MageCart, the notorious malware that has been haunting online stores by stealing payment card details from online shoppers at checkout, is reinfecting the same websites time and time again. Dutch security consultant Willem de Groot, who has been tracking MageCart and similar threats since 2015 and has come across over 40,000 compromised stores, says...

Researchers discovered 14 malware families targeting dozens of e-commerce brands just over one week before Black Friday. Kaspersky Lab observed the threats targeting 67 e-commerce brands including 33 consumer apparel sites, eight consumer electronic outlets and three online retail platforms. Banking trojans made up more than half of the malware...

Be organized and efficient. It’s a simple rule of life that makes things run a whole lot smoother. This is something especially important when running your vulnerability management program. There are only so many hours in a day, rather, there are only so many hours in a down cycle where the business will let you scan their environment for...

Today’s VERT Alert addresses Microsoft’s November 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-805 on Wednesday, November 14th. In-The-Wild & Disclosed CVEs CVE-2018-8589 This vulnerability was reported to Microsoft by Kaspersky Labs, who discovered it being exploited by multiple...

In 1998, Congress unanimously passed the Digital Millennium Copyright Act (“DMCA”) to implement two international copyright treaties. Among other provisions, the DMCA addresses the use of technical measures (digital rights management or DRM) that control access to copyrighted works. The new provisions impose fines and criminal penalties for: ...

A data breach involving luxury retailer Nordstrom has potentially exposed the personal information of thousands of its employees. The Seattle-based company said the compromised data included employee names, Social Security numbers, dates of birth, checking account and routing numbers, salaries, and more. According to reports, employees received an...

Last time, I had the opportunity to talk with software tester Claire Reckless. Testing an application’s security and functionality is a vital cybersecurity role that people often don’t think about. This time, I had the honor of speaking with Chrissy Morgan. Chrissy is a protector of the protectors by day and a crazy scientist by night! Kim Crawley:...

According to Gartner, threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable intelligence. When security research teams or government agencies release threat intelligence reports, some of the more tactical actionable intelligence is in the indicators. These indicators include (but are...

We are familiar with the problem of ransomware – malicious software that seeks to encrypt user data and demand a ransom in return for the decryption key. There are several defensive measures that help work against crypto-malware. Backups work, in theory, but are not always available or are partial. We need to realize that ransomware does, and will,...

Details of a Virtual Box 0-day privilege escalation bug were disclosed on GitHub earlier this week. This was the work of independent Russian security researcher Sergey Zelenyuk, who revealed the vulnerability without any vendor coordination as a form of protest against the current state of security research and bug bounty programs. From my...

Security researchers are warning that a botnet has been exploiting a five-year-old vulnerability to hijack home routers over the last couple of months. Analysts working at Qihoo 360's Netlab team say that they first identified the new botnet in September 2018. They have dubbed it "BCMUPnP_Hunter" because of its exploitation of a security hole in the...

In Part 1 of this series, I walked through the background of the NERC CIP version 5 controls and outlined what needs to be monitored for NERC CIP software requirements. In this second half of the series, we’ll take what we’ve learned and explore approaches for meeting the requirements while considering security value. NERC CIP is supposed to be for...

Knowing that a tomato is a fruit is knowledge – not adding it to a fruit salad is wisdom. Similarly, having knowledge about privacy and security is good, but true wisdom is knowing that they are vastly different from each other. While both, to some extent, revolve around the protection of your personal, public and corporate data, they are still not...

Tripwire Data Collector has been providing industrial organizations with visibility into their operational technology (OT) environments since its release in mid-2018. Data can be gathered and monitored via multiple avenues – not only native industrial protocols, such as EtherNet/IP CIP and Modbus TCP, but also integrations with management...

A data breach at Bankers Life might have compromised the personally identifiable information of over half a million people. On 25 October 2018, Fortune 1000 company CNO Financial Group, Inc. submitted a report to the Office for Civil Rights' Breach Portal at the U.S. Department of Health and Human Services. The report revealed an instance of...

HSBC Bank sent a letter to an undisclosed number of customers informing them of a data breach that might have exposed their personal information. The California Attorney General's Office recently received a template of a letter that HSBC Bank sent out to customers on 2 November. In the notice, the...

Everyone knows that it’s not a matter of if your private information will be breached. It’s a matter of when. I don’t have much of an expectation of privacy these days. A search in the Amazon application on my iPhone means that I’ll start seeing Facebook ads for that item. Google maintains a timeline of my visits to various locations. Video cameras...

The internet can be as dangerous a place as any. And every so often, it gets shaken up by some new threat that jeopardizes the safety of users across the globe. Thus, one of the latest scares that has come to our attention is that of the so-called “Programmer who cracked your email” Bitcoin scam. Exactly how serious this ‘scare’ is still remains to...

As organizations grappled with NERC CIP version 5, Tripwire learned along the way. In this series, I’ll cover the aspect of CIP that has come up the most in the last year: how to meet the software monitoring requirements. Software Inventory as a Security Control It is a simple question at first, but the more we peel back the layers, the more we...