Resources

Blog

How UK Public Sector Organizations Can Craft an Effective Cyber Security Strategy

Organizations in the United Kingdom’s public sector face several challenges in terms of their digital security. Today, these companies must meet an increasing number of regulatory compliance obligations. GDPR likely sits near the top of UK public sector organizations’ list of responsibilities given the penalties they could incur should they fail to adequately protect EU citizens’ personal data....
Blog

Hash Hunting: Why File Hashes are Still Important

According to Gartner, threat intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications and actionable intelligence. When security research teams or government agencies release threat intelligence reports, some of the more tactical actionable intelligence is in the indicators. These indicators include (but are...
Blog

Infosec Problems For 2019 and Beyond: Patching, Bug Bounties and Hype

Details of a Virtual Box 0-day privilege escalation bug were disclosed on GitHub earlier this week. This was the work of independent Russian security researcher Sergey Zelenyuk, who revealed the vulnerability without any vendor coordination as a form of protest against the current state of security research and bug bounty programs. From my...
Blog

Spam-spewing IoT botnet infects 100,000 routers using five-year-old flaw

Security researchers are warning that a botnet has been exploiting a five-year-old vulnerability to hijack home routers over the last couple of months. Analysts working at Qihoo 360's Netlab team say that they first identified the new botnet in September 2018. They have dubbed it "BCMUPnP_Hunter" because of its exploitation of a security hole in the...
Blog

Software Monitoring for NERC CIP Compliance: Part 2

In Part 1 of this series, I walked through the background of the NERC CIP version 5 controls and outlined what needs to be monitored for NERC CIP software requirements. In this second half of the series, we’ll take what we’ve learned and explore approaches for meeting the requirements while considering security value. NERC CIP is supposed to be for...
Blog

Half a Million People Potentially Affected by Data Breach at Bankers Life

A data breach at Bankers Life might have compromised the personally identifiable information of over half a million people. On 25 October 2018, Fortune 1000 company CNO Financial Group, Inc. submitted a report to the Office for Civil Rights' Breach Portal at the U.S. Department of Health and Human Services. The report revealed an instance of...
Blog

HSBC Bank Notifies Customers of Data Breach

HSBC Bank sent a letter to an undisclosed number of customers informing them of a data breach that might have exposed their personal information. The California Attorney General's Office recently received a template of a letter that HSBC Bank sent out to customers on 2 November. In the notice, the...
Blog

Statistics Canada Asks for Banking Information of 500,000 Canadians

Everyone knows that it’s not a matter of if your private information will be breached. It’s a matter of when. I don’t have much of an expectation of privacy these days. A search in the Amazon application on my iPhone means that I’ll start seeing Facebook ads for that item. Google maintains a timeline of my visits to various locations. Video cameras...
Blog

Watch Out for the "Programmer Who Cracked Your Email" Bitcoin Scam

The internet can be as dangerous a place as any. And every so often, it gets shaken up by some new threat that jeopardizes the safety of users across the globe. Thus, one of the latest scares that has come to our attention is that of the so-called “Programmer who cracked your email” Bitcoin scam. Exactly how serious this ‘scare’ is still remains to...
Blog

Software Monitoring for NERC CIP Compliance: Part 1

As organizations grappled with NERC CIP version 5, Tripwire learned along the way. In this series, I’ll cover the aspect of CIP that has come up the most in the last year: how to meet the software monitoring requirements. Software Inventory as a Security Control It is a simple question at first, but the more we peel back the layers, the more we...
Blog

Radiation Isn’t the Only Risk Associated with Medical Imaging Devices

As a patient moves down the small, loud tunnel of an MRI tube, CT scan, or other high-powered radiology device, it’s safe to assume they believe the diagnostic benefits outweigh the risk of radiation exposure (and a possible claustrophobic-induced panic attack). In fact, only after understanding – and accepting -- these risks is a patient permitted...
Blog

YAPBS – Yet Another Password Breach Scam

Back in July, I wrote about the sextortion scam that had been circulating for a while. A new wave was spreading, and I’d seen multiple people taking about it on my Facebook, so I figured putting pen to paper (I suppose today that is fingers to keyboard.) made sense. Today, my aunt reached out to share the latest scam email she's received, one that I...
Blog

How Vulnerable Is the Presidential Alert System?

Thanks to a new notification service launched by the United States government in 2018, the President now has the power to issue alerts to every citizen with a working cell phone. The technology for this service, known as the Wireless Emergency Alerts (WEA) system, has been around for a number of years and has been implemented for events like Amber...
Blog

Tripwire Patch Priority Index for October 2018

Tripwire's October 2018 Patch Priority Index (PPI) brings together the top vulnerabilities from libssh, Microsoft and Oracle. First on the patch priority list this month is an authentication bypass vulnerability in libssh. This vulnerability can be exploited remotely, and exploit code has recently been added to Metasploit. Next are patches for...
Blog

Redefining the Meaning of Operational Risk

The definition of "operational risk" is variable but it generally covers the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. I, however, want to re-examine this general definition, so that the definition of operational risk takes into account all the cybersecurity-related risks that...
Blog

Police Raid Illegal Call Centers Linked to CRA Phone Scam

There have been many scams that have utilized the phone system to gain access to funds or personal information from hardworking individuals. One of the most prevalent scams that seems to persist in both Canada and the United States is the tax agency scam. The Canada Revenue Agency (CRA) and the Internal Revenue Agency (IRS) were both victims of...