Resources

Blog

FBI warns of Ranzy Locker ransomware threat, as over 30 companies hit

The FBI has warned that over 30 US-based companies had been hit by the Ranzy Locker ransomware by July this year, in a flash alert to other organisations who may be at risk. According to the alert, issued with the Cybersecurity and Infrastructure Security Agency (CISA), most of the victims were compromised after brute force credential attacks...
Blog

CIS Control 10: Malware Defenses

With the continuing rise of ransomware, malware defenses are more critical than ever before with regard to securing the enterprise. Anti-Malware technologies have become an afterthought in many organizations, a technology that they’ve always had, always used, and never really thought about. This control serves as a reminder that this technology is...
Blog

Hidden Value In Creating Cybersecurity Audit Programs

One of my first tasks after leaving NSA for private industry in the early 90s was to write my new company’s information security policy. I’m not sure my previous job as a cryptanalyst left me qualified for this, but I was viewed as the security guy. So, I attacked the task with vim and vigor. That first information security policy I wrote was a...
Blog

5 Cybersecurity Considerations for the Auto Industry

Technology has become an essential part of daily life. From the way we get around to the things we buy, computers are at the forefront of change. This is especially true for vehicles. Vehicle technology has evolved dramatically over recent decades. The latest iteration of vehicle remodelling in the automobile industry is heavily software-focused,...
Blog

No Integrity, No Trust. The Foundation of Zero Trust Architecture

In the episode, Tripwire's Maurice Uenuma discusses the role of integrity when it comes to zero trust architecture. With results from our latest research survey on The White House's Executive Order and zero trust, he and Tim make the case that zero trust cannot be maintained without proper Integrity controls at its foundation. https://open.spotify...
Blog

Top 3 Grooming Techniques in Fraud: What to Watch for

Grooming is a method of establishing a connection with a person to perpetrate a crime against them. Grooming is becoming more common in fraud, both online as well as in interpersonal interactions. What's more, scammers are getting more sophisticated in their techniques. There is a mistaken belief that scammers are forceful, arrogant, and therefore...
Blog

CIS Control 09: Email and Web Browser Protections

Web browsers and email clients are used to interact with external and internal assets. Both applications can be used as a point of entry within an organization. Users of these applications can be manipulated using social engineering attacks. A successful social engineering attack needs to convince users to interact with malicious content. A...
Blog

What Pandemic Responses Teach Us About Cybersecurity

I’ve been working at Tripwire for over two decades, and I’ve acquired a fair bit of swag over those years: branded jackets, hats, shoes, a watch, and of course a drawer full of t-shirts. One thing I never would have predicted owning was a Tripwire-branded face mask to protect me from a global pandemic. Over the past year, I’ve worn that face mask...
Blog

Learning All About Ghidra – Inside a Class with Craig Young

I was recently tasked with reverse engineering (RE) some mobile apps. The actual task was to “learn” to RE – I don’t actually know how to do it, so it’s a good thing it’s more of a learning experience than an actual security job. And the task wasn’t really to RE apps. It was “do a security check on these mobile apps.” I’ve never done that and didn’t even know where to start. RE? Disassemble?...
Blog

Windows 11: Registry Keys, SMB Protocol, and SystemInfo

Windows 11 was released on October 5, 2021. It has several new installation requirements including, most notably, Secure Boot and a Trusted Platform Module. These features can provide a more secure computing environment, but if you need to virtualize a Windows 11 environment, you will need virtualization software that supports this. Although I...
Blog

Analysis of 80 million ransomware samples reveals a world under attack

Google has released a report taking a close look at the more than 80 million ransomware samples uploaded to its VirusTotal service in the last year and a half. Each day, approximately 150,000 ransomware samples were analysed by the free VirusTotal service after being submitted by suspicious computer users, and shared with the security community to...
Blog

CIS Control 08: Audit Log Management

Audit logs provide a rich source of data critical to preventing, detecting, understanding, and minimizing the impact of network or data compromise in a timely manner. Collection logs and regular review is useful for identifying baselines, establishing operational trends, and detecting abnormalities. In some cases, logging may be the only evidence of...
Blog

VERT Threat Alert: October 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s October 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-968 on Wednesday, October 13th. In-The-Wild & Disclosed CVEs CVE-2021-40449 Up first this month, we have an elevation of privilege in Win32k that has been exploited in-the-wild via...
Blog

Contextualizing the Ransomware Threat Confronting OT Environments

Back in early June, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) published a fact sheet discussing the rising threat of ransomware to operational technology (OT) assets. This development raises several questions. Why is ransomware a threat to OT environments? And what can organizations do to protect their OT assets against...