The Federal Bureau of Investigation (FBI), Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) have joined forces to publish a joint warning that Russian hackers have targeted defence contractors to steal sensitive data. According to an advisory issued by the US authorities,...

A surge in "sophisticated, high impact" ransomware attacks has prompted the United States's Cybersecurity and Infrastructure Security Agency (CISA), the UK's National Cyber Security Centre (NCSC), and the Australian Cyber Security Center to issue a joint advisory about the techniques being used by cybercriminals to attack businesses and...

The number of missing security patches in an OT system is typically very large—measured in the thousands, at least. It would be difficult and expensive for an asset owner to evaluate each missing security patch / cyber asset pair. This may be one reason we see a patch everything approach, but this is also difficult and expensive. In fact, assessments...

Today’s VERT Alert addresses Microsoft’s February 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-985 on Wednesday, February 9th. In-The-Wild & Disclosed CVEs CVE-2022-21989 This month, only a single vulnerability, CVE-2022-21989 has been publicly disclosed and Microsoft is not...

What is this BlackCat thing I've heard about? BlackCat (also known as ALPHV) is a relatively new ransomware-as-a-service (RaaS) operation, which has been aggressively recruiting affiliates from other ransomware groups and targeting organisations worldwide. What makes BlackCat different from other ransomware-as-a-service providers? Like other...

As the competitive online gaming and eSports industries gain legitimacy by becoming more popular and attracting mainstream attention, the question of competitive integrity lingers in the back of my mind. Can the game's developers, community, and users maintain and uphold competitive integrity? Or will they fold under the pressure of greed and...

Tripwire's January 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Apache, Open Source Policy Kit, Adobe, and Microsoft.First on the patch priority list this month are patches for Apache Log4j2 vulnerabilities, most importantly for the Log4j2 "LogShell" remote code execution vulnerability (CVE-2021-44228). This...

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of January 24, 2022. We’ve also included the comments from a few folks here at Tripwire VERT. SonicWall Discloses Cause of...

Industrial control systems (ICS) are specific kinds of assets and associated instrumentation that help to oversee industrial processes. According to the National Institute of Standards and Technology, there are three common types of ICS. These are supervisory control and data acquisition (SCADA) systems, which help organizations to control dispersed...

Kubernetes is the popular container orchestration platform developed by Google to manage large-scale containerized applications. Kubernetes manages microservices applications over a distributed cluster of nodes. It is very resilient and supports scaling, rollback, zero downtime, and self-healing containers.The primary aim of Kubernetes is to mask the...

When an unfortunate event occurs, people tend to be curious about who was responsible for the event. It can be interesting and helpful to know who your enemy is and what their motives might be. But in cybersecurity, the primary focus is ultimately on preventative and detective measures to avoid similar issues. Let’s use a recent example to illustrate...

As we begin a new year, many organizations will enter a “goal-setting and strategic planning” season. During this time, individuals are re-energized and motivated to record new accomplishments for their professional development. Traditional corporate goal setting aligns with fiscal calendars and forces companies and individuals to build goals in...

The supply chain is under a historic amount of pressure, but the strain on its cybersecurity and risk management may be in even worse condition. As 2021 draws to a close, the global supply chain is in a state comparable to rush-hour traffic in bad weather. Everything seems to be backed up whether due to supply and demand issues, wait times at...

As we enter 2022, it’s important that organizations invest in cybersecurity for their operational technology (OT) systems. Why? One of the reasons is that Industry 4.0 can sometimes introduce more risk for OT. This is evident in several Industry 4.0 market trends. For example, there’s digital twin infrastructure. That’s where you make a digital...

Today’s VERT Alert addresses Microsoft’s January 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-981 on Wednesday, January 12th. In-The-Wild & Disclosed CVEs CVE-2022-21919 This vulnerability was a bypass to CVE-2021-34484, released by the same researcher, Abdelhamid Naceri. The...

Tripwire's December 2021 Patch Priority Index (PPI) brings together important vulnerabilities for Apache, Ubuntu Linux Kernel, and Microsoft.First on the patch priority list this month are patches for Apache Log4j2 vulnerabilities, most importantly for the Log4j2 "LogShell" remote code execution vulnerability. There are many attack vectors via various...

One of the biggest problems with the IT / OT convergence in critical infrastructure is that much of the legacy hardware cannot simply be patched to an acceptable compliance level. Recently, Sean Tufts, the practice director for Industrial Control Systems (ICS) and Internet of Things (IoT) security at Optiv, offered his perspectives on where the...

Due to urbanization, which involves a complex set of economic, demographic, social, cultural, technological, and environmental processes, governments are developing smart cities to address some of the challenges unique to urban areas. This development occurs through the transmission of data using wireless technology and the cloud. Smart cities are...

The cybersecurity market offers excellent solutions and services to combat the threats that are exploited by cybercriminals. However, are these tools enough to fully protect an organization? It is clear that human error is a strong attack vector for many popular cybercrimes, so the best way to augment any security program is to create a cyber-aware...

Protecting our critical infrastructure against the threat of ransomware remains a top priority for both the private sector and the federal government. In fact, a recent survey from Tripwire found that security professionals in both sectors still identify ransomware as a top security concern. More than half (53%) of respondents in that study said...