Resources

Blog

The Weather Channel Suffers Ransomware Attack

Local and national weather forecast provider The Weather Channel suffered a ransomware attack that temporarily prevented it from going live on the air. Regular viewers got a surprise when they tuned into The Weather Channel on the morning of 18 April. They were expecting to watch "AMHQ," the network's live morning show which begins at 06:00 EST....
Blog

Man fried over 50 college computers with weaponized USB stick

It's not as though 27-year-old Vishwanath Akuthota made it hard for authorities to prove that he was the person who destroyed $58,000 worth of college equipment in February this year. On Valentine's Day, February 14th 2019, Akuthota walked around the campus of the College of Saint Rose in Albany, New York. He had graduated from the college in 2017...
Blog

Ransomware Attack Targeted Data Intelligence Firm Verint

Bad actors used a ransomware attack to target the Israeli offices of the customer engagement and digital intelligence company Verint. On 17 April, ZDNet received a screenshot taken by an employee who works at one of Verint's Israeli offices. The screenshot shows what appears to be a warning message which the data intelligence firm displayed on...
Blog

Establishing Information Security in Project Management

A person recently asked me if it was possible to implement ISO 27001 using a specific project management software product. They used the tool in the past to define project plans and make project reviews. While I told them this is entirely possible, the truth is one can implement ISO 27001 even without a project plan or any specific tools. But should...
Blog

Managed Vulnerability Management? Yes, You Read That Right

The importance of a mature vulnerability management program can’t be overstated. File integrity monitoring (FIM) and security configuration management (SCM) might be the bedrock of a strong cybersecurity program, but they can only go so far. Scanning for vulnerabilities needs to be a foundational part of your program, too. The Center for Internet...
Blog

Women and Nonbinary People in Information Security: Liz Bell

I’ve got great news for you! My interview series continues. Last week, I spoke with Nicola Whiting, cyber hygiene specialist and Titania Chief Strategy Officer. This time, I had the privilege of speaking with defensive security expert Liz Bell. We talked about the 90s internet, blue teaming, sexism and transphobia in tech as well as what pen testing...
Blog

High-rolling hacker jailed after launching malware attacks via websites

A British man has been jailed for over six years after exploiting ad networks on pornographic websites to spread malware onto innocent users' computers. 24-year-old Zain Qaiser made massive profits from victims in over 20 countries around the world through a criminal scheme which involved malware and blackmail. According to the National Crime Agency...
Blog

MuddyWater Group Using Spam Campaign to Hijack Victims' Computers

The MuddyWater threat attack group is using a spam campaign to hijack victims' computers and steal sensitive information. Discovered by Heimdal Security in early April, the campaign begins when malicious actors use social engineering techniques to trick a user into opening a malicious Microsoft Office document attached to a phishing email. The...
Blog

The Risk of Credential Stuffing to the Smart Home

As technology advances and the costs of connecting electronic components to the internet decreases, the lower the cost of having an internet connected smart home is. Sensors placed throughout a house and integrated into home appliances can provide homeowners the advantages of monitoring and managing functions of the home remotely. According to...
Blog

TRITON Framework Leveraged at a Second Critical Infrastructure Facility

Researchers have discovered that malicious actors leveraged the TRITON framework at a second critical infrastructure facility. In this particular attack, the threat actor maintained access to the target corporate networks for nearly a year before gaining access to the Safety Instrumented System (SIS) engineering workstation. They remained relatively...
Blog

VERT Threat Alert: April 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s April 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-825 on Wednesday, April 10th. In-The-Wild & Disclosed CVEs CVE-2019-0803 This CVE describes a privilege escalation vulnerability in Win32k that could allow an attacker to execute code in...
Blog

Tripwire Patch Insanity: The Results

Thanks for playing along! By now, you’ve probably seen that the winner of our tournament is Shellshock. I long felt that this was the expected winner of Patch Insanity given the competition and I wasn’t expecting any major upsets, but there were definitely one or two. The big one that came to mind for some of us was GHOST defeating EternalBlue....
Blog

Women and Nonbinary People in Information Security: Nicola Whiting

Last time, I spoke with Ashanti, a Rust developer who’s always mindful of security. She explained how Rust is a more secure language, and she explained holochain to me. This time, I spoke to Nicola Whiting. As the Chief Strategy Officer of Titania, she works on how AI can be implemented to prevent cyber threats caused by poor cyber hygiene. Kim...
Blog

Planetary Ransomware Victims Can Now Recover Their Files for Free

Security researchers have released a decryptor that enables victims of the Planetary ransomware family to recover their files for free. Released by Emsisoft, this decryptor requires a victim to have a copy of the ransom note. It's not hard to find. Planetary ransomware, which earns its name for its use of planet-related file extensions including "...
Blog

How to Evade Detection: Hiding in the Registry

MITRE Corporation’s ATT&CK framework is a living, curated repository of adversarial tactics and techniques based on observations from actual attacks on enterprise networks. It’s a valuable trove of information for security analysts, threat hunters and incident response teams. Today, I’m going to look at a particular method for evading detection,...