Blog

Blog

To Agent or Not to Agent: That Is the Vulnerability Management Question

With the evolution of technology comes new approaches to solving problems. Sometimes a new approach fixes the problem; sometimes it creates new ones. The good thing is as folks who work in fast-paced, high-tech environment, we information security professionals are great at quickly analyzing the new technologies and applying them to our daily lives....
Blog

VERT Threat Alert: February 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s February 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-817 on Wednesday, February 13th. In-The-Wild & Disclosed CVEs CVE-2019-0676 The first vulnerability in the list today is an Internet Explorer vulnerability that is already seeing active...
Blog

High Severity RunC Vulnerability Exposes Docker And Kubernetes Hosts

Often claimed as a worst-case scenario, a container breakout vulnerability has been discovered in RunC, the universal container runtime used by Docker, Kubernetes and other containerization systems. Further research has discovered that a similar version of the same vulnerability affects the LXC and Apache Mesos packages. Identified as CVE-2019-5736,...
Blog

Dunkin' Says Credential Stuffing Attacks Targeted DD Perks Accounts

Dunkin' Brands Inc. ("Dunkin'") said that bad actors recently used credential stuffing attacks to target some DD Perks accounts. Kari McHugh, senior director of customer relations at Dunkin', wrote in a sample letter sent to the Office of the Vermont Attorney General that the company detected a wave of credential stuffing attacks near the beginning...
Blog

Supply Chain Security – Sex Appeal, Pain Avoidance and Allies

Every security professional and every privacy professional understands that supply chain security is as important as in-house security. (If you don’t understand this, stop and read Maria Korolov’s January 25, 2019 article in CSO, What is a supply chain attack? Why you should be wary of third-party providers.) So how do you marshal the resources that you need to implement effective supply chain...
Blog

Phishers Leveraging Google Translate to Target Google and Facebook Users

Phishers are leveraging Google Translate in their attempts to steal the login credentials for users' Google and Facebook accounts. Larry Cashdollar, a member of Akamai's Security Intelligence Response Team (SIRT), received an email in early 2019 informing him that someone had accessed his Google account from a new Windows device. On his phone, the...
Blog

The Top Tactics to Be Successful at Secure DevOps

Today’s increasingly connected world, with access to mobile devices and cloud scale computing, is leading to disruption in business models and processes. To succeed, you have no option but to continuously deliver new value to customers at the increasing speed that they demand. Mark Andreessen, the founder of Netscape, said a few years back that ...
Blog

Google Chrome extension warns if your password has been leaked

Anyone who has a presence on the internet is likely to be suffering from breach fatigue. Data leaks are reported in the headlines on a daily basis, and users can feel so overwhelmed by the sheer number of breaches that they feel there's little they can do to keep ahead of hackers. It can almost feel like a full-time job as you try to determine if...
Blog

Software Vulnerabilities Used by 200 VT Towns Left Employees' SSNs Exposed

Vulnerabilities in software used by 200 Vermont municipalities left town employees' Social Security Numbers and other information exposed. Brett Johnson, owner of IT company simpleroute, discovered the flaws after two Vermont towns hired him to do some work for them back in 2017. According to a report in which he wrote about the weaknesses, Johnson...
Blog

Why Security Is Needed to Keep the CI/CD Pipeline Flowing Smoothly

Technology has advanced to a state where clients now expect a constant stream of updates for their software and applications. To fulfill this demand, developers commonly turn to what’s known as a CI/CD pipeline. As noted by Synopsys, this practice embraces two important software development concepts of today’s streamlined world: Continuous...
Blog

Cybersecurity Documentation: The Best Defense Is a Good Offense

Most people do not regard their cybersecurity and privacy documentation as a proactive security measure. On the contrary, many oftentimes view documentation as a passive effort that offers little protection to a company, generally an afterthought that must be addressed to appease compliance efforts. Where documentation may get some much-needed...
Blog

Scammers Threatening YouTube Content Creators with Channel Suspension

Scammers are now using the threat of channel suspension to coerce YouTube content creators into meeting their demands and sending over money. These digital attackers are specifically targeting YouTube's policy infringement system through which users can report a video that they feel violates the video-sharing website's policies for acceptable...
Blog

Introducing Zombie POODLE and GOLDENDOODLE

I’m excited to announce that I will be presenting at this year’s Black Hat Asia about my research into detecting and exploiting CBC padding oracles! Zombie POODLE and GOLDENDOODLE are the names I’ve given to the vulnerabilities I’ll be discussing. Similar to ROBOT, DROWN and many other vulnerabilities affecting HTTPS, these issues stem from...
Blog

Houzz Says Security Incident Might Have Exposed User Data

Home design website and community Houzz revealed that a security incident might have exposed some users' personal and account data. On 1 February, Houzz published a security update explaining that it detected the security event in late December 2018. The company didn't provide exact details about how...
Blog

#TripwireBookClub – Pentesting Azure Applications

For the final book purchase of 2018, members of VERT decided to read "Pentesting Azure Applications: The Definitive Guide to Testing and Securing Deployments," written by Matt Burrough and published by No Starch Press. Matt has spent nearly four years with Microsoft’s Digital Security & Risk Engineering (DSRE) Red Team as a Senior Penetration Tester...
Blog

Tripwire Patch Priority Index for January 2019

Tripwire's January 2019 Patch Priority Index (PPI) brings together the top vulnerabilities from Microsoft, Adobe and Oracle. First on the patch priority list this month are patches for Microsoft's Browser and Scripting Engine. These patches resolve six vulnerabilities, including fixes for Memory Corruption, Elevation of Privilege and Remote Code...
Blog

Airbus Reveals It Suffered a Digital Security Incident

European aerospace corporation Airbus SE has revealed that a digital security incident recently affected some of its computer systems. In a press release published on 30 January, Airbus confirmed that its “Commercial Aircraft business” information systems suffered a security incident. The corporation said that the event did not affect Airbus'...