If you are like most infosec professionals, each day brings new and interesting challenges. However, like most jobs, there are valleys that we fall into along the course of our professional development. How long can you stare at your SIEM tool before you start to experience some mild tunnel vision, or worse, severe burnout? Neither of these are...

The Fortnite team announced it will reward users who enable two-factor authentication (2FA) on their accounts with a free emote. On 23 August, the makers of the popular online video game revealed an incentive to help users boost their account security: in exchange for enabling 2FA on their accounts, gamers would receive the Boogiedown emote for free...

Thanks to the advent of technology, the number of mobile phone users are increasing day by day. You'll be shocked to hear that by 2019, this number will cross the 5 billion mark! While mobile phones may have made our life easier, they have also opened up domains for many cybercriminals who are adapting and using new methods to profit from this...

It's not great when any organisation loses a laptop, but if the contents of the computer's hard drive have been fully encrypted and a strong password has been used it's hardly the end of the world. After all, the chances of a criminal being able to access any sensitive information on the mislaid or stolen device is remote - and the cost should be...

The Healthcare industry by its very nature is populated with some amazing people who are devoted to those in need of physical and mental care. Given this noble cause, it was perfectly understandable for them to ask “Why would someone attack us?” when WannaCry hit their sector. In my opinion, the WannaCry compromise was the crescendo of almost a...

A computer criminal claims to have stolen the personal data and account information of 20,000 British pharmacy chain customers. On 21 August, certain customers of UK health and beauty retailer Superdrug received an email warning them about the "possible disclosure of [their] personal data." It wasn't long before that notice began making the rounds...

Earlier this year, the City of Atlanta suffered a ransomware attack on the city’s computer systems. The attack affected more than one-third of Atlanta's 424 essential programs, close to 30 percent of which were “mission critical” functions. While most of the visible damage has been remedied, the effects of the attack will be felt for a long time....

The systems in your environment are extremely important assets. Storing intellectual property, customer information, financial information, business automation, etc. If any of these systems are breached or become unavailable, there is a business and financial impact. You’ve installed Tripwire Enterprise agents on these systems to ensure that you...

Microsoft seized six fake domains that mimic the websites of prominent political organizations located in the United States. On 20 August, the Redmond-based tech giant revealed that its Digital Crimes Unit (DCU) had successfully executed a court order to take control of six fake domains created by Fancy Bear. Also known as "Strontium" and "APT28,"...

March 15, 2018, was a momentous day for U.S. homeland security officials. On that date, the Department of Homeland Security (DHS) and the Federal Bureau of Investigations (FBI) for the first time ever attributed digital attacks on American energy infrastructure to actors associated with the Russian government. Their joint technical alert (TA)...

If you have followed our work for any amount of time, you will note that we are fans of certain information security technologies such as encryption, AI and machine learning as well as blockchain. But you will also note we are very specific, cautious and surgical about their use. Encryption is a must-have but does little for you if your underlying...

I’ve written about ITIL and Tripwire Enterprise, offering a secure approach to managing your Change Management processes, but ITIL’s guidelines offer more than just recommendations around ensuring changes happen as expected. Problem management is another key area where Tripwire Enterprise can help you on your ITIL journey. ITIL sensibly focuses on...

Hackers planted malware on an automated teller machine (ATM) server belonging to an Indian bank as part of a criminal scheme which saw the theft of nearly 944 million rupees (US $13.5 million) in a co-ordinated attack across 28 countries last weekend. India's Cosmos Bank, based in the western city of Pune, suffered an attack which saw hackers use...

Sextortion scammers are now using potential targets' redacted phone numbers in an attempt to trick them into submitting payment. Perhaps after having obtained a list that ties people's phone numbers and email addresses together, scammers are sending out sextortion emails that use redacted phone numbers to lure in victims. Here's an example, as...

What is Caller ID? Caller identification (Caller ID) is a service that allows the receiver of a phone call to determine the identity of the caller. Caller ID is initially sent over at the start of the phone call and identifies the incoming caller before the receiver answers the phone. Caller ID is not associated with the actual phone number but is...

A man received a prison sentence for his part in helping to "cash out" ransom payments made by victims of a specific ransomware family. On 13 August, the U.S. Department of Justice (DOJ) announced the sentencing of Raymond Odigie Uadiale, 41, of Maple Valley, Washington to 18 months in jail and three...

The last book campaign was on “The Phoenix Project,” which is an easy-to-read story about a fictional company’s transformation into the world of DevOps. “Accelerate” is nothing like that, and if you’re a sucker for raw data like I am, then you may enjoy it more. “Accelerate” details the results of a multi-year study analyzing company’s software...

Without a doubt, log management should be part of the core of any IT security platform of a government agency. It has a role in not only security but also in operations and compliance requirements. Logging can provide situational awareness of things happening within an environment by keeping track of events recorded in the logs of the different...

Today’s VERT Alert addresses Microsoft’s August 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-792 on Wednesday, August 15th. In-The-Wild & Disclosed CVEs CVE-2018-8373 A vulnerability exists within the scripting engine in Internet Explorer. An attacker exploiting this vulnerability...

The U.S. Department of Defense (DoD) and HackerOne together announced the creation of a new bug bounty program called "Hack the Marine Corps." On 12 August, DoD kicked off its new vulnerability disclosure initiative at DEF CON 26 in Las Vegas, Nevada with a live hacking session. For the launch event,...