Resources

Blog

Critical Security Vulnerability Disclosed in iTerm2 App

A critical vulnerability has been discovered in the popular iTerm2 application, an open source terminal emulator program designed to replace the default Apple Terminal in macOS. iTerm2 often finds its way into lists of some of the best software to install on a Mac. It is especially popular with power...
Blog

The Current State of CCPA - What You Need to Know

In the digital age, more often than not, you can be sure that some enterprise has hold of your personal information. This information could be your name, email, phone number, IP address, country and other details. This can come from submitting a form, subscribing to a newsletter, accepting cookies, accepting the privacy policy or terms and...
Blog

VERT Threat Alert: October 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s October 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-853 on Wednesday, October 9th. In-The-Wild & Disclosed CVEs There are no in-the-wild or disclosed CVEs this month. CVE Breakdown by Tag While historical Microsoft Security Bulletin...
Blog

Instagram Launches New Feature to Help Users Identify Phishing Emails

Instagram announced the release of a new feature that's designed to help its users identify phishing emails impersonating the social media platform. On October 7, Instagram tweeted out about the new capability and said that users can leverage it to verify whether an email claiming to originate from the social network is legitimate. https://twitter...
Blog

Decryption Keys Released by Developer of HildaCrypt Ransomware

The developer of HildaCrypt has released the master decryption keys that would allow potential victims of the ransomware to recover their data for free. On October 4, a security researcher who goes by the name "GrujaRS" posted about the discovery of a new variant of STOP, a well-known ransomware family. https://twitter.com/GrujaRS/status...
Blog

NCSAM: It’s Everyone’s Job to Ensure Online Safety at Work

October is National Cyber Security Awareness Month (NCSAM). NCSAM is a great initiative to help educate and inform our friends and family on the importance of taking your digital security seriously. To help continue to support this initiative, we asked a range of industry experts to share some of their tips to help us stay safe online. Angus...
Blog

Automating Secure Configuration Management in the Cloud

For many organizations moving to the cloud, Infrastructure as a Service (IaaS) like AWS EC2, Azure Virtual Machines or Google Compute Engine often forms the backbone of their cloud architecture. These services allow you to create instances of pretty much any operating system almost instantly. Unfortunately, moving your IT infrastructure to the cloud...
Blog

Secure Configuration in Cloud - IaaS, PaaS and SaaS Explained

If I asked you what security products you had in place to manage your risk within your IT organisation 10 years ago, you’d probably have been able to list a half dozen different tools and confidently note that most of your infrastructure was covered by a common set of key products such as antivirus, DLP, firewalls, etc. But in a world with IaaS,...
Blog

Tripwire Patch Priority Index for September 2019

Tripwire's September 2019 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft and Adobe. Exploit Framework Alert A Metasploit Exploit module that targets Windows Remote Desktop Services has been recently released. This exploit module targets CVE-2019-0708 for the so-called “BlueKeep” vulnerability. This...
Blog

Discovery of Geost Botnet Made Possible by Attacker OpSec Fails

A series of operational security (OpSec) failures on the part of attackers enabled researchers to discover the Geost botnet. In mid-2018, Virus Bulletin researchers Sebastian Garcia, María José Erquiaga and Anna Shirokova discovered Geost, one of the largest Android banking botnets known today, while...
Blog

Attackers Targeting U.S. Petroleum Companies with Adwind RAT

Digital criminals have launched a new attack campaign that they're using to target U.S. petroleum companies with the Adwind RAT. Netskope discovered the operation in the beginning of September and found that it was distributing the Adwind RAT from “members[.]westnet[.]com[.]au/~joeven/.” With this URL in mind, it's likely that the individual...
Blog

How Will the CMMC Impact My Business and How Can We Prepare? Part 3 of 3

Combining Cyber Standards – Is ‘Unified’ Always A Good Approach? The CMMC enforcement model will require a significant adjustment to the way contractors conduct government business – from procurement to execution. In Part 2 of this series, I discussed the possible impacts of having your company’s security rating made public. In Part 3, I would like...
Blog

Cyber Threats to Medical Imaging Systems and How to Address Them

Healthcare continues to see staggering growth in breaches to patient health information. In the first half of 2019 alone, 32 million health records were breached, compared to 15 million records in the entire year of 2018. However, this trend of growing cyber breaches in healthcare is likely to persist due to the following characteristics of the...
Blog

eGobbler Malvertiser Bypassed Browser Protections Using Obscure Bugs

A malvertising actor known as "eGobbler" used obscure browser bugs to bypass built-in browser protections and expand the scope of its attacks. Confiant observed eGobbler exploiting the first vulnerability back on April 11, 2019. In that particular attack, the threat actor leveraged a Chrome exploit to circumvent the browser's pop-up blocker built...