Resources

Blog

Managed Vulnerability Management? Yes, You Read That Right

The importance of a mature vulnerability management program can’t be overstated. File integrity monitoring (FIM) and security configuration management (SCM) might be the bedrock of a strong cybersecurity program, but they can only go so far. Scanning for vulnerabilities needs to be a foundational part of your program, too. The Center for Internet...
Blog

Women and Nonbinary People in Information Security: Liz Bell

I’ve got great news for you! My interview series continues. Last week, I spoke with Nicola Whiting, cyber hygiene specialist and Titania Chief Strategy Officer. This time, I had the privilege of speaking with defensive security expert Liz Bell. We talked about the 90s internet, blue teaming, sexism and transphobia in tech as well as what pen testing...
Blog

High-rolling hacker jailed after launching malware attacks via websites

A British man has been jailed for over six years after exploiting ad networks on pornographic websites to spread malware onto innocent users' computers. 24-year-old Zain Qaiser made massive profits from victims in over 20 countries around the world through a criminal scheme which involved malware and blackmail. According to the National Crime Agency...
Blog

MuddyWater Group Using Spam Campaign to Hijack Victims' Computers

The MuddyWater threat attack group is using a spam campaign to hijack victims' computers and steal sensitive information. Discovered by Heimdal Security in early April, the campaign begins when malicious actors use social engineering techniques to trick a user into opening a malicious Microsoft Office document attached to a phishing email. The...
Blog

The Risk of Credential Stuffing to the Smart Home

As technology advances and the costs of connecting electronic components to the internet decreases, the lower the cost of having an internet connected smart home is. Sensors placed throughout a house and integrated into home appliances can provide homeowners the advantages of monitoring and managing functions of the home remotely. According to...
Blog

TRITON Framework Leveraged at a Second Critical Infrastructure Facility

Researchers have discovered that malicious actors leveraged the TRITON framework at a second critical infrastructure facility. In this particular attack, the threat actor maintained access to the target corporate networks for nearly a year before gaining access to the Safety Instrumented System (SIS) engineering workstation. They remained relatively...
Blog

VERT Threat Alert: April 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s April 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-825 on Wednesday, April 10th. In-The-Wild & Disclosed CVEs CVE-2019-0803 This CVE describes a privilege escalation vulnerability in Win32k that could allow an attacker to execute code in...
Blog

Tripwire Patch Insanity: The Results

Thanks for playing along! By now, you’ve probably seen that the winner of our tournament is Shellshock. I long felt that this was the expected winner of Patch Insanity given the competition and I wasn’t expecting any major upsets, but there were definitely one or two. The big one that came to mind for some of us was GHOST defeating EternalBlue....
Blog

Women and Nonbinary People in Information Security: Nicola Whiting

Last time, I spoke with Ashanti, a Rust developer who’s always mindful of security. She explained how Rust is a more secure language, and she explained holochain to me. This time, I spoke to Nicola Whiting. As the Chief Strategy Officer of Titania, she works on how AI can be implemented to prevent cyber threats caused by poor cyber hygiene. Kim...
Blog

Planetary Ransomware Victims Can Now Recover Their Files for Free

Security researchers have released a decryptor that enables victims of the Planetary ransomware family to recover their files for free. Released by Emsisoft, this decryptor requires a victim to have a copy of the ransom note. It's not hard to find. Planetary ransomware, which earns its name for its use of planet-related file extensions including "...
Blog

How to Evade Detection: Hiding in the Registry

MITRE Corporation’s ATT&CK framework is a living, curated repository of adversarial tactics and techniques based on observations from actual attacks on enterprise networks. It’s a valuable trove of information for security analysts, threat hunters and incident response teams. Today, I’m going to look at a particular method for evading detection, often...
Blog

Vulnerability Management: Myths, Misconceptions and Mitigating Risk

Vulnerability Management is a much-talked-about practice in the IT security industry. Whether it is the debate on vulnerability scoring, how to implement a suitable vulnerability management program based on your own resources or even trying to convince leadership a vulnerability management solution alone won't solve all your cybersecurity issues,...
Blog

Unsecured databases found leaking half a billion resumes on the net

Barely a day goes by anymore without another report of sensitive data being left accessible to anyone on Elasticsearch servers or MongoDB databases that have not been properly configured. Today is no different. As ZDNet reports, researchers have discovered several exposed servers that belong to Chinese recruitment firms. Security experts Devin...
Blog

Bayer Reveals Its Detection and Containment of Digital Attack

German multinational pharmaceutical and life sciences company Bayer AG has revealed that it detected and contained a digital attack. As reported by Reuters, Bayer discovered the installation of malicious software on its systems in early 2018. It then quietly monitored and analyzed the malware through...
Blog

3 Stages to Mounting a Modern Malware Defense Program

You would be hard-pressed these days to remain ignorant of the growth of ransomware incidents experienced by organizations large and small. We’ve seen a ton of press around these events, from CryptoLocker to WannaCry. The impact of this type of malware is newsworthy. The landscape of malware is changing, however. While ransomware is still a...