Resources

Blog

Tripwire Tuesdays: Avoiding IT Crisis Fatigue

Tripwire Enterprise can gather any number of different kinds of information from a monitored system, such as file and folder changes, registry changes, policy changes, etc. However, cast the net too wide and you can potentially end up with more information coming in than you can react to. This will lead to important changes (the signal) being lost...
Blog

Newly Designed Jaff Ransomware Now Encrypts Data with WLU Extension

An updated variant of Jaff ransomware boasts a more professional design and now encrypts victims' data with the WLU extension. On 23 May, Internet Storm Center (ISC) handler Brad Duncan collected 20 malspam emails that all used a fake invoice theme and a spoofed email address. The emails also came with a PDF attachment containing an embedded Word...
Blog

Today’s Cybersecurity Challenges Started in 1648

Understandably, a few eyebrows raise up when I suggest today’s cybersecurity challenges started nearly 370 years ago, some 300 years before the invention of ENIAC (the world’s first digital computer). But I stand by this observation because of the unintended clash of two systems: the nation-state and the Internet. Many of the institutions, social...
Blog

Russia Announces Arrest of 20 "Cron" Malware Group Members

The Russian Interior Ministry has announced the arrest of 20 individuals who helped develop and perpetrate a mobile malware campaign known as "Cron." On 22 May, Russian Interior Ministry representative Rina Wolf disclosed a joint effort with Russian IT security firm Group-IB designed to bring down the malware group. The collaboration culminated in a...
Blog

Women in Information Security: Kelly Shortridge

Cybersecurity isn't just for guys! It's crucial to highlight the important work that women and non-males are doing in the information security field. Previously I spoke with Thais, a Brazillian woman in Germany who's doing some intriguing malware research. This time, I've had the honor of speaking to Kelly Shortridge. She went from high finance to...
Blog

The Future of Net Neutrality

According to the Oxford Dictionary, net neutrality is "the principle that internet service providers should enable access to all content and applications regardless of the source, and without favoring or blocking particular products or websites." Simply put, net neutrality ensures that service providers don't give preferential treatment to websites...
Blog

More than 600K User Accounts Exposed in DaFont Database Theft

A hacker compromised more than 600,000 users' accounts when they stole a database operated by the font sharing site DaFont. In early May 2017, the currently unnamed hacker stole a site database containing 699,464 usernames, email addresses, and hashed passwords after hearing of other attacks launched against it. As they told ZDNet in an interview: ...
Blog

Shining Light on The Shadow Brokers

The summer of 2016 was a tumultuous ride for those of us in the security community. Less than a year ago, nobody had ever heard of The Shadow Brokers or Anna-Senpai but the same month (August 2016), these two – as yet unidentified persons or groups – made it clear that we are in the midst of a massive paradigm shift regarding threats to our society....
Blog

New Loki Variant Can Steal Credentials from 100+ Software Tools

A new variant of Loki Bot is capable of stealing credentials from over 100 software tools assuming they are installed on an infected machine. The malware's updated form leverages social engineering techniques to trick a user into running it. Specifically, it masquerades as a PDF sample that Dropbox couldn't successfully open. A user who clicks on...
Blog

Zomato Hacked! Database of 17 Million Users Stolen

Restaurant search website Zomato has announced that it has suffered a major security breach, resulting in the theft of a user database containing 17 million users' names, email addresses and passwords. The news comes as it is reported that a hacker calling themselves "nclay" is claiming to offer the database for sale on the dark web. ...
Blog

The Impact of Ransomware on Non-Profit Organisations

Social engineering is the exploitation of human error to deceive end users. Ransomware is a type of malware (malicious software) often used in social engineering attacks. When attacked with ransomware, businesses are literally held for ransom while being denied the ability to carry out their usual business operations. The UK Government has recently...
Blog

WannaCelebrate - How to Protect Against WannaCry Ransomware

This post was updated on May 17, 2017, at 12:20 PM PDT. Over the past few days, there has been a lot of buzz around the WannaCry ransomware campaign. For those in the trenches dealing with how to address wave after wave of attacks, it's not as simple as the unhelpful motto of "patch your systems." Most medium and enterprise businesses cannot trust...
Blog

Back to Basics: Combating Zero-Days with Common Sense

The past few months have accelerated the struggle between cybercriminals and those that defend against them. It seems that once again we are back on the defensive—as fast as law enforcement can arrest the bad guys, more and increasingly vicious cyber-attacks are unleashed. It’s been ugly, heartbreaking, and in some cases demoralizing. Even though...
Blog

Compliance: Thoughts of a Newbie

When I started at Tripwire just over five months ago, I never really thought about compliance and why it’s critical. To me, it was something that companies went through and dare I say it, it seemed a bit boring. But the more time I spend at Tripwire, the more I understand why business compliance requirements are so important and how they help us as...
Blog

Brooks Brothers Alerts Customers of Year-Long Payment Card Breach

Brooks Brothers announced on Friday that it recently learned of a potential credit card breach, affecting customers who shopped in-store over the past year. In a press release, the men’s clothing retailer – which operates more than 400 stores worldwide – said potentially compromised information included cardholder names, account numbers, card...
Blog

WannaCry Poses Healthcare Risks in Today's Interconnected World

Patients turned away. Ambulances diverted. Doctors and nurses locked out of patient files and unable to deliver care. On Friday, 45 National Health Service (NHS) organizations in the UK and Scotland and over 200,000 other victims in 150 countries fell prey to the WannaCry ransomware. The threat spread quickly, infecting vulnerable Microsoft systems...
Blog

DocuSign Warns Users of Targeted Email Malware Campaign after Breach

DocuSign is warning customers and users to be on the lookout for targeted emails containing malware after a data breach affected one of its systems. On 15 May, the provider of electronic signature technology disclosed the security incident in an update posted to its website: "...[T]oday we confirmed that a malicious third party had gained temporary...