Tripwire's May 2019 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft and Adobe. First and most importantly this month are the patches available to resolve the BlueKeep (CVE-2019-0708) Remote Desktop Services remote code execution vulnerability. As noted by Microsoft: [This] remote code execution vulnerability...

It doesn’t seem very long ago that I was writing about the newly released Risk Management Framework (RMF) and explaining the value of NIST SP 800-37 to our clients. With RMF Revision 2 just recently published in December of 2018, I thought it would be a good time to revisit the RMF and to highlight some of its key updates. Overall, the new version...

Although DNS rebinding attacks have been known for over a decade now, they are only recently receiving attention as a practical attack surface. In the last year, quite a few popular products have been shown to lack DNS rebinding protections, and as a result, someone could operate them remotely using a malicious web site. Manufacturers have made a...

Security researchers have discovered a new strain of malware called "HiddenWasp" that they believe is being used in targeted attacks to seize control of Linux systems and open backdoors for remote hackers. According to a blog post by researchers at Intezer, the malware borrows from existing malware code publicly available on the internet including...

"OSCP is not about clearing the exam. It’s all about working deeply on labs." --Ramkisan Mohan (Check out his detailed guide to OSCP Preparation) I began my OSCP journey in the late fall of 2018. So far, I've rooted 23+ machines in the PWK labs, and I am still plugging away, hoping to get as many as possible, learn as much as possible and, of course...

News and social media aggregator Flipboard reset all users' passwords after discovering a security incident that might have affected some of their data. On 28 May, the company revealed that its engineering team had recently detected suspicious activity in the network environment where its databases...

The 2017 Deep Root Analytics incident that exposed the sensitive data of 198 million Americans, or almost all registered voters at the time, should remind us of the risks associated with storing information in the cloud. Perhaps the most alarming part is that this leak of 1.1 terabytes of personal data was avoidable. It was simple negligence. The...

Digital criminals have begun abusing a secure tunneling service to deliver samples of the Lokibot banking malware family. My Online Security came across an instance of this campaign when they received an email pretending to originate come from BBVA Banco Continental, a Spanish bank. The email leveraged the lure of a fake payment transfer to trick...

It seems like only yesterday that we were packing up the Tripwire stand after another fantastic year at Infosec and here I am (literally) counting down the days until the doors open for Infosecurity Europe 2019! The Tripwire team is always excited to get on the show floor and have great conversations with clients and partners, meet new people and of...

With data breaches regularly marking the headlines, it is no surprise that digital threats constitute an increasingly significant concern for the C-Suite and cyber security experts. What is surprising, however, is that these two groups don’t seem to share the same view of information security. They have different opinions when it comes to the...

Google found that users who add a recovery phone number to their accounts effectively block 100 percent of automated bot attacks by doing so. The tech giant arrived at this finding after teaming up with New York University and the University of California, San Diego to investigate the efficacy of basic account hygiene in preventing account hijacking...

Security researchers have released a tool that enables victims of GetCrypt ransomware to recover their affected files for free. On 23 May, web security and antivirus software provider Emsisoft announced the release of its GetCrypt decrypter. This utility asks victims of the ransomware to supply both an encrypted copy and the original version of a...

A security researcher has discovered a publicly-accessible database containing the details of millions of Instagram users, including their contact information. As TechCrunch reports, Anurag Sen discovered the database of more than 49 million records - exposed for anyone to access via the internet, no password required, on an unprotected Amazon Web...

A Windows laptop infected with six high-profile computer viruses has surpassed a value of one million dollars in public auction bids. For a project called "The Persistence of Chaos," contemporary internet artist Guo O. Dong and security firm Deep Instinct infected a Samsung NC10-14GB 10.2-Inch Blue Netbook (2008) running Windows XP SP3 with six...

A recent attack wave involving HawkEye malware sends data stolen from its victims to another keylogger provider's website. On 21 May, My Online Security came across a new sample of HawkEye. The actual delivery mechanism itself wasn't unique compared to previous attacks involving the malware. In this particular instance, the attack email used the...

Last time, I spoke with technology marketing communicator Stacey Holleran. Our work is similar but different. Plus, she warned me about what I might expect from the tech industry in a few years when I turn 40! For my last interview until fall/autumn, I had the pleasure of speaking with Yaz. She went from the military to a civilian career as a...

As recently as 2017, security and compliance professionals at many of Tripwire’s large enterprise and government customers were talking about migration to the cloud as a possibility to be considered and cautiously explored in the coming years. Within a year, the tone had changed. What used to be “we’re thinking about it” became “the CIO wants to see...

A company responsible for helping to operate LeakedSource.com has submitted a guilty plea following an investigation by the Royal Canadian Mounted Police (RCMP). On 17 May, Defiant Tech Inc. pleaded guilty to the charge of "trafficking in identity information and possession of property obtained by crime" in association with an investigation...