Resources

Blog

How Attackers Use Your Tools Against You: Living Off the LAN

Detecting and preventing malicious software from executing on critical systems has received a lot of attention in the information security industry lately. Being able to detect new applications, drivers and files is what Tripwire Enterprise excels at. However, there are quite a few options for a motivated attacker to take advantage of built in...
Blog

French TV network taken off air after attack by pro-ISIS hackers

Pro-ISIS hackers have managed to take a French TV network off air, and hijack its website and Facebook page. 11 channels belonging to the French-language TV network, which broadcasts to more than 200 countries worldwide, stopped transmitting programmes after what was described as an "extremely powerful cyberattack". The TV network's director general...
Blog

10 Steps to Improve Your Layered Defense Strategy

We have a problem in the security community – or maybe within the modern information age of humanity in general. That problem is we see security as a technology, policy, privacy or people issue, instead of an integrated combination thereof. However, despite standards, laws, best practices, lessons learned and new technology we continue to practice...
Blog

AT&T Hands Over $25 Million to Settle Data Breach Complaint

AT&T has agreed to pay a $25 million penalty in a settlement with federal regulators after data breaches in several Latin American call centers exposed the personal information of nearly 280,000 U.S. customers. In a complaint released Wednesday, Federal Communications Commission (FCC) officials stated...
Blog

Is Offensive Security the Future?

Having been the only UK person to attend, sit on a Panel and to have presented at the ISMG APT Summit in Atlanta, I have returned home refreshed, invigorated, and completely motivated by the multiple experiences I enjoyed with my US colleagues, who again demonstrated they do ‘git-it’ when it comes to the "cyber challenge." My own participation...
Blog

4 Elements of a Stealthy Sandbox

Sandboxes (or automated, dynamic malware analysis systems) are one of the most advanced threat detection tools available to security professionals, and are quickly being adopted by forward-thinking enterprise and mid-market organizations globally. These systems use behavioral analysis methods to monitor unknown malware programs in a simulated...
Blog

'Cyber Insurance' Market Expanding Due to High-Profile Attacks

Lloyd’s, a well-known insurance market located in London, has reported that demand for “cyber insurance” is on the rise in light of a growing number of high-profile security incidents. “Cyber risk poses the most serious threat to businesses and national economies, and it’s an issue that’s not going to go away,” said Inga Beale, chief executive of...
Blog

Could Secure Technology Have Prevented the Germanwings Crash?

On Tuesday, March 24, Germanwings Flight 9525 crashed into the French Alps. All 150 people onboard were killed. After studying one of the aircraft’s black boxes recovered in the crash, investigators determined that Andreas Lubitz, the co-pilot of Flight 9525, deliberately locked the pilot out of the cockpit and altered the aircraft’s trajectory to...
Blog

How to Build a Successful IT Security Awareness Program

The first step towards creating a successful security awareness program is to recognize that this is not a project with a defined timeline and an expected completion date, but is instead a development of organizational culture. Akin to “safety first” cultures that develop in manufacturing and other heavy industries, there are large economic and...
Blog

Computer Criminals Brought to Justice – Lance Ealy

Last week, Tripwire explored the story of Aleksei Shushliannikov, a hacker who is responsible for having used ransomware in an attempt to launder money from victims via MoneyPak. We now report on the story of Lance Ealy, a computer criminal recently brought to justice for having filed fake tax refund requests on more than 150 Americans. According to...
Blog

Once Every Four Days, The US Power Grid Is Under Attack

According to a recent analysis of federal energy records, the nation’s power grid experiences cyber and physical attacks nearly once every four days. The investigation revealed that the critical infrastructure of the US power grid sustained 362 attacks between 2011 and 2014, causing outages or other power disturbances to the US Department of Energy....
Blog

How to Detect and Attack Evil Twin WiFi Access Points

The evil twin is not just a schlocky plot device for TV crime shows and absurd soap operas, it's also a threat to your company's data. It's relatively easy for a criminal to set up an evil twin rogue wireless access point that mimics one that your users and visitors connect to, whether on your premises or in a public place, with the intention of...
Blog

Feds Subpoena Reddit for Information on Darknet Subreddit Users

An Immigrations and Customs Enforcement (ICE) special agent has subpoenaed reddit to learn more information about five users who frequent the subreddit r/darknetmarkets – an active chat room for issues pertaining to dark market websites. Special Agent Michael McFarland issued the subpoena on March 11, 2015, asking for information on these five...
Blog

O'Reilly's First Software Architecture Conference

Recently, I attended the O'Reilly's Software Architecture Conference — these kinds of things are both inspiring and de-spiriting. I am inspired by the speakers, their ideas, bravery and charisma. Being inspired, I cook up my own ideas for which I have no clue how to find time to act upon… sigh. So, it goes. Without adeu, I present to you my (rather...
Blog

Global Energy Sector Targeted in Reconnaissance Malware Attacks

A new Trojan-based campaign is targeting energy companies around the world in an effort to gain access to sensitive information. The majority of companies experiencing attacks are distinctly linked to the petroleum, gas and helium industries located in the Middle East – including UAE, Pakistan, Saudi Arabia and Kuwait. However, businesses in the US...
Blog

Cybercrime Is Now More Profitable Than The Drug Trade

Tripwire recently hosted a webcast entitled, “PCI Breach Scenarios and the Cyber Threat Landscape with Brian Honan: Real World Cyber Attacks and Protecting Credit Card Data.” For our presentation, Brian Honan (CISM, CGEIT, CRISC), an information systems and cybersecurity specialist and a member of the Advisory Group on Internet Security to Europol’s...
Blog

Thousands of Uber Credentials For Sale on the Dark Web

Uber credentials of thousands of users were spotted for sale on an underground marketplace for as low as $1 per stolen username and password. According to a report by Ars Technica, the logins are being offered by two separate vendors on AlphaBay – an online black market operating on the Tor network. ...
Blog

The CSI Effect: Cyber

I know that I am not the target demographic for CSI: Cyber. Just as I assume anyone who does anything remotely related to law enforcement isn't interested in watching a cop procedural, I don't generally watch shows that feature “hackers” – not just because my perspective might make the viewing experience frustrating, but because “hacking” is...