Resources

Blog

Exposed internal database reveals vulnerable unpatched systems at Honda

Automotive giant Honda has shut down an exposed database that contained sensitive information about the security -- specifically the weak points -- of its internal network. Security researcher Justin Paine discovered the sensitive information after scouring the internet with Shodan, a specialist search engine which can be used to find exposed...
Blog

CISA Warns of Insecure CAN Bus Networks Affecting Aircraft

The Cybersecurity and Infrastructure Security Agency (CISA) has warned of insecure CAN bus network implementations affecting aircraft. On 30 July, CISA explained that attackers could target aircraft by exploiting insecure implementations of their CAN bus networks, tools which allow separate devices...
Blog

The 6 Top Tips of Things to Do at Black Hat USA 2019

Are you going to Black Hat USA 2019? If you are, you’re no doubt counting down the days until 3-8 August when you can join the thousands upon thousands of security professionals at the Mandalay Bay Resort and Casino in Las Vegas, Nevada. But if you’ve been to any of its other 21 iterations, you probably know that this conference can be a bit...
Blog

Gadsden Independent School District Discloses Malware Attack

Gadsden Independent School District (GISD) announced that it was working to recover from a malware infection on its network. Travis L. Dempsey, superintendent of the Sunland Park school district, posted a notice about the attack on GISD's website. Our Technology Department has been working to address...
Blog

The Creation of Captain Tripwire: A Cyber Security Comic Book

It’s that time of year again where Black Hat and DEF CON are fast approaching and everyone interested in security will descend upon Las Vegas. While Craig Young will be there with his sold out Introduction to IoT Pentesting with Linux, I will be keeping my 2008 promise to myself and avoiding Vegas like the plague. I am, however, happy to announce...
Blog

Sephora Reveals Breach Might Have Affected Southeast Asian Customers

Sephora has revealed that a data breach might have exposed the personal information of customers based in Southeast Asia, Australia and New Zealand. On 29 July, the multinational chain of personal care and beauty stores sent out a notice announcing that a digital security incident had potentially infected the personal information of customers based...
Blog

NCSC Active Cyber Defence Report 2019: Evidence Based Vulnerability Management

On 16 July 2019, UK’s National Cyber Security Centre (NCSC) released the second annual report of the Active Cyber Defence (ACD) program. The report seeks to show the effects that the program has on the security of the UK public sector and the wider UK cyber ecosystem. The Active Cyber Defence Program NCSC was set up in 2016 to be the single...
Blog

How Will Brexit Affect Cybersecurity for UK Organizations?

As a vendor, Tripwire gets asked a lot of questions from customers and potential clients about how developments in the wider world might affect digital security. One of those forces that’s on everyone’s mind is Brexit. Representatives from some of our potential customers as well as our existing clients are asking us what to focus on and what to do....
Blog

Johannesburg Electricity Provider Falls Victim to Ransomware Attack

A company responsible for providing electricity to the South African city of Johannesburg disclosed that it fell victim to a ransomware attack. On 25 July, City Power disclosed on Twitter how the attack had affected all of its databases and applications as well as its network. https://twitter.com/CityPowerJhb/status/1154277777950093313 In subsequent...
Blog

Ask the Experts: What Will Have the Greatest Impact on ICS Security in the Next 5-10 Years?

As we noted in August 2018, industrial control system (ICS) security has become more complicated since the introduction of the web. Organizations are now bringing together the logical and physical resources of both information technology (IT) and operational technology (OT). This creates various ICS security challenges, including how each team must...
Blog

Lancaster University Says Phishing Attack Behind Data Breach

Lancaster University has revealed that a successful phishing attack resulted in a data breach involving the data of its students and applicants. On 22 July, the public research university announced on Twitter that it had suffered a "sophisticated and malicious phishing attack." This tweet linked to a security update published on the school's website...
Blog

Three Adware Apps Used Clever Tactics to Hide on Android Devices

Researchers detected three apps that leverage clever tactics to hide on Android devices so that they can display adware to users. The three adware distributors (com.colors.drawing.coloring, hd4k.wallpapers.backgrounds, and launcher.call.recorder) each had more than 10,000 downloads when Bitdefender Labs first came across them. Its researchers think...
Blog

Six System and Software Vulnerabilities to Watch Out for in 2019

Wouldn’t it be an easier life if we didn’t have to worry about the exploitation of vulnerabilities in solutions and software on which we have spent good time and resources? A world where correctly configured systems configured were left alone to perform their functions until they became redundant and/or needed replacing? It is a beautiful dream....
Blog

FaceApp Concerns: Myth or Mess?

There’s a lot of conversation regarding FaceApp right now. I have friends talking about it on Facebook, politicians are tweeting about it, CNN and Forbes have reported on it, and my favorite YouTuber Philip DeFranco covered it. People around the world are torn on the privacy implications of this application, yet the person who started this dumpster...
Blog

Multi-Cloud Security Best Practices Guide

A multi-cloud network is a cloud network that consists of more than one cloud services provider. A straightforward type of multi-cloud network involves multiple infrastructure as a service (IaaS) vendors. Can you use AWS and Azure together? For example, you could have some of your cloud network’s servers and physical network provided by Amazon Web...
Blog

Communication – The Forgotten Security Tool

Security professionals have many tools in their toolbox. Some are physical in nature. (WireShark, Mimikatz, endpoint detection and response systems and SIEMs come to mind.) Others not so much. (These assets include critical thinking faculties, the ability to analyze complex processes, a willingness—some call it a need—to dig in and find the root cause...