Resources

Blog

Five Tell-Tale Signs of a Compromised Website

Everyone has done it at least once – entered the wrong URL when trying to visit a website. Maybe instead of "google.com" you fat-fingered "google.cm," Google's main search page for Cameroon. No big deal there, and we hear the scenery there is lovely. But sometimes a tiny mistake can result in big problems. Entering a URL that’s off by just one...
Blog

The WADA Hack of Olympic Athletes' Medical Data - A Timeline

Whenever there's a big event like the Olympic Games, there's a concern that fraudsters will target spectators and attempt to compromise their digital security. That's why we at The State of Security published some tips on how attendees of the 2016 Summer Olympics in Rio de Janeiro, Brazil could avoid getting hacked and defend themselves against...
Blog

Data Breach Overconfidence Strikes Again, This Time in the Energy Sector

In its 2016 Breach Detection Study, Tripwire evaluated the confidence and efficacy of 763 information security professionals in implementing seven key security controls: PCI DSS, SOX, NERC CIP, MAS TRM, NIST 800-53, CIS Top 20 and IRS 1075. Those resources, which align with the United States Computer Emergency Readiness Team (US-CERT) recommendations...
Blog

Summer Security Interns: Tripwire's Perspective

In 2015, Tripwire partnered with FIRST Robotics to bring on summer interns from local high schools. Our goal was to teach the students about various aspects of information security on both the offensive and defensive side. The goals I set out for our interns in 2015 were a bit lofty, to say the least. I had planned on teaching them about the various...
Blog

DNS Amplification - Protecting Unrestricted (Open) DNS Resolvers

In a prior post, I gave a broad overview of some of the challenges we face in securing unrestricted DNS resolvers. I presented a talk at BSides Las Vegas on the topic and wanted to take some time to delve into more technical details regarding some of the attacks we have seen, as well as review some mitigation strategies. You can find video of the...
Blog

Researcher Develops Method to Bypass iOS Passcode Limit on iPhone

A security researcher has come up with a method that would allow an attacker to bypass the iOS passcode limit on certain iPhone models. Sergei Skorobogatov's process consists of an attacker mirroring the Flash memory stored in an iPhone 5c's NAND cells. During a press conference back in March, FBI Director James Comey explained his agents could not...
Blog

10 Best Practices In IT Security Management Automation

In my last blog post, I introduced the topic of automation and how it can help improve security posture. In this post, we’ll be covering some of the risks automation can mitigate against. Data Breaches and Cyber Attacks A recent survey by ISACA on organization preparedness indicated that only 38% of businesses were confident they were prepared to...
Blog

FBI Director Says Covering Up Your Webcam with Tape 'A Good Thing'

FBI Director James Comey feels that covering up a computer's webcam with a piece of tape is "sensible" and "a good thing." In an interview commemorating 10 years of operation for the National Security Division (NSD), a body of the U.S. Department of Justice that leverages law enforcement, intelligence, and other government resources to respond to...
Blog

3 Questions to Gauge the Resiliency of Your Vulnerability Management Solution

Looking at the cyberthreat landscape, millions of new devices come online every day. But there’s a shortage of qualified cybersecurity workers to protect those devices once they come online. Additionally, in almost every case, it takes minutes or less to compromise them. Simply running more vulnerability scans to collect more data and generating more...
Blog

Mobile Devices: Innovative, Productive... and a Huge Risk Factor?

It’s hard to believe that in such a relatively short period of time, smartphones and other mobile devices, such as tablets, have become so tightly woven into both our personal and work lives. And unlike desktop or laptop computers that are usually company-owned, personally-owned mobile devices are often filled with company related apps, data, email...
Blog

VERT Threat Alert: September 2016 Patch Tuesday Analysis

Today’s VERT Alert addresses 14 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-689 on Wednesday, September 14th. Ease of Use (published exploits) to Risk Table Automated Exploit Easy...
Blog

My Summer 2016 Internship at Tripwire

My name is David. Now that you know my name, you should know technology is my passion. I've participated in the FIRST Robotics Competition, and I'm deeply knowledgeable about computer programming languages and software. But throughout my learning, I've always known cybersecurity would teach me and play an important part in my future career,...
Blog

Shark Ransomware Rebrands as Atom, Keeps Attractive Payment Model

Shark ransomware has rebranded itself as the Atom ransomware affiliate program but has kept a favorable payment model to attract criminal customers. First detected on 15 August, 2016, Shark is a ransomware-as-a-service (RaaS) platform that allows computer criminals with low levels of technical expertise to sit at the adult table and distribute crypto...
Blog

The Benefits of Sharing Information for IT and Security

Confidentiality, Integrity and Availability – those are the three pillars of the CIA triad model for information security. Here's something you might not have known: in reverse order, those same pillars apply to IT Operations. Think about it. In a world of agility and enablement, the availability, integrity and confidentiality of the systems and...
Blog

Cerber 3 Ransomware Virus Is Already Here

AVG security researcher Jakub Kroustek has recently discovered tracks of the Cerber 3 ransomware virus marking encrypted files with the .cerber3 file extension. Unlike previous variants of Cerber, for which decryptors have been already developed, this variant contains fixes that prevent malware researchers from decrypting the files. Since this virus...