In my ongoing blog series “Hacker Mindset,” I explore an attacker’s assumptions, methods, and theories, including how information security professionals can apply this knowledge to increase cybervigilance on the systems and networks they steward. In this article, I explore the intense debate surrounding encryption and what it means for policy makers...

Ever since the first large-scale ransomware attacks started targeting individual users, companies, and government institutions, we have witnessed that the primary malicious actor is usually a hacker or a hacker collective. More and more victims are now browsing the web looking for a way to get rid of the threat by not paying the ransom sum, a trend...

2016 saw a lot of different types of scams prey on unsuspecting users. Some achieved greater prevalence than others. One of those was the tech support scam, a ruse where a fraudster calls a victim while impersonating a customer support representative from a well-known technology company. They tell the victim their computer is infected with malware...

Arby's Restaurant Group, Inc., has confirmed that a breach affected payment systems at its corporate restaurant locations. Information security investigative journalist Brian Krebs first learned something was up when several banks and credit unions reached out to him inquiring if he had heard of an incident involving Arby's. He subsequently reached...

Modern technology has probably done more than its fair share to ignite illicit relationships, but it can also lead to a romantic affair's unravelling. But if your wife or husband becomes aware of an adulterous entanglement through a buggy app, do you blame yourself for having the affair in the first place, or do you blame the software that couldn't...

A federal grand jury has indicted a former National Security Agency (NSA) contractor for stealing national defense information over the past 20 years. The indictment (PDF) alleges that Harold Thomas Martin, 52, collected a number of government secrets while employed as a private contractor for various government agencies. He began lifting the...

The year of 2017 isn’t shaping up to be a game changer in combatting ransomware so far. On the contrary, crypto infections are becoming increasingly toxic in terms of their impact and attack surface. Online extortionists keep hitting police departments, healthcare organizations, public libraries, schools, hotels, and unprotected servers around the...

A memory-based malware is using PowerShell scripts within the Windows registry and penetration testing tools to evade detection. Security researchers at Kaspersky Lab came across the malware when they discovered code for Meterpreter, a post-exploitation tool of the Metasploit penetration testing software, inside the physical memory of a domain...

Every year, the RSA Conference attracts the industry's most respected thought leaders, seasoned security experts and aficionados from around the globe. In 2016, it saw a record of over 40,000 attendees – all hungry to discuss and debate pressing cybersecurity issues. As one of Tripwire's top information security conferences for 2017, we have no...

New media, it would appear, now outpaces the old. More data is consumed and processed than at any time before in human history. But as we hasten into a world where the immediate is often favoured over the verified, the attention-grabbing over the considered, and the assumed over the researched in terms of how we both receive and disseminate...

Last week, while browsing various news feeds and websites, I took a scroll through Facebook and saw this video posted from our local morning show, Breakfast Television. They were talking about a Lifehacker post that referenced a github repository belonging to Viljami Kousmanen. The doom and gloom statements of the video are pretty clear evidence of...

National police have notified Norway's Labour Party parliamentary group that a foreign intelligence agency targeted its members. On 2 February, the Norwegian Police Security Service (PST) notified the Labour Party that hackers had targeted the group in autumn 2016. Labor, which is the biggest party in Norway's Parliament, subsequently sent out a...

If you've got an email account or social media profile, it's likely you've come across phishing of some kind before. In a sentence, phishing is the fraudulent attempt to steal personal information by social engineering: the act of criminal deception. Verizon's latest Data Breach Investigations Report notes that "social engineering remains worryingly...

Shamoon v2 is a tenacious piece of malware that recently participated in attacks against 15 Saudi government agencies and private companies. Shamoon compromises hard drives and leaves them completely erased and inoperable. It first appeared in 2012 when it targeted one Saudi company, an assault which today is widely recognized as one of the most...

Social networking websites strive to make members' lives better by bringing people together. Who among us hasn't taken delight in reconnecting with our best friend from back in grammar school? And who hasn't enjoyed meeting new people whom they might not have otherwise? To be sure, social media can enhance a life. But it can certainly destroy one,...

A county located in Ohio has suspended its IT system after a ransomware attack affected computers inside its government center. Licking County officials first discovered there was a problem when they couldn't open files saved to some government computers. When they rebooted those machines, they saw a ransom note and contacted the IT department. IT...

Several high-profile attack campaigns targeting Middle Eastern companies have recently come to the attention of the security community. One of the first operations we heard about occurred on November 17, 2016, when Shamoon resurfaced and leveraged Disstrack malware to wipe the computers at an energy organization based in Saudi Arabia. Apparently, ...

What has happened? A severe zero-day vulnerability has been fixed in WordPress, which - if left unpatched - could allow a malicious attacker to modify the content of any post or page on a WordPress site. Woah! Any post or page could be hijacked? Yes, it's as though you've handed the reins of your site over to a malicious hacker and said - "publish...

During the second week of February, information security professionals will head over to San Francisco to attend RSA, one of The State of Security's top 13 conferences for 2017. The conference is primarily focused on information security-related topics and typically draws over 45,000 attendees per year, making it one of the largest information...

I began my career in Information Security working for the Department of Defense, first for a Naval research facility, then Naval Intelligence, and finally with the National Security Agency. Information security for my first assignment meant locking your classified materials in a safe when you left the office at night, and making sure the office door...