Resources

Blog

Expired Certificates Used as Disguise to Spread Buerak, Mokes Malware

Researchers observed digital attackers employing expired security certificates as a disguise to distribute the Buerak downloader and Mokes malware. Kaspersky Lab learned of a new attack method in which malicious actors leveraged infected websites to warn visitors of an expired security certificate. The Russian security firm traced the first...
Blog

The War of Passwords: Compliance vs NIST

The most recent National Institute of Standards and Technology (NIST) guidelines have been updated for passwords in section 800-63B. The document no longer recommends combinations of capital letters, lower case letters, numbers and special characters. Yet most companies and systems still mandate these complexity requirements for passwords. What...
Blog

What is ISO/IEC 27701?

If you have a familiarity with any information security frameworks and certifications, it’s more than likely you have heard of International Organisation for Standardisation (ISO) and possibly the International Electrotechnical Commission (IEC). From my experience, the most commonly referred to business-level security related certifications are ISO...
Blog

Let's Encrypt Says It Will Revoke 3M Certificates Due to Software Bug

Non-profit certificate authority (CA) Let's Encrypt announced it will revoke more than three million digital certificates due to a software bug. On March 3, Let's Encrypt revealed its plan to revoke 3,048,289 currently-valid certificates. That figure represented approximately 2.6% of the CA's approximately 116 million active certificates at the time...
Blog

PwndLocker Ransomware Targeting Municipalities, Enterprise Networks

Security researchers discovered a new ransomware family called "PwndLocker" targeting municipalities and enterprise networks. Bleeping Computer learned that PwndLocker has been active since late 2019 and has targeted a variety of U.S. cities and organizations in that span of time. According to one source of the computer self-help site, the new...
Blog

How the MITRE ATT&CK Framework Can Improve Your Defenses

Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim Erlin, each episode brings on a new guest to explore the evolving threat landscape, technology trends, and cybersecurity best...
Blog

What Is PIPEDA? And How Does It Protect You and Your Privacy?

You have likely heard of the General Data Protection Regulation (GDPR), and you probably refer to this standard whenever the topic of privacy and data processing arises. But what about outside of the EU? The Office of the Privacy Commissioner of Canada (Commissariat à la protection de la vie privée du Canada) has a twitter account that shares...
Blog

Navigating Cyber Landscape of Connected and Autonomous Cars

In recent years, various attacks have been performed to highlight security concerns about evolving smart cars. In particular, remote hacks took a lot of attention in 2015 when two security researchers hijacked the car’s infotainment system and demonstrated how to manipulate smart car functions. Such attacks elevate the risks associated with the...
Blog

Beware secret lovers spreading Nemty ransomware

Digital attackers are sending around love-themed malicious emails in an attempt to infect recipients with the Nemty ransomware. If you've been kicking around in the world of IT security for more years than you'd like to admit, then you'll surely remember the ILOVEYOU virus (also known as the "Love Bug" or "Loveletter"). When the Love Bug virus...
Blog

More Than 140GB of Data Exposed by Israeli Marketing Company

An Israeli marketing company exposed more than 140GB of data by mishandling the credentials for an Elasticsearch database. A San Diego-based DevOps engineer who uses the Twitter handle 0m3n detected the disclosure after they grew tired of receiving text messages from "random phone numbers with similar messages containing links to gibberish domains."...
Blog

Tripwire Patch Priority Index for February 2020

Tripwire's February 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft and Adobe. Up first on the patch priority list this month are patches for Microsoft Edge and Scripting Engine. These patches resolve information disclosure, elevation of privilege, and memory corruption vulnerabilities. Next on the list are...
Blog

Red Teaming: How to Run Effective Cyber-Drills?

What is red teaming? How is it different from conventional penetration testing? Why do we need blue, red, and white teams? How are cyber-drills carried out, and what results should be expected? In this article, we will answer these and other questions related to red teaming. What is Red Teaming? The red team attacks, the blue team defends. The...
Blog

Scammers Disguise Two Domains as CDN to Cloak Credit Card Skimmer

Scammers disguised two domains as a content delivery network (CDN) in an attempt to quietly target visitors with a credit card skimmer. Malwarebytes noticed something suspicious within the website code of a Parisian boutique store. At first, the script looked like a JQuery library loaded from a third-party CDN. But the actual content of the script...
Blog

NSA Releases Cloud Vulnerability Guidance

The United States’ National Security Agency (NSA) has put together a short guidance document on mitigating vulnerabilities for cloud computing. At only eight pages, it is an accessible primer for cloud security and a great place to start before taking on something like the comprehensive NIST 800-53 security controls. As a guidance document, it doesn...
Blog

Attack Campaign Leveraged Coronavirus Theme to Deliver Remcos RAT

Security researchers discovered an attack campaign that abused fears surrounding the global coronavirus outbreak to deliver the Remcos RAT. Yoroi Security detected the attack campaign when its threat intelligence activities uncovered a suspicious artifact named “CoronaVirusSafetyMeasures_pdf.” In their analysis, Yoroi's researchers determined that...