Blog

Blog

Advanced Security in All Sorts of Places

There's a growing trend spreading through many different organizations in which automated and advanced security features are being developed, capabilities which were previously in the realm of more traditional security vendors. There’s now more security in more places than ever before, with much of it owing to infrastructure and software-as-a...
Blog

6 Common Cloud Security Myths Debunked for You!

You’ve probably been hearing about the cloud a lot, and with the increasing number of businesses moving their data online, it’s obvious that cloud computing and security are here to stay. With a number of benefits like data security, minimized risks, regulatory compliance, flexibility, round-the-clock availability, uninterrupted maintenance and...
Blog

Grammarly Fixes Vulnerability that Exposes Users' Documents

Grammarly has fixed a vulnerability that exposes users' documents created and saved within the platform's Editor interface. Tavis Ormandy, a Google computer security researcher who discovered a memory disclosure bug in CloudFlare’s reverse-proxy systems in February 2017, wrote up a security advisory about the Grammarly flaw on 2 February. In it, the...
Blog

Best Practices in Healthcare Information Security

Some of the most common phrases that come out of information security professional mouths include: “Well, that did not work” and “The project fell apart, and I don't know what I could have done better.” The pain of not knowing what security best practices your team can/should implement can cost the company time and money. It could also end up...
Blog

3 Simple Steps to Securing Your ICS Systems against Digital Threats

We live in a world where connectivity is key. It’s brought conveniences to our personal lives, and organizations are adopting it into the industrial world to boost productivity. Industrial control systems (ICS), which manage utilities like water, gas, and electricity, are one such example of this ongoing trend. Organizations are putting ICS systems...
Blog

Scammers Impersonating the FBI's IC3 to Distribute Malware, Steal PII

Scammers are impersonating the FBI's Internet Crime Complaint Center (IC3) in order to infect users with malware and/or steal their personally identifiable information (PII). On 1 February, the real IC3 issued a public service announcement warning users of three scams that are impersonating the multi-agency task force. Here's the FBI on the first...
Blog

Tripwire Patch Priority Index for January 2018

BULLETIN CVE Browser - Edge CVE-2018-0803,CVE-2018-0766 Scripting Engine CVE-2018-0780,CVE-2018-0800,CVE-2018-0767,CVE-2018-0781,CVE-2018-0769,CVE-2018-0768,CVE-2018-0778,CVE-2018-0777,CVE-2018-0758,CVE-2018-0773,CVE-2018-0770,CVE-2018-0776,CVE-2018-0774,CVE-2018-0775,CVE-2018-0772,CVE-2018...
Blog

Smominru! Half a million PCs hit by cryptomining botnet

Why go to all the bother of writing ransomware that demands victims pay a Bitcoin ransom? If all you want is cryptocurrency, why not use the infected computers to mine the crypto coins themselves? That way you don't have to rely on a human victim buying some Bitcoin, and nervously making their way onto the dark web to make their ransom payment....
Blog

Survey: How Well Will Organizations Respond To The Next Data Breach?

The European Union's General Data Protection Regulation (GDPR) goes into effect this May, and lawmakers in the U.S. are proposing stricter data breach legislation. With the pressure on to better protect data and improve notification procedures in the event of a data breach, Tripwire surveyed 406 cybersecurity professionals to see how prepared...
Blog

Is Your Financial Data Protected?

Security breaches are becoming more common. They occur most often in the United States (followed by the UK), exposing businesses and their customers to significant risks. Most recently, in December 2017, Kromtech uncovered a breach at Ai.Type with 577GB of data stolen. It's possible the incident exposed the information of 31 million customers. And...
Blog

Man Arrested for Allegedly Hacking Car-Sharing Company Database

Australian law enforcement officers have arrested a man for allegedly hacking the company database of a car-sharing service. On 30 January, investigators of Strike Force Artsy, a division of the State Crime Command’s Cybercrime Squad, executed a search warrant at a home in Penrose. Officers arrested a 37-year-old man and charged him with two counts...
Blog

The Cyber Law of War

A recent article in the New York Times postulated America may choose to respond to a devastating cyberattack with a nuclear response. In November of 2017, a widely viewed social media video entitled Slaughterbots suggested “swarms of AI-controlled drones [could] carry out strikes on thousands of unprepared victims with targeted precision.” Both of...
Blog

Cisco Fixes 10.0 CVSS-Scored RCE Bug Affecting Its ASA Software

Cisco has patched a remote code execution (RCE) vulnerability bearing a "perfect" CVSS score of 10.0 that affects its Adaptive Security Appliance (ASA) software. On 29 January, the American multinational technology conglomerate publicly recognized the security issue (CVE-2018-0101) and revealed that it affects the ASA software found in the following...
Blog

Study: Alarming Number of Fortune 500 Credentials Found in Data Leaks

Data breaches are common in the news lately, but a recent study by credential monitoring firm VeriClouds focuses specifically on the credentials of Fortune 500 employees found in account leaks posted online. Using a corpus of 8 billion stolen credentials gathered over three years, the total number of employees of each Fortune 500 company was...
Blog

Locations of Military Bases Inadvertently Exposed by Fitness Tracker Users

Users of a fitness tracking app have inadvertently exposed the locations of military bases by publicly sharing their jogging/cycling routes. Many service people who use Strava, an app which allows them to record their exercise activity using GPS plotting, are sharing their data publicly. Their movements have ended up in Strava Labs' Global Heatmap...