Blog

Blog

Running the IoT Hack Lab @ SecTor

I’ve attended a number of conferences, and each event always comes with its unique responsibilities. If I go as an attendee, I’m generally taking notes to share information; if I go as a speaker, I’m on stage at some point talking; and if I go to help marketing, I’m at our booth shaking hands and explaining what Tripwire VERT does. All of these are...
Blog

New Ransomware Strain Targets Websites Powered by Linux OS

A security firm has uncovered a new strain of ransomware that is seeking to extort money from websites powered by the Linux operating system. On Thursday, Russian antivirus company Dr. Web added the malware, known as "Linux.Encoder.1," to its virus database. A description of the ransomware was created the following day: "Once launched with...
Blog

What Happens to Hacked Social Media Accounts

We read about hacks of social media accounts all the time, but what’s the point of it? How can someone benefit from hacking a personal social media account, especially a non-celebrity, when there are so many other things to hack? Go steal from a bank or something, right? This article is going to look at a few reasons why a social media account is...
Blog

Woman Cheated Out of $825 After Posting Photo of Winning Ticket to Facebook

A woman has lost $825 she won betting on the 2015 Melbourne Cup after she posted a photo of herself holding the winning ticket on Facebook. According to The Daily Mail, a woman named Chantelle placed a $20 bet on the 100-to-1 shot Prince of Penzance at this year's Melbourne Cup, Australia's most prestigious Thoroughbred horse race. "I've never bet...
Blog

Down But Never Out: Security Parallels from the 2015 World Series

In the early morning hours of Monday, November 1st, the Kansas City Royals won the 2015 major league baseball World Series. To be sure, the team secured its championship against the expectations of most. In the fifth game, the Royals trailed behind the New York Mets 0-2. Everyone expected that the Mets would win, but then things changed. At the top...
Blog

DarkHotel APT Employs Just-in-Time Decryption of Strings to Evade Detection

For decades, the field of computer security has evolved as a cat-and-mouse game between security researchers and malware authors. When the former devises new methods to detect malicious programs, the latter incorporates into their software dormant functionality scenarios and a variety of other evasive techniques – four of which are now particularly...
Blog

OmniRAT - the $25 way to hack into Windows, OS X and Android devices

Just last week, police forces across Europe arrested individuals who they believed had been using the notorious DroidJack malware to spy on Android users. Now attention has been turned on to another piece of software that can spy on communications, secretly record conversations, snoop on browsing histories and take complete control of a remote...
Blog

ProtonMail Suffers 'Extremely Powerful' DDoS Attack

ProtonMail, a Switzerland-based encrypted email service, recently suffered an "extremely powerful" distributed denial-of-service (DDoS) attack that has temporarily knocked it offline. On Tuesday, ProtonMail tweeted out that it was experiencing a DDoS attack and that it anticipated some of its...
Blog

Beware the Cyber Blind Spots

A blind spot is defined as “an area where a person's view is obstructed.” As a longstanding professional in the industry, seeing the rhetoric change over the years, from Information Security, through Information Assurance and now to “cyber security,” what is occurring is the creation of a significant and worrying blind spot. Sadly, what people...
Blog

Mainframe Insecuritites or Hack the Gibson. No, Really!

You can hack a toaster, a TV and a car... but a mainframe? Isn’t everything on Windows and Linux? Who still uses mainframes (specifically IBM’s flagship System Z running Z/OS)? They’re obsolete, specialized and cumbersome, just like the stuff that runs on them: TSO, JES, Walker, CICS, VTAM, MVS, IMS. And they’re pretty much sequestered from all the...
Blog

The TalkTalk Breach: Timeline of a Hack (UPDATED 11/25/15)

The UK telecommunications provider TalkTalk has made headlines in recent weeks following a breach against its website. Initially, the incident was believed to have compromised the personal and financial information of as many as four million TalkTalk customers. However, these estimates have since been revised as a result of an ongoing investigation...
Blog

Android 6.0 (Marshmallow) Security At a Glance

After just a few hours with a shiny new Nexus 5X running the latest version of Android 6.0 AKA “Marshmallow” release, a few behaviors have already caught my attention as welcomed security and privacy changes for the user-experience. (A few other items have caught my interest as points of potential vulnerability, but I’ll leave that for another day.)...
Blog

Snowden-Endorsed Signal Private Messenger App Comes to Android

Signal Private Messenger, an end-to-end encrypted communications app used by Edward Snowden, is now available to Android devices on the Google Play Store. On its website, Open Whisper Systems (OWS), the maker of Signal, released the following statement: "Today we’ve started rolling out Signal for Android, which unites simple private messaging and...
Blog

Empowering Pipeline SCADA Cybersecurity

Our nation depends heavily on the more than 2.3 million miles of pipelines in the United States that move oil, gas and other liquid products cross country to delivery points, such as airports, refineries, homes, and businesses. At an average of every 40 miles for natural gas pipelines, there are compressor stations that move the gas further along...
Blog

US, UK Banks To Test Resiliency in Cyber Attack Simulation

The Bank of England, in partnership with some of the biggest US Banks, will take part in an extensive cyber-attack simulation, as officials examine the financial industry’s readiness in the event of a security breach on its systems. The exercise, known as Operation Resilient Shield, is intended to be the most sophisticated test of communications and...
Blog

Kaspersky Releases All Decryptor Keys for CoinVault, Bitcryptor Ransomware

Kaspersky Lab has released all 14,000 decryptor keys for the ransomware variants CoinVault and Bitcryptor, a second-generation version of CoinVault. According to IT-Online, the security firm first discovered CoinVault back in May of 2014. This particular form of ransomware has since been targeting victims in approximately 20 countries, with The...
Blog

A New Twist on Ransomware

There is a new and scary development in ransomware. Ransomware is software that encrypts data on your computer and shared drives and then displays a message demanding payment for the decryption key. Generally, if you do not keep good backups of your data, your data will be lost. According to a report on a German website, there is a new strain of...
Blog

Second Teen Arrested in Connection with TalkTalk Breach

London law enforcement have announced the arrest of a second teenager in connection with the recent breach against UK telecommunications company TalkTalk. On Friday, the Metropolitan Police released the following statement: "On Thursday, 29 October, detectives from the Metropolitan Police Cyber Crime Unit (MPCCU) executed a search warrant at an...
Blog

The Security Hypocrisy Conundrum

This year’s Cyber Awareness Month has once again, seen some great articles, tips and practical advice that we can share with our colleagues, friends, family and children. Actively encouraging a positive security aware culture is a vital part of what we do as security professionals, and we should always be seen to be setting the right example;...