Resources

Blog

Proactively Hardening Systems: Application and Version Hardening

The first article in this series examined configuration hardening, essentially looking at ports, processes and services as the “doors, gates and windows” into a network where security configuration management (SCM) becomes the job of determining which of these gateways should be open, closed, or locked at any given time. Now it’s time to look at...
Blog

BEC-as-a-service offers hacked business accounts for as little as $150

Everyone responsible for securing organisations today recognises the significant growth in BEC (Business Email Compromise) attacks, also sometimes known as "Whaling" or "CEO fraud". BEC scammers trick accounting and finance departments into wiring considerable amounts of money into bank accounts under their control, posing as genuine suppliers...
Blog

Net Neutrality Regulation – Does the Past Predict the Future?

The debate over the degree of regulation of broadband Internet providers in the U.S. has been going on almost as long as broadband Internet service has been available. In 2004, the U.S. Federal Trade Commission (FTC) first described a set of non-discrimination principles to ensure that users had access to content on an equal basis. In 2008, the FCC...
Blog

Criminals Holding Hijacked Instagram Influencers' Accounts for Ransom

Criminals are hijacking Instagram influencers' accounts and demanding that victims pay a ransom in bitcoin to regain access. Kevin Kreider, a Los Angeles-based Instagrammer who's known for his following around fitness-related topics, told Motherboard that extortionists first targeted him when someone named Lana reached out with a fake business...
Blog

A Practical Guide to CCPA for U.S. Businesses

Inspired by Europe’s General Data Protection Regulation (GDPR), the State of California has set a new precedent with the passage of the California Consumer Privacy Act (CCPA). The major data incidents last year have driven citizens into a frenzy about securing their data, and states have rushed to developing and passing policies and legislation....
Blog

Network Outage at Some Recipe Unlimited Locations Caused by Malware

A malware outbreak was responsible for a network outage that affected a limited number of Recipe Unlimited restaurant locations. On 1 October, Recipe Unlimited announced a malware attack of which it learned at the end of September. The Canadian restaurant chain owner and food distributor said in a statement that it responded by taking certain...
Blog

The Verizon PHIDBR: A Wake-Up Call for Healthcare Organizations

The healthcare industry continues to be challenged with securing patient health information. According to the Verizon Protected Health Information Data Breach Report (PHIDBR), 58 percent of all security incidents involved insiders, ransomware accounts for 70 percent of all malicious code, and alarmingly, basic security hygiene is still lacking at...
Blog

Women in Information Security: Pam Armstrong

Last time, I spoke with Sharka. She’s a pentester who knows how to hack a glucose meter. She also taught me a few things about physical security. Now I get to talk with Pam Armstrong. Web development eventually led her to healthcare security. Kim Crawley: Please tell me about what you do. Pam Armstrong: I work for a large healthcare system on the...
Blog

DanaBot Observed in Large Campaign Targeting U.S. Organizations

Researchers observed the distribution of the DanaBot banking trojan in a large attack campaign targeting U.S. organizations. On 26 September, Proofpoint detected a campaign consisting of hundreds of thousands of emails intended for U.S. recipients. Each of these attack messages masqueraded as an eFax and used a "Download Fax" link to download a...
Blog

Why Your SOC Needs More Than a SIEM Tool

Cybercrime is becoming more sophisticated by the day. Meanwhile, the price for a breach due to damage and disruption, ransom payments and regulatory fines, is increasing. No wonder there's more of a need than ever for companies to set up a dedicated SOC using SIEM to identify threats and raise the alarm. But is that enough to fight the hackers? ...
Blog

New "Torii" Botnet's Sophisticated Techniques Set It Apart From Mirai

Researchers have discovered a new botnet called "Torii" which differentiates itself from Mirai by its use of several sophisticated tactics. Infosec expert @VessOnSecurity is the first to have discovered the new botnet: https://twitter.com/VessOnSecurity/status/1042538889582444546 Named for its use of Tor exit nodes to launch telnet attacks, Torii...
Blog

How to Avoid DevOps Security Pitfalls: 16 Experts Share Their Top Tips

DevOps is redefining the way organizations handle software development. But it’s also challenging security professionals in their efforts to manage digital risk. With that said, there are security teams need to be strategic about how they approach DevOps security. Here are some expert recommendations on what to do and what to avoid when implementing...
Blog

Tripwire Patch Priority Index for September 2018

Tripwire's September 2018 Patch Priority Index (PPI) brings together the top vulnerabilities from Microsoft and Adobe. First on the patch priority list this month are patches for Microsoft's Internet Explorer, Edge and Scripting Engine. These patches resolve 18 vulnerabilities, including fixes for Elevation of Privilege, Information Disclosure,...
Blog

Malware in the Cloud: What You Need to Know

Cloud security is not as simple as it may seem. Businesses have a shared security responsibility with cloud service providers, but some lack the knowledge to keep up their share of the bargain. Poor configuration and data leaks are common problems that many businesses encounter in the cloud. These issues can lead to malware infecting your cloud...
Blog

Death, Taxes and Compliance Updates - An Addition to NIST 800-171

New updates and additions to compliance requirements are as regular as the rising and setting of the sun. Recently, The National Institute of Standards and Technology (NIST) released a companion publication to NIST 800-171 that provides guidance on how organizations can assess the CUI requirements in NIST 800-171, known as SP 800-171A. The purpose...
Blog

Women in Information Security: Sharka

Due to popular demand, my women in information security interview series is back for autumn! This marks the second anniversary since I started. Some of my subjects in this round have been waiting since last spring, so getting to chat with them has been long overdue. Let’s start with Sharka, a penetration tester who is full of enthusiasm. She wants...