Resources

Blog

VERT Threat Alert: September 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s September 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-849 on Wednesday, September 11th. In-The-Wild & Disclosed CVEs CVE-2019-1214 An elevation of privilege vulnerability in the Windows Common Log File System (CLFS) driver can allow an...
Blog

District in Rockford Public Schools Confirms Ransomware Attack

A district within the Rockford Public Schools (RPS) system has confirmed it suffered a ransomware attack that affected parts of its network. On 6 September, District 205 of RPS posted a statement on Facebook in which it noted that its Internet, phones and information systems used to track attendance...
Blog

10 of the Most Significant Ransomware Attacks of All Time

For years, ransomware actors have developed new families and attack campaigns in increasing frequency and numbers. Such activity peaked in 2017 but then fell in tandem with cryptocurrency miners’ rise. This development was short-lived, however. Between Q4 2018 and Q1 2019, Malwarebytes observed a 195 percent increase in ransomware detections...
Blog

Fake PayPal Website Distributes New Variant of Nemty Ransomware

Digital attackers created a fake PayPal website to distribute samples of a new variant of the Nemty crypto-ransomware family. Security researcher nao_sec uncovered the ransomware variant after they came across a fake PayPal website. This site promised users a return of 3-5 percent for making purchases through its payment system. But its primary...
Blog

Don’t Trade Convenience for Security: Protect the Provenance of your Work

I recently volunteered as an AV tech at a science communication conference in Portland, OR. There, I handled the computers of a large number of presenters, all scientists and communicators who were passionate about their topic and occasionally laissez-faire about their system security. As exacting as they were with the science, I found many didn’t actually see a point to the security policies...
Blog

Don’t Let Your Analysts Become the Latest Victims of Burnout!

Working as a cybersecurity analyst is incredibly challenging. It’s one of the only roles in IT that requires 24/7/365 availability. The constant stressors of the job can overload security analysts, which ultimately leads to burnout—affecting every factor of the job from performance to talent retention. Recently recognized by the World Health...
Blog

Ransomware Attackers Demanded $5.3M from City of New Bedford

Digital criminals demanded $5.3 million in ransom from the City of New Bedford, Massachusetts following a ransomware attack. Jon Mitchell, Mayor of New Bedford, explained in a press briefing that the ransom demand came shortly after the City's Management Information Systems (MIS) staff detected a ransomware attack in the early morning hours of 5...
Blog

Tripwire Patch Priority Index for August 2019

Tripwire's August 2019 Patch Priority Index (PPI) brings together important security vulnerabilities from Microsoft and Adobe. First on the Patch Priority Index are patches for Microsoft's Browser and Scripting Engine. These patches resolve 12 vulnerabilities including fixes for memory corruption, information disclosure and security feature bypass...
Blog

Phishing Campaign Used SharePoint to Bypass Email Perimeter Tech

Security researchers spotted a phishing campaign that used SharePoint to bypass email gateway and other perimeter technologies. Cofense learned of the campaign after it analyzed an attack email sent from a compromised account @independentlegalassessors.co.uk. The email asked the recipient to review a proposed document by clicking on an embedded URL....
Blog

Strong Customer Authentication: A Vehicle for PCI-DSS Compliance

Payment services that operate electronically should adopt technologies that guarantees the safe authentication of the user and reduces, to the maximum extent possible, the risk of fraud. In order to achieve this, the European Union in 2007 passed the Payment Services Directive (PSD). The aim of this legislation is to regulate payment services and...
Blog

5 Modern Skills for Modern CISOs

As the digital economy has grown and changed, cybersecurity has become an integral part of operating nearly any successful business. The Chief Information Security Officer (CISO) is at the forefront of the modern cybersecurity organization, and CISOs have to adapt to the changing times in front of them. It used to be that the path to becoming a CISO...
Blog

Insider Threats: Root Causes and Mitigation Practices

The recent IBM 2019 Cost of Data Breach survey found that the cost of a data breach had risen 12% over the past 5 years to $3.92 million on average. While 51% of the data breach attacks were attributed to malicious or criminal actors, a stunning 24% of the breaches were caused by negligent employees or contractors. The report also notesed that the...
Blog

Joint Effort Neutralized Over 850K Infections of Retadup Worm

A joint investigatory effort neutralized more than 850,000 unique infections of Retadup, a worm known for targeting Windows machines in Latin America. In March 2019, Avast came across an interesting cryptomining payload that arrived with a advanced stealthy process hollowing implementation. The security firm decided to look into what means of...