An investigation into the 2017 WannaCry outbreak found that the ransomware affected 34% of National Health Service (NHS) trusts in England. Following the May 2017 attack that struck more than 200,000 organizations in at least 100 countries, the UK government's National Audit Office (NAO) launched an inquiry into the matter. Its purpose was to...

Reports appeared on Tuesday that a new ransomware outbreak was hitting organisations in Russia and Ukraine. Victims included the Russian newswire Interfax, Ukraine's Odessa airport, and the Kiev subway system. Media outlets like Fontanka.ru found their website's disrupted by the attack, and urged readers to follow them on social media for updates...

In less than a decade, cryptocurrency became almost mainstream. Many people are familiar with Bitcoin, which was the first decentralized digital currency. In fact, there are more than 10 different cryptocurrencies with a market cap exceeding 1 billion US dollars. Some are very similar, but others significantly differ in the mathematical and...

In our previous article, we laid the groundwork for what we believe to be a serious threat to ICS/SCADA devices: social engineering. We continue here with some definitions, some of which you may already know. Phishing Phishing is a relatively broad term for any attempt to trick victims into sharing sensitive information, such as passwords,...

The Iran Computer Emergency Response Team Coordination Center (Iran CERTCC) has warned users of an ongoing distribution campaign for Tyrant ransomware. First spotted by G Data security researcher Karsten Hahn, the strain is currently making its way to unsuspecting users via modified versions of the Psiphon VPN app. Upon successful infection, Tyrant...

On October 2-4, 2017, the Retail Cyber Intelligence Sharing Center (R-CISC) hosted Securing Retail 002, the second iteration of its annual summit first held in April 2016. Speakers from Microsoft, Target and other Fortune 500 companies shared their thoughts on the retail digital security landscape with attendees over the course of the two-day event....

A new variant of Android banking malware known as LokiBot triggers ransomware capabilities if a victim attempts to remove it from their infected device. The malware, which bears the same name as a Windows info-stealer that can exfiltrate credentials from over 100 software tools, is making its rounds as a kit sold on hacking forums. Interested...

In my last interview, I spoke to Katherine Teitler, who is the director of content for MISTI Training Institute. She also helps run the InfoSec World conference. This time, I spoke with Carrie Roberts. She has a senior red team role with Walmart. She's also a pretty good cartoonist if I say so myself. Kimberly Crawley: Tell me a bit about what you...

Microsoft has released a new feature called "Controlled Folder Access" that helps Windows users protect their data against ransomware. First announced in June 2017, Controlled Folder Access is an option in Windows Defender Security Center that went live in mid-October. Its purpose is to protect files contained in designated folders against...

Words have meaning. Cybersecurity and IT professionals routinely abuse the terms “policy” and “standard” as if they are synonymous. The same holds true for compliance terms since these terms tend to get thrown in the same bucket even though there are significant differences that should be kept in mind. Why Should You Care? Beyond just using...

At the U.S. Republican National Convention in Cleveland last year, more than 1,200 people connected to free WiFi networks with names like “I Vote Trump! Free Internet,” “I Vote Hillary! Free Internet,” and “Xfinitywifi.” They transferred gigabytes of data, doing things like checking e-mails and chatting. Some even shopped on Amazon or logged into...

Google has announced a bug bounty program covering other developers' popular Android apps available for download in its Play Store. On 19 October, the American multinational technology company launched its Google Play Security Rewards Program. Here's a high-level description of the new framework: "Google Play is working with the independent bug...

Industrial control system (ICS) cybersecurity has come a long way over the last decade. Today, we have well-established guidance for securing industrial plants and SCADA systems, including IEC-62443, NERC CIP and the NIST Cybersecurity Framework. Industry and governmental efforts to build awareness of cyber risks have also been successful. Most...

In 2014, the FBI warned that healthcare systems, including medical devices, were at an increased risk of cyber-attacks due to the unfortunate coupling of poor cybersecurity practices in the healthcare industry with patient health information (PHI) that commands high value on the dark web. This warning has largely been realized. The cost and...

A new, “highly prevalent” strain of Android malware was found infecting several Minecraft-related apps on the Google Play store, adding compromised devices into a botnet. According to security researchers at Symantec, at least eight mobile apps – with an install base ranging from 600,000 to 2.6 million devices – were infected with Sockbot. “The...

419 scammers are tempting unsuspecting users with a fake offer of $60 million in exchange for adopting their teenage son. The scam begins when a user receives a Twitter DM from the account of someone who appears to serve in the armed forces. Such unexpected correspondence could (and should) strike the recipient as odd. But the United States, the...

OPSEC (Operational Security) is a term derived from the U.S. military and is an analytical process used to deny an adversary information that could compromise the secrecy and/or the operational security of a mission. The very process of performing OPSEC or protecting yourself from an adversary not only plays a very important role in both offensive...

Nobody welcomes the prospect of having our online accounts hacked. It's a pain in the neck resetting passwords, warning your contacts, and worrying about the prospect that your identity may be stolen. But for some of us, the consequences of having our Gmail account compromised by state-sponsored hackers could be even more catastrophic and even life...

Microsoft’s Office 365 suite of cloud applications is now the most popular cloud service in the world by user count. While this has fast-tracked Microsoft’s path to becoming a cloud-first enterprise software company, it has also put a bulls-eye on Office 365, making it a target of choice for hackers. Given the fact that enterprises store a...

Continuing the discussion around the skills gap our industry is facing, I’m excited to share our final set of results from the Tripwire skills gap survey. My previous post highlighted the need for technical skills. But as this next set of findings indicates, soft skills in cybersecurity are not be overlooked. Every single participant in our survey...