Resources

Blog

VERT Threat Alert: March 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s March 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-874 on Wednesday, March 11th. In-The-Wild & Disclosed CVEs Microsoft has not identified any of the vulnerabilities released this month as having been identified in-the-wild or publicly...
Blog

Chatbot Used by Phishing Scammers to Help Victims Provide Their Data

Digital fraudsters incorporated a chatbot into their phishing scam for the purpose of helping victims hand over their personal information. In a scam discovered by MalwareHunterTeam and shared with Bleeping Computer, digital attackers targeted Russian users with fake refunds of 159,700 rubles ($2,100) for unused web and phone services. The campaign...
Blog

Four Important Steps to Secure the United States 2020 Election

It’s an unfortunate reality that cyber attacks on the U.S. 2020 election are likely to happen. However, while this is a potent threat to democracy, an even greater threat is to not take the necessary actions to prevent these attacks until it is too late. There are many different types of cyberattacks that the U.S. 2020 election could face. ...
Blog

To Be or Not to Be: BCSI in the Cloud?

With regard to BCSI (BES (Bulk Electric System) Cyber System Information) in the cloud, responsible entity sentiments at the moment may be akin to Prince Hamlet as he contemplated death and suicide, “bemoaning the pain and unfairness of life but acknowledging that the alternative might be worse.” As currently written and subject to enforcement,...
Blog

Expired Certificates Used as Disguise to Spread Buerak, Mokes Malware

Researchers observed digital attackers employing expired security certificates as a disguise to distribute the Buerak downloader and Mokes malware. Kaspersky Lab learned of a new attack method in which malicious actors leveraged infected websites to warn visitors of an expired security certificate. The Russian security firm traced the first...
Blog

The War of Passwords: Compliance vs NIST

The most recent National Institute of Standards and Technology (NIST) guidelines have been updated for passwords in section 800-63B. The document no longer recommends combinations of capital letters, lower case letters, numbers and special characters. Yet most companies and systems still mandate these complexity requirements for passwords. What...
Blog

What is ISO/IEC 27701?

If you have a familiarity with any information security frameworks and certifications, it’s more than likely you have heard of International Organisation for Standardisation (ISO) and possibly the International Electrotechnical Commission (IEC). From my experience, the most commonly referred to business-level security related certifications are ISO...
Blog

Let's Encrypt Says It Will Revoke 3M Certificates Due to Software Bug

Non-profit certificate authority (CA) Let's Encrypt announced it will revoke more than three million digital certificates due to a software bug. On March 3, Let's Encrypt revealed its plan to revoke 3,048,289 currently-valid certificates. That figure represented approximately 2.6% of the CA's approximately 116 million active certificates at the time...
Blog

PwndLocker Ransomware Targeting Municipalities, Enterprise Networks

Security researchers discovered a new ransomware family called "PwndLocker" targeting municipalities and enterprise networks. Bleeping Computer learned that PwndLocker has been active since late 2019 and has targeted a variety of U.S. cities and organizations in that span of time. According to one source of the computer self-help site, the new...
Blog

How the MITRE ATT&CK Framework Can Improve Your Defenses

Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim Erlin, each episode brings on a new guest to explore the evolving threat landscape, technology trends, and cybersecurity best...
Blog

What Is PIPEDA? And How Does It Protect You and Your Privacy?

You have likely heard of the General Data Protection Regulation (GDPR), and you probably refer to this standard whenever the topic of privacy and data processing arises. But what about outside of the EU? The Office of the Privacy Commissioner of Canada (Commissariat à la protection de la vie privée du Canada) has a twitter account that shares...
Blog

Navigating Cyber Landscape of Connected and Autonomous Cars

In recent years, various attacks have been performed to highlight security concerns about evolving smart cars. In particular, remote hacks took a lot of attention in 2015 when two security researchers hijacked the car’s infotainment system and demonstrated how to manipulate smart car functions. Such attacks elevate the risks associated with the...
Blog

Beware secret lovers spreading Nemty ransomware

Digital attackers are sending around love-themed malicious emails in an attempt to infect recipients with the Nemty ransomware. If you've been kicking around in the world of IT security for more years than you'd like to admit, then you'll surely remember the ILOVEYOU virus (also known as the "Love Bug" or "Loveletter"). When the Love Bug virus...
Blog

More Than 140GB of Data Exposed by Israeli Marketing Company

An Israeli marketing company exposed more than 140GB of data by mishandling the credentials for an Elasticsearch database. A San Diego-based DevOps engineer who uses the Twitter handle 0m3n detected the disclosure after they grew tired of receiving text messages from "random phone numbers with similar messages containing links to gibberish domains."...
Blog

Tripwire Patch Priority Index for February 2020

Tripwire's February 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft and Adobe. Up first on the patch priority list this month are patches for Microsoft Edge and Scripting Engine. These patches resolve information disclosure, elevation of privilege, and memory corruption vulnerabilities. Next on the list are...