The United States Department of Justice has charged three North Korean computer programmers with a range of cyber attacks that made headlines around the world. The men - 31-year-old Jon Chang Hyok, Kim Il, 27, and 36-year-old Park Jin Hyok - are alleged to have been part of North Korea's Reconnaissance General Bureau (RGB), known commonly as the ...

Increased uptime? Check. Better access to outside expertise? Check. Improved first-time-fix rate? Check. These are just some of the benefits of industrial remote access. Yet many customers are reluctant to embrace remote access. Not only that, but incidents such as the breach at the Oldsmar water utility might increase organizations’ reluctance to...

If high-tech gadgets were on your holiday shopping list, it is worth taking a moment to think about the particular risks they may bring. Under the wrong circumstances, even an innocuous gift may introduce unexpected vulnerabilities. In this blog series, VERT will be looking at some of the Internet’s best-selling holiday gifts with an eye toward...

Note: The attack procedure built in this post will not work for every macOS operating system or in every scenario. There are many factors that can block scripts from running at boot time, and you should always test against your target operating system. The MITRE ATT&CK framework is a universally accepted knowledge-base of tactics, techniques and...

While I was teaching, one of my students asked if I had seen Cybergeddon, a film distributed by Yahoo! in 2012. I had not, so I decided it would be fun for VERT to watch the film and review it, since my hobby is writing film reviews for RotundReviews. Cybergeddon is not talked about as much as it should be given some of the background around it. It...

The European Union Agency for Cybersecurity (ENISA) released in November 2020 its “Cybersecurity in Railways” report to raise awareness about the cybersecurity challenges facing Europe's railways. The report identifies the current cybersecurity status and challenges as well as proposes cybersecurity measures to combat these challenges and enhance...

When I was a software developer, I never joined any dev communities. I didn’t see the point. I also worked evenings as a professional musician and mostly spent time within the music community and sports groups I was a part of. I spent time with my dev friends at work; I didn’t understand why I would want to know devs with whom I didn’t work. I was a...

Social media is no stranger to scams. However, recent trends show scammers have started to show more aggression toward businesses since the beginning of the pandemic. Being able to recognize these scams can help you prevent injury to your business. Social Media as a Newer Cybercrime Platform for Targeting Businesses Scammers go where the people...

British police have arrested eight men in connection with a series of SIM-swapping attacks which saw criminals hijack the social media accounts of well-known figures and their families. The UK's National Crime Agency (NCA) says it made arrests in England and Scotland as part of an international investigation working alongside the FBI, US Secret...

Organizations are overwhelmed by the choice of cyber security tools in the market. They need to balance prioritizing and remediating vulnerabilities with managing their secure configurations. What’s more, many organizations are using hybrid clouds where they need to protect assets that are hosted both on premises and in the cloud. This complexity...

Today’s VERT Alert addresses Microsoft’s February 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-928 on Wednesday, February 10th. In-The-Wild & Disclosed CVEs CVE-2021-1732 A vulnerability in Win32k that allows for privilege escalation has been exploited in the wild. The...

An attacker hacked into a Florida city’s water treatment plant and attempted to leverage that access to poison the municipality’s water supply. According to WTSP-TV, an operator at the water treatment plant in the 15,000-person City of Oldsmar, Florida noticed someone controlling his mouse cursor on February 5 at around 08:00. The operator didn...

On February 9, 2021, the world will celebrate the 18th iteration of Safer Internet Day. The theme of this year’s event is “Together for a better internet.” It’s a reminder that all of us have a responsibility to help make the web a safer place. One of the ways we can do this is by taking the online safety of children and teens to heart. In their...

On February 9, 2021, the world will celebrate the 18th iteration of Safer Internet Day. It’s an opportunity for everyone to recognize the importance of staying safe online. It’s also a reminder that all of us play a part in making the web a safer place. One of the ways we can observe Safer Internet Day is by helping children and teens navigate...

Data breaches are becoming increasingly common, and one factor driving this escalation is the fact that today’s IT systems are integrated and interconnected, requiring login information from multiple parties and services. In response, Amazon Web Services has launched the AWS Secrets Manager, a service designed to help organizations get a handle on...

Picture this: a young person is in a dark room. The only thing visible is their figure, as it is just barely lit by the blinding LEDs of their computer screen. They type furiously on an ergonomic keyboard as thousands of lines of neon green monospace text fly across the screen. Click-clack-click-clack-click-clack. The moving text and the flying...

Security researchers at Google have claimed that a quarter of all zero-day software exploits could have been avoided if more effort had been made by vendors when creating patches for vulnerabilities in their software. In a blog post, Maddie Stone of Google's Project Zero team says that 25% of the zero-day exploits detected in 2020 are closely...

It is the Tuesday morning after a long weekend. You come into work early to get caught up on emails only to find you are completely locked out. You have been hit by a ransomware attack. You ask yourself, “What happened? And how do I fix it?” This post will explore three of the most significant ransomware families of 2020: Tycoon, Ryuk and REvil....

Many organizations are migrating their workloads to the cloud. But there are challenges along the way. Specifically, security leaders are concerned about their ability to protect their cloud-based data using secure configurations. Tripwire found this out when it partnered with Dimensional Research to survey 310 professionals who held IT security...

Tripwire's January 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Dnsmasq and Oracle. First on the patch priority list this month are patches for Dnsmasq related to the seven so-called "DNSpooq" vulnerabilities. Dnsmasq is an open-source DNS forwarding application, and systems using this software should...