Resources

Blog

Top Cloud Security Resources: Certifications, Events and Social Media

Context setting: In my first article on cloud security, I talked about the journey to cloud migration. What are the things you need to consider when planning the big move? To realize the full value of this post, you must have already identified the motivations for migration and the locations of some resources you can use to enhance your security...
Blog

Worst Passwords List Reveals "123456" to Still Be Top Offender

A list of some of the worst passwords for 2019 revealed that users continue to turn to "123456" above all of the other ill-advised combinations. In total, TeamsID published 50 of the worst passwords used during the past year. The top 15 of these are presented below: 123456 123456789 qwerty password 1234567 12345678 12345 iloveyou 111111 ...
Blog

Looking to Drive down the Cost of Doing Business? Use Managed Services

Businesses are always looking for ways to control and reduce the cost of doing business as well as gain a competitive advantage over their respective competitors. The constant pressure of doing more with less has introduced many offerings designed to reduce the cost and complexity of the IT/OT infrastructures that support the business. Let’s take a...
Blog

Navigating ICS Security: The Threat Landscape

Whilst working for a management consultancy, I learned a lot more about industrial control systems (ICS) than I ever imagined I would. In many cases, this wasn’t from working on them directly; it was from simply speaking to the technicians and reading documentation. Oftentimes, we have the false belief that our systems are safe from compromise...
Blog

Poison Frog Malware Samples Reveal OilRig's Sloppiness

An analysis of a new backdoor called "Poison Frog" revealed that the OilRig threat group was sloppy in its development of the malware. Kaspersky Lab came across Poison Frog while scanning its archives using its YARA rule to hunt for new and old malware samples employed by OilRig. It launched this investigatory effort shortly after crackers operating...
Blog

What Does Integrity Monitoring Have To Do With Security Anyway?

After spending several decades in this industry, I have seen growth in many different security products and in many different areas. All the while, I've questioned whether specific technologies were offering real value or were just over-marketed to create more revenue opportunities for investors. As we have seen repeatedly, categories of security...
Blog

Companies That Request PII From Vendors Must Protect It

In my line of work, it is often a requirement to provide our customers with background information on the employees who will be performing on-site professional services. This is not in itself an issue, but how the customer receives and handles that information can be. Tripwire best practice is for HR to provide an attestation of all requested...
Blog

Medical Care at NJ Hospital Disrupted by Ransomware Attack

A New Jersey hospital said that it was forced to cancel some surgeries and other medical procedures after falling victim to a ransomware attack. Hackensack Meridian Health, a non-profit health care center based in Edison, New Jersey, revealed to the Wall Street Journal (WSJ) that the attack began on...
Blog

Social Engineering the Silver Screen: Home Alone Edition

I have wanted to do a series like this for some time. I frequently watch movies and point out social engineering and OSINT techniques or inaccuracies as well as OPSEC blunders. These blunders, in addition to the matrix style waterfall screens, are equally bad as the "hacking" you see in movies. So, let's level the playing field about the specific...
Blog

Government Procurement Services Targeted in Phishing Campaign

Researchers discovered a phishing campaign which attackers designed to harvest login credentials from government procurement services. According to Anomali Labs, malicious actors crafted their campaign to target various services used by public and private entities to match buyers and sellers of government services. They did so by directing...
Blog

Waco water bill attack just the latest in a wave of Click2Gov breaches

The City of Waco has warned residents that their online payments for water services may have been intercepted by hackers who stole credit card details. The heart of the problem lies in the third-party online payment software that Waco and several other cities and municipalities use to let residents pay their bills, pay parking fines, as well as make...
Blog

Finding a Good Vendor Partner: More than Technology

Finding a security vendor that is the best fit for your company’s business objectives, culture, risk profile, and budget is challenging today. The purpose of this blog is to suggest that working with a “vendor partner” is more than working with a standard technology vendor in that a partner aligns not only with “Technology” concerns but also with ...
Blog

VERT Threat Alert: December 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s December 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-863 on Wednesday, December 11th. In-The-Wild & Disclosed CVEs CVE-2019-1458 A vulnerability in Win32k is currently seeing active exploitation that could give an attacker the ability to...
Blog

Updated Ryuk Ransomware Decryptor Could Damage Larger Files

Attackers provided victims who paid with an updated Ryuk ransomware decryptor that could potentially damage their larger files. Emsisoft found that malicious actors had added numerous new features to Ryuk ransomware over the past year. In a lesser-known case, attackers gave Ryuk the ability to partially encrypt files that exceeded 54.4 MB in size....
Blog

Navigating ICS Security: Knowing the Basics

As we begin our new decade of the 2020s, we can look back at the last 30 odd years and examine the collaboration between technology and our daily lives. If you think of your day-to-day, it’s easy to see how much our society relies on technology. Consider our smart devices such as mobile phones, watches, even homes. However, what about the technology...
Blog

Spotify Phishing Campaign Tells Users that Their Subscriptions Are Frozen

A new Spotify-themed phishing campaign informed recipients that the music streaming service had frozen their subscriptions. On 5 December, MailGuard discovered an email that appeared to come from Spotify. The email itself used the display name "Spotify" along with the music streaming service's logo to lull recipients into a false sense of security....
Blog

Moving to the Cloud: Motivations Behind the Migration

Consider how many times a day you check your mobile phone, smartwatch, smart TV, and/or other connected devices. How normal does it seem to be reaching out to an external source, not actually sure where this information is stored, or even coming from, but that it’s there, accessible and ready to be taken in? Organizations wishing to migrate to a...
Blog

CMMC: The Logical End of ISO 27001, SOC 2 & Other Certifications

In the not-too-distant future, I can clearly see how ISO 27001, SOC 2 and other [redacted] certifications could become a diminished, legacy activity, viewed as a rarity left over from marketing efforts to distinguish an organization’s security posture from its competition. Absurd? Unrealistic? Actually, it is a very pragmatic understanding of what...