Tripwire's February 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month is a vulnerability for Microsoft Windows LSA (CVE-2021-36942). This vulnerability has been added to Metasploit Exploit Framework and any vulnerable systems should be patched as soon as possible. ...

In the early years of cybersecurity, it was often said that people are the weakest link. This did nothing to encourage support, as it was insulting and demeaning. The new and better way to inspire people towards a cybersecurity mindset is to engage with and treat them as a valuable part of an organization’s overall cybersecurity initiative. As a...

I took note of the recent uptick in discussions about the concept of observation in the IT world and found myself compelled to come back to the topic, which I’ve touched on previously in my blog posts.“Observability” is seemingly synonymous with “monitoring,” covering things such as metrics, traces, and logging. Observation, however, has an important...

Part of operating an effective security program is the ability to never rest upon any previous success. When guarding against an adversary, yesterday’s success is quickly eclipsed by the dynamic shift in the attacker’s tactics. Just as a doctor “rules out” a particular diagnosis, an effective attacker first searches for well-known vulnerabilities...

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of February 14, 2022. I’ve also included some comments on these stories. Microsoft Using New Security Rule to Prevent Windows...

Organizations are under constant threat of cybercrime. While there are many available attack vectors, email is the most obvious path towards a full network compromise. The notion that email security should be prioritized is emphasized during this time where more and more businesses are still working in a remote or hybrid dynamic environment. ...

Cybersecurity is never static, and that’s especially true today. After widespread and frequent disruptions in the past few years, the cyber defense landscape is shifting. Favored attack vectors are changing, new threats are emerging, and organizations are rethinking their cybersecurity focus. Staying safe in the next few years requires an...

The Federal Bureau of Investigation (FBI), Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) have joined forces to publish a joint warning that Russian hackers have targeted defence contractors to steal sensitive data. According to an advisory issued by the US authorities,...

One very predictable part of cybersecurity is that the work is unpredictable. here are routines that help to create a predictable rhythm, but you don’t necessarily know when the next attack will come, how intense it will be when it does, or when you will get to go back to a predictable and hopefully manageable rhythm again. When responding to a...

No one doubts the importance of cybersecurity in web development — and yet, often in the development cycle, we neglect to prioritize it across each sprint and into the final product. Making cybersecurity a priority throughout every development sprint cycle is necessary to combat the tide of digital attacks threatening the modern web. But how can you...

Hosting the Olympics is always a source of national pride for any nation chosen to do so. Whether in winter or summer, the prestige of the world’s eyes being on an event that transcends political differences and has sport at the fore is a prize many countries and regions aspire to achieve. This all sounds fantastic and at one level is exactly what...

In this episode, Ian Thornton-Trump, CISO at Cyjax, digests nation state's disinformation campaigns and the cybersecurity landscape. He also discusses the role disinformation on social media plays in cybersecurity. https://open.spotify.com/episode/5ZPLjeEdo6jqiL5C5fTwwU?si=89984c76abeb4791 Spotify: https://open.spotify.com/show...

A surge in "sophisticated, high impact" ransomware attacks has prompted the United States's Cybersecurity and Infrastructure Security Agency (CISA), the UK's National Cyber Security Centre (NCSC), and the Australian Cyber Security Center to issue a joint advisory about the techniques being used by cybercriminals to attack businesses and...

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of February 7, 2022. I've also included some comments on these stories. Mac Trojan Comes with Expanded Ability to Drop...

If you’re a Tripwire® Whitelist Profiler customer, then you know that the software does an excellent job of executing its core functionalities. These include comparing the running state of a machine to the approved and expected configurations in your environment to stay in compliance with audit and internal policies. Although Whitelist Profiler is...

The number of missing security patches in an OT system is typically very large—measured in the thousands, at least. It would be difficult and expensive for an asset owner to evaluate each missing security patch / cyber asset pair. This may be one reason we see a patch everything approach, but this is also difficult and expensive. In fact, assessments...

When was the last time you purchased a product that was in a container? If you are a typical consumer, you probably have done so in the last few days. There is an entire industry that focuses on these containers. Consumer Packaged Goods (CPG) is an industry term for merchandise that is used and replaced on a frequent basis. CPG includes just about...

Today’s VERT Alert addresses Microsoft’s February 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-985 on Wednesday, February 9th. In-The-Wild & Disclosed CVEs CVE-2022-21989 This month, only a single vulnerability, CVE-2022-21989 has been publicly disclosed and Microsoft is not...

We all want a safer Internet, but we often put a lot of trust and hope in technology to deliver on that promise. The Internet is really made up of people, though. And people can make the biggest impact in creating a safer Internet. While everyone is impacted by Internet safety, children and youth are disproportionately at risk. The concept of a...

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of January 31, 2022. We’ve also included the comments from a few folks here at Tripwire VERT. Update Force-Pushed to Protect...