinese mobile Internet security company Cheetah Mobile has published a post about its findings. In it, it highlights the complaints of many customers regarding these tablets' poor quality of manufacture, with...