Over 10 million people who have stayed at MGM Resorts hotels - including Twitter boss Jack Dorsey and pop idol Justin Bieber - have had their personal details posted online by hackers. The security breach, publicised by ZDNet and security researcher Under the Breach, saw the records of 10,683,188 former guests - including names, postal addresses,...

Scammers created a fake website to masquerade as the organizers of Burning Man and to trick people into buying non-existent tickets for the arts event. Kaspersky Lab discovered a fraudulent website that attempted to capitalize on people's interest in attending the event. The site leveraged the same colors, fonts and design as "burningman.org," the...

As hackers’ methods become more sophisticated, the scale of email security breaches and the frequency at which they occur grow greater with each passing year. In 2019 alone, an estimated 2 billion unique email addresses, accompanied by over 21 million unique passwords, were exposed within a single data breach. After the initial panic, it became...

The Cybersecurity and Infrastructure Security Agency (CISA) revealed that a natural gas compression facility suffered a ransomware attack. According to CISA Alert (AA20-049A), digital attackers leveraged a spearphishing link and abused the lack of robust network segmentation to infect Windows-based...

For the majority of people in the information security world, the act of offensive hacking is something they are tasked with protecting against but have little ability to do themselves. That is like asking a professional boxer to enter the ring without knowing how to throw a punch. Sure, you may be able to get in and last a few rounds, but...

In 2011, I was in the middle of sitting down when I suddenly felt prickling sensations start from my toes, spread up my legs, and make their way into my arms. I was gasping for air. As the sensation traveled up my spine, it overwhelmed my head, and my heart struggled to keep up. Desperate for air and covered in tears, I started praying. I was scared...

Security researchers observed samples of the AZORult trojan disguising themselves as fake ProtonVPN installers for distribution. Back in November 2019, malicious actors launched this attack campaign by registering the domain "protonvpn[.]store" with a registrar based in Russia. One iteration of the campaign used malvertising as its initial infection...

RSA Conference USA is one of the most anticipated digital security events of the year. Last year, its 31 keynote presentations, more than 621 speaker sessions, 700 presenting companies on the exposition floor attracted over 42,000 attendees. Given such popularity, how could the State of Security not include this event in its list of the top...

Zero Trust is a security concept that is based on the notion that organizations should not take trust for granted, regardless of whether access attempts originate from inside or outside its perimeters. An enterprise needs to verify any attempt for connection to its systems before granting access. At the same time, the defensive layers that define...

How Is YARA used? Historically, common detection methods have used file hashes (MD5, SHA1, and SHA256)—unique signatures based on the entire contents of the file—to identify malware. Modern threat actors have increased in sophistication to a point where every instance of a given malware will have a different hash, and that hash will vary from...

Managing security incidents can be a stressful job. You are dealing with many questions all at once. What’s the scope? Who do I need to engage? How do I manage all of this? As an Incident Commander (IC), you have many responsibilities. You’re responsible for driving an incident to resolution as quickly as possible, creating the resources necessary...

Convenience store and gas station chain Rutter's disclosed a security incident that might have affected customers' payment card data. According to a notice posted on its website, Rutter's launched an investigation after receiving a report from a third-party of someone having gained unauthorized...

Post-exploitation can be one of the most time-consuming but worthwhile tasks that an offensive security professional engages in. Fundamentally, it is where you are able to demonstrate what an adversary may do if they compromise a business. A big component of this is trying to get as far as you can without alerting the defenders to what you’re doing....

As if Puerto Rico wasn't having a hard enough time as it attempts to recover from a recession, the damage caused by devastating hurricanes in recent years, and a damaging earthquake last month, it now finds itself being exploited by cybercriminals. According to media reports, the government of the US island territory has lost more than US $2.6...

Security researchers spotted a new ransomware strain called "Ransomwared" demanding explicit pictures from its victims as a means of payment. Upon successful infection, Ransomwared runs its encryption routine, appending the file extensions ".ransomwared" and ".iwanttits" to each file it encrypts. Given the names of the file extensions, it's not...

Having worked with many individuals responding to incidents where their digital private images were shared without consent, social media or email accounts had unauthorised access, and even physical safety was a concern, it is all too familiar how terrifying the unknown can be. As someone who has been on both the victim's and later the responder’s...

Today’s VERT Alert addresses Microsoft’s February 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-870 on Wednesday, February 12th. In-The-Wild & Disclosed CVEs CVE-2020-0674 A vulnerability exists in the way that Internet Explorer’s scripting engine handles objects in memory. An...

Security researchers have spotted a new PayPal phishing email scam that tries to steal a victim's Social Security Number (SSN), among other sensitive data. The attack email informed a victim that their PayPal account was locked, and it instructed them to click a "Secure and update my account now !" button. Doing so directed a user to a bit.ly link...

Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim Erlin, each episode brings on a new guest to explore the evolving threat landscape, technology trends, and cybersecurity best...

What is cyber resilience? If you search the definition within the Oxford Dictionary, resilience alone is defined as “the capacity to recover quickly from difficulties; toughness.” If you narrow the definition down to cyber resilience, it shifts to maintaining vs recovery. As noted on Wikipedia, it becomes “the ability to provide and maintain an...