A municipality in Florida fired its IT director shortly after paying off bad actors who infected its computer systems with ransomware. Joe Helfenberg, the city manager of Lake City, confirmed to WCJB that the municipality fired Brian Hawkins, who was its director of information technology. This...

As Lead Systems Engineer (EMEA) at Tripwire, I’ve had the pleasure of sitting down with and talking to many prospective customers about their security needs. I always ask about their existing digital capabilities during our talks. When I do, I usually get the following response: “We have lots of different tools but these solutions are either...

Tripwire's June 2019 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Oracle, and Adobe. First and most importantly this month are patches available to resolve 2 deserialization vulnerabilities in Oracle WebLogic. These vulnerabilities are identified as CVE-2019-2725 and CVE-2019-2729. Both of these...

Vulnerability management (VM) is an essential process through which organizations can reduce risk in their environments. But myths and misconceptions surrounding VM abound. For instance, organizations commonly approach vulnerability management in the same way as they do patch management. Others are guilty of believing that all attacks rely on...

European police have arrested six people as part of an investigation into a theft which saw €24 million (US $27 million) stolen from users of cryptocurrency exchange. In a press release, Europol described how five men and one woman were simultaneously arrested on Tuesday morning at the homes of the suspects in Charlcombe, Lower Weston and Staverton ...

Following last year’s exceedingly successful inaugural MITRE ATT&CK™ conference, this year’s highly anticipated ATT&CKcon 2.0 conference will be held from Oct 28-30 at MITRE’s McLean headquarters. MITRE’s always open to hearing feedback about the limitations of the ATT&CK framework and how to make ATT&CK more useful. Today, I want to look at the...

Cybercriminals have learnt something very valuable in the last couple of weeks: in order to regain access to their data, cities in Florida are prepared to pay out huge Bitcoin ransoms to hackers. Less than a week after the city of Riviera Beach, 80 miles from Miami, unanimously voted to pay US $600,000 worth of Bitcoins to an extortionist who had...

In the attacker's world, all vulnerabilities and potential exploits work toward the hacker's advantage — not yours, not mine. This includes WordPress hacks. While living back east (over a decade ago), I was friends with several small business owners. One weekend morning, the owner of the local photography studio called me at 7 am and said: "I think...

Defining a data breach can be tough for a lot of organizations. However, since the introduction of the General Data Protection Regulation (GDPR) in 2018, organizations that operate in the EU need to follow regulatory guidelines that can have real business implications if ignored. But when a cyber incident hits your organization, do you know if it...

Normally, when you hear about stocks dropping, it's due to some scandal or crisis. Market watchers will tell you that a range of elements can affect the value of a publicly traded company and cause stock prices to rise or fall. Consumer confidence is a major factor that influences a company's reputation and perceived value. What does that have to do...

Riviera Beach paid bad actors approximately $600,000 in ransom to recover its information after it fell victim to a ransomware attack. On 17 June, the board of the Palm Beach County municipality voted unanimously to authorize that the city insurer pay 65 bitcoins (worth approximately $602,000 at the...

The recent Vectra 2019 Spotlight Report on Healthcare indicates that the proliferation of healthcare internet-of-things (IoT) devices, along with a lack of network segmentation, insufficient access controls and reliance on legacy systems, has created an increasing attack surface that can be exploited by cyber criminals determined to steal personally...

A new modular backdoor detected as "Plurox" comes with multiple plugins that expand its capabilities to include cryptomining and worm-like behavior. In February 2019, Kaspersky Lab's researchers first detected the backdoor. Their analysis revealed that the backdoor, written in C, arrived with debug lines. This suggests that the malware was still in...

On the surface, vulnerability management (VM) is nearly ubiquitous. If you ask someone whether their organization has VM, the vast majority will reply in the affirmative. In fact, Tripwire asked that very question in a recent survey on the topic. Eighty-eight percent of respondents said yes. Beneath that surface of ‘yes’ responses, however, lies a...

What is air-gapping, and why do we air-gap networks? What camp are you in? In the camp that believes in air-gaps, or the other set that says they truly do not exist? Air-gap networks are networks that are physically and logically isolated from other networks where communication between these networks is not physically or logically possible. Over...

Oregon State University (OSU) has disclosed a security incident that potentially affected the personally identifiable information of some students and their families. On 14 June, OSU announced that the security incident occurred back in May when external actors hacked a university employee's email...

The purpose of this series of blogs is to guide you on your journey up the Vulnerability Management Mountain (VMM). Like climbing a mountain, there is a lot of planning and work required, but when you get to the top, the view is amazing and well worth the journey. Your progress will depend on your funding and priorities, but climbing at a quick...

With more business applications moving to the cloud, the ability to assess network behavior has changed from a primarily systems administration function to a daily security operations concern. And whilst sec-ops teams are already familiar with firewall and network device log tools, these can be of limited use in a "cloud first" business where much...