All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of February 21, 2022. I’ve also included some comments on these stories. 18 High-Severity Vulnerabilities Patched by Intel ...

Global supply chains are bearing the brunt of ransomware attacks, according to a new report that finds manufacturing was the most targeted industry during 2021. Knocking financial services and insurance off the top of the heap after a long reign, the manufacturing industry was found by IBM to be the most attacked sector - accounting for 23% of...

Tripwire's February 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.First on the patch priority list this month is a vulnerability for Microsoft Windows LSA (CVE-2021-36942). This vulnerability has been added to Metasploit Exploit Framework and any vulnerable systems should be patched as soon as possible.Up next...

Part of operating an effective security program is the ability to never rest upon any previous success. When guarding against an adversary, yesterday’s success is quickly eclipsed by the dynamic shift in the attacker’s tactics. Just as a doctor “rules out” a particular diagnosis, an effective attacker first searches for well-known vulnerabilities...

Organizations are under constant threat of cybercrime. While there are many available attack vectors, email is the most obvious path towards a full network compromise. The notion that email security should be prioritized is emphasized during this time where more and more businesses are still working in a remote or hybrid dynamic environment. ...

The Federal Bureau of Investigation (FBI), Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) have joined forces to publish a joint warning that Russian hackers have targeted defence contractors to steal sensitive data. According to an advisory issued by the US authorities,...

A surge in "sophisticated, high impact" ransomware attacks has prompted the United States's Cybersecurity and Infrastructure Security Agency (CISA), the UK's National Cyber Security Centre (NCSC), and the Australian Cyber Security Center to issue a joint advisory about the techniques being used by cybercriminals to attack businesses and...

The number of missing security patches in an OT system is typically very large—measured in the thousands, at least. It would be difficult and expensive for an asset owner to evaluate each missing security patch / cyber asset pair. This may be one reason we see a patch everything approach, but this is also difficult and expensive. In fact, assessments...

Today’s VERT Alert addresses Microsoft’s February 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-985 on Wednesday, February 9th. In-The-Wild & Disclosed CVEs CVE-2022-21989 This month, only a single vulnerability, CVE-2022-21989 has been publicly disclosed and Microsoft is not...

What is this BlackCat thing I've heard about? BlackCat (also known as ALPHV) is a relatively new ransomware-as-a-service (RaaS) operation, which has been aggressively recruiting affiliates from other ransomware groups and targeting organisations worldwide. What makes BlackCat different from other ransomware-as-a-service providers? Like other...

As the competitive online gaming and eSports industries gain legitimacy by becoming more popular and attracting mainstream attention, the question of competitive integrity lingers in the back of my mind. Can the game's developers, community, and users maintain and uphold competitive integrity? Or will they fold under the pressure of greed and...

Tripwire's January 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Apache, Open Source Policy Kit, Adobe, and Microsoft.First on the patch priority list this month are patches for Apache Log4j2 vulnerabilities, most importantly for the Log4j2 "LogShell" remote code execution vulnerability (CVE-2021-44228). This...

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of January 24, 2022. We’ve also included the comments from a few folks here at Tripwire VERT. SonicWall Discloses Cause of...

Industrial control systems (ICS) are specific kinds of assets and associated instrumentation that help to oversee industrial processes. According to the National Institute of Standards and Technology, there are three common types of ICS. These are supervisory control and data acquisition (SCADA) systems, which help organizations to control dispersed...

Kubernetes is the popular container orchestration platform developed by Google to manage large-scale containerized applications. Kubernetes manages microservices applications over a distributed cluster of nodes. It is very resilient and supports scaling, rollback, zero downtime, and self-healing containers.The primary aim of Kubernetes is to mask the...

When an unfortunate event occurs, people tend to be curious about who was responsible for the event. It can be interesting and helpful to know who your enemy is and what their motives might be. But in cybersecurity, the primary focus is ultimately on preventative and detective measures to avoid similar issues. Let’s use a recent example to illustrate...

As we begin a new year, many organizations will enter a “goal-setting and strategic planning” season. During this time, individuals are re-energized and motivated to record new accomplishments for their professional development. Traditional corporate goal setting aligns with fiscal calendars and forces companies and individuals to build goals in...

The supply chain is under a historic amount of pressure, but the strain on its cybersecurity and risk management may be in even worse condition. As 2021 draws to a close, the global supply chain is in a state comparable to rush-hour traffic in bad weather. Everything seems to be backed up whether due to supply and demand issues, wait times at...

As we enter 2022, it’s important that organizations invest in cybersecurity for their operational technology (OT) systems. Why? One of the reasons is that Industry 4.0 can sometimes introduce more risk for OT. This is evident in several Industry 4.0 market trends. For example, there’s digital twin infrastructure. That’s where you make a digital...

Today’s VERT Alert addresses Microsoft’s January 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-981 on Wednesday, January 12th. In-The-Wild & Disclosed CVEs CVE-2022-21919 This vulnerability was a bypass to CVE-2021-34484, released by the same researcher, Abdelhamid Naceri. The...