Blog

Blog

To Air-Gap or Not Air-Gap Industrial Control Networks

What is air-gapping, and why do we air-gap networks? What camp are you in? In the camp that believes in air-gaps, or the other set that says they truly do not exist? Air-gap networks are networks that are physically and logically isolated from other networks where communication between these networks is not physically or logically possible. Over...
Blog

Oregon State University (OSU) Discloses Data Breach

Oregon State University (OSU) has disclosed a security incident that potentially affected the personally identifiable information of some students and their families. On 14 June, OSU announced that the security incident occurred back in May when external actors hacked a university employee's email...
Blog

Climbing the Vulnerability Management Mountain

The purpose of this series of blogs is to guide you on your journey up the Vulnerability Management Mountain (VMM). Like climbing a mountain, there is a lot of planning and work required, but when you get to the top, the view is amazing and well worth the journey. Your progress will depend on your funding and priorities, but climbing at a quick...
Blog

Adding to the Toolkit – Some Useful Tools for Cloud Security

With more business applications moving to the cloud, the ability to assess network behavior has changed from a primarily systems administration function to a daily security operations concern. And whilst sec-ops teams are already familiar with firewall and network device log tools, these can be of limited use in a "cloud first" business where much...
Blog

What Public Sector CISOs Should Take Away from Verizon’s 2019 DBIR

It’s been a few weeks since Verizon released the 12th edition of its Data Breach Investigations Report (DBIR). For this publication, Verizon’s researchers studied 41,686 security incidents in which a response was necessary. These analysts found that 2,013 of those incidents were data breaches in that some sort of information was actually compromised. Out of all the other sectors, public...
Blog

The Tax Paying Hacker: A Modern Phenomenon

In a dark room lit only by the light from four computer monitors sits a hacker named Hector (not his real name). You can hear the faint pulse of an EDM track coming from his headphones as Hector taps away on his computer’s keyboard. The above description could serve as the setting for a hacker movie set in the early 2000s. But it doesn’t work in...
Blog

YouTube Attacks to Watch Out For in 2019

YouTube, the world’s top provider of streaming multimedia content, keeps reaching new heights in terms of its popularity. Nearly two billion monthly users and five billion videos watched every single day – these impressive statistics speak for themselves, and the numbers are steadily growing year over year. Everybody loves YouTube and so do...
Blog

VERT Threat Alert: June 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s June 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-835 on Wednesday, June 12th. In-The-Wild & Disclosed CVEs CVE-2019-1053 An issue where Windows Shell fails to properly validate folder shortcuts could lead to sandbox escape. The attacker...
Blog

Food Bank Needs Help Recovering from Ransomware Attack

A King County food bank said it will need help recovering from a ransomware infection that affected its computer network. At around 02:00 on 5 June, bad actors targeted the severs of Auburn Food Bank with ransomware. The crypto-malware, which according to Bleeping Computer was a variant of...
Blog

Steps for Successful Vulnerability Management: Lessons from the Pitch

When I was younger, I played a variety of team sports and enjoyed competing against opponents with my teammates. Winning was always a matter of applying sound tactics and strategy, attacking and defending well and using a blend of skill, talent and luck. Now that I’m older, I watch more than I play, and I’m able to appreciate the many lessons team...
Blog

Fortune 500 Company Addresses Weakness Behind 264GB Data Leak

A Fortune 500 company has addressed a security weakness responsible for a data leak that exposed 264GB worth of information. On 2 June, vpnMentor security researchers Noam Rotem and Ran Locar discovered that a log management server owned by global technology distributor Tech Data Corporation did not...
Blog

The CMMC – A Palatable Enforcement Solution to DFARS Requirement?

My colleagues and I have been warning about the Department of Defense’s (DoD's) looming enforcement of DFARS clause 252.204-7012 for a while now, as many Tripwire customers handle government CUI. Inevitably, we are asked how long we think it will be until enforcement takes place. Our response is that enforcement will take place when compliance oversight is driven from the top down. Based on DoD’s...
Blog

PCASTLE Malware Attacks Targeting China-Based Systems with XMRig

A new wave of attacks involving PCASTLE malware are targeting systems located in China with the XMRig cryptocurrency miner. On 17 May, Trend Micro first observed a series of attacks that use PCASTLE, an obfuscated PowerShell script, to target mainly China-based systems with XMRig, cryptomining malware was involved in numerous attacks in 2018. The...
Blog

11 Common Tools for Your DevOps Team

DevOps is revolutionizing the way enterprises deliver apps to the market by blending software development and information technology operations. This convergence creates an assembly line for the cloud, as Tim Erlin wrote for The State of Security, by increasing the rate at which companies can develop apps and deliver them to users. 11 Common Tools...