Since the implementation of the General Data Protection Regulation (GDPR) on 25 May 2018, organizations and even private citizens have globally begun to re-assess what it means to ‘take security seriously’ and to better understand the massive difference between security and privacy. What you may not be familiar with is the Network and Information...

A marketing agency told its employees that they were free to seek other employment after suffering a ransomware infection. On January 2nd, the Heritage Company released a statement in which it explained that it had made some progress in its recovery efforts following a ransomware attack. The company...

ML:3 is base camp, and getting here means you have reached a level that others have only dreamed about. At this level, the VM program is very good, and your visibility into threats to the environment is much better than it has ever been. Prioritizing Asset Assessment The biggest change at this level is the focus on the breadth of assessment going...

Standard CIP-003 exists as part of a suite of Critical Infrastructure Protection (CIP) Standards related to cybersecurity that require the initial identification and categorization of BES Cyber Systems and require organizational, operational, and procedural controls to mitigate risk to BES Cyber Systems. The purpose of the standard is to specify...

Foreign exchange company Travelex announced that it had temporarily disabled all of its systems following a malware attack. Twitter user Izzy Fergus first noticed something was wrong when she attempted to visit travelex.co.uk and saw a runtime error message. When she reached out to the company on Twitter, Travelex UK informed her that it was...

Network and information systems (NIS) and the essential functions they support play a vital role in society from ensuring the supply of electricity, water, oil and gas to the provisioning of healthcare and the safety of passenger and freight transport. In addition, computerized systems are performing vital safety-related functions designed to...

Zero Trust is a new concept to many but one I believe will be of increasing importance over the coming years. With this post, I wanted to introduce newcomers to the concept, talk about why it’s an exciting approach to improving security, and explore how you can leverage File Integrity Monitoring (FIM) and Security Configuration Management (SCM)...

Dining, hospitality and entertainment corporation Landry's notified customers of a security incident that might have affected their payment card data. On December 31, Landry's revealed that it first learned of the incident after it detected unauthorized activity on the payment processing systems for...

Digital attackers compromised an email server owned by Special Olympics NY and then abused it to target donors with phishing emails. The attack emails told recipients that an automatic donation transaction of $1,942.49 would register on their accounts within the next two hours. The email then asked recipients to review a PDF statement to confirm...

It’s been another fantastic year on The State of Security blog. With over 350 blogs published from all walks of the security community, we like to think of the blog as more of an industry resource that caters to not only experienced security professionals but also to those who are new to the community. To finish the year off, I wanted to look back...

Wyze implemented a token refresh for all of its users after learning of a security incident that allegedly leaked user data. On December 26, Twelve Security reported that smart home camera provider Wyze had left its production servers open to the web. The security stated that the misconfiguration had...

Honeypots are not a new idea. They have been part of the cybersecurity world for decades and have frequently gone in and out of "fashion" over that period. Recently, though, they have become an increasingly important part of vulnerability management. That's for a couple of reasons. Honeypots offer real-world data on the types of threats that...

Researchers identified more than 100 apps that used a common code package named "Soraka" to perform ad fraud on users' Android devices. The White Ops Threat Intelligence team observed that many of the apps did not have a suspicious reputation at the time of discovery. For instance, the "Best Fortune Explorer" registered no red flags with anti-virus...

TikTok, the popular video posting app, has come under increased scrutiny. Recently, two lawsuits filed against the platform accused TikTok of privacy violations. According to a report from Reuters, a plaintiff accused TikTok of creating an account without her knowledge or consent in one lawsuit filed in California. The lawsuit accused TikTok of...

At some point in the past, I began making new year’s resolutions for doing a bit of personal privacy and security maintenance on New Year’s Day or thereabouts. I would usually have a bit of downtime to finally get around to doing the things I’d been putting off all year. It’s become a fun habit that I wanted to share. Changing Passwords One of my...

A marketing agency announced just days before Christmas that it would be temporarily suspending operations as it works to recover from a ransomware attack. Sandra Franecke, CEO of the Heritage Company, sent a letter to employees that the company would temporarily be suspending its operations. She...

I recently wrote about phishing around the holidays and while I was working on the piece, I noticed a couple of friends posting recent emails on Facebook. I thought it might be fun to dig a bit deeper into those emails and look at the telltale signs that indicate these are phishing attempts. Signs of Phishing - Example #1 ...

This is the third and last blog I will write for State of Security on the topic of the groundbreaking, maverick TV series ‘Mr Robot.’ As this week, the credits rolled one final time on the show's mind bending and utterly bizarre (even by its own standards) conclusion. A lot has changed since the first season aired, both for cybersecurity and the...

A newly discovered PayPal phishing scam attempts to steal much more than just a user's login credentials for the online payments service. Slovakian security firm ESET observed that the scam began by targeting users with an attack email warning them of unusual activity involving their account. The email urged recipients to click on an embedded link...