Blog

Blog

Pakistani Electric Supply Company Struck by Netwalker Ransomware

An electric supply company based in Karachi, Pakistan suffered a Netwalker ransomware infection that disrupted its billing and online services. Bleeping Computer learned of the attack through Ransom Leaks, a ransomware researcher who received word from a local Pakistani company that the attack was affecting K-Electric's internal services. According...
Blog

Learn Ghidra From Home at SecTor 2020

Running the IoT Hack Lab at SecTor has been a highlight of my year since 2015. Although we won’t be back this year to fill our corner of the MTCC, I’m happy to be teaching A Beginner’s Guide to Reversing with Ghidra as part of the SecTor 2020 virtual conference October 19-20. Ghidra is an advanced software reverse engineering suite developed by NSA...
Blog

VERT Threat Alert: September 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s September 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-903 on Wednesday, September 9th. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs included in this month’s security guidance. CVE Breakdown by Tag While...
Blog

DoppelPaymer Gang Claims Responsibility for Newcastle University Issues

The DoppelPaymer ransomware gang claimed responsibility for a digital security incident that affected Newcastle University's network and systems. In a news release published on its website, Newcastle University revealed that it had begun experiencing issues with several of its IT systems on August 30. Those issues rendered all services inoperable...
Blog

Identifying the Most Dangerous Common Software and Hardware Weaknesses and Vulnerabilities – The CWE Top 25 (2020 Edition)

So far, there has not been a perfect solution to ridding the world of software and hardware weaknesses. Keeping up-to-date with which weaknesses have are most common and impactful can be a daunting task. Thankfully, a list has been made to do just that the Common Weakness Enumeration Top 25 (CWE). The CWE Top 25 is a community-developed list of the...
Blog

Targeted Company's Homepage Used in Message Quarantine Phish

Security researchers observed that malicious actors had incorporated a targeted company's homepage into a message quarantine phishing campaign. The Cofense Phishing Defense Center found that the phishing campaign began with an attack email that disguised itself as a message quarantine notification from the targeted company's IT department. The email...
Blog

Google Ups Bug Bounty Reward Amounts for Product Abuse Risks

Google announced its decision to increase the reward amounts for product abuse risks reported through its bug bounty program. On September 1, Google employees Marc Henson and Anna Hupa announced that researchers could now receive up to $13,337 for reporting a High-Impact vulnerability through which a malicious actor could abuse Google products for...
Blog

Covid-19 Exposure Logging: Key Privacy Considerations

Recently, both Apple and Google released new updates for iPhone and Android devices. One feature that was added was “Covid-19 Exposure Logging.” The feature is off (for now), and according to the text that accompanies the app, when turned on, it is set to communicate via Bluetooth to other devices. ...
Blog

Dashboards: An Effective Cybersecurity Tool

Data is only as good as what you are able to do with it. Not only does the cybersecurity universe collect data, but individual enterprises also collect cybersecurity data from within their organization as well as from external sources in order to add to more context and relevance. All data needs to be analyzed in order to create actionable insights...
Blog

Former AlphaBay Moderator Sentenced to 11 Years in Prison

A Colorado man received a prison sentence of 11 years for having served as a moderator on the AlphaBay underground marketplace. U.S. District Court Judge Dale A. Drozd handed down the sentence to Bryan Connor Herrell (known as “Penissmith” and “Botah” online), 26, of Aurora, Colorado on September 1,...
Blog

CISO: What the Job REALLY Entails and How It’s Evolved over the Years

All of us know what a Chief Information Security Officer (CISO) does from afar. A CISO upholds the organization’s overall security by overseeing the operations of the IS practice, the IT security department and related staff. In this capacity, those who become a CISO attain the highest paying job in information security, as it carries the associated...
Blog

Gift Cards Requested in Two-Thirds of BEC Attacks, Report Reveals

A report revealed that scammers requested funds in the form of gift cards in two-thirds of business email compromise (BEC) attacks. For a phishing trends report from the Anti-Phishing Working Group (APWG), APWG member Agari examined thousands of BEC attacks that occurred in the second half of 2020. It found that 66% of them involved gift cards. By...
Blog

Tripwire Patch Priority Index for August 2020

Tripwire's August 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, and Apple. Up first on the patch priority list this month are patches for Microsoft and Apple for vulnerabilities that have been integrated into various exploits. Metasploit has recently added exploits for Microsoft .NET Framework,...
Blog

SCM in Practice: How to Strengthen Your Organization’s Security Processes

Security configuration management (SCM) involves maintaining a secure baseline configuration for an organization’s systems and monitoring those assets for deviations from that baseline. This fundamental control pairs well with other elements of an organization’s security strategy. As such, SCM enables security teams to harden their organization’s...
Blog

Emotet Switches to 'Red Dawn' Template in Weaponized Word Documents

Researchers observed that the Emotet gang had incorporated a new "Red Dawn" template into their weaponized Word Documents delivered to users. Until recently, Emotet's handlers had been targeting users with a iOS-themed document template for their malicious Word documents. The template explained that a sender had created the document on iOS, and it...