Now that the ongoing worldwide trend toward “going digital” has been accelerated by COVID-19, taking extra precautions to protect your organization’s data, communications and information assets is more important than ever. Of course, there are many traditional and emerging ways to protect and secure your business: Employing cybersecurity...

In December 2020, the world discovered that the SolarWinds' Orion Platform had been compromised by cybercriminals, potentially affecting thousands of businesses the world over. Security groups such as the National Cyber Security Centre (NCSC) provided advice and guidance to security teams and IT companies on what actions they should take to minimize...

What is REvil? REvil is an ambitious criminal ransomware-as-a-service (RAAS) enterprise that first came to prominence in April 2019, following the demise of another ransomware gang GandCrab. The REvil group is also known sometimes by other names such as Sodin and Sodinokibi. There’s been plenty of ransomware before. What makes REvil so special? ...

Imagine an arc. Not just any arc. A rainbow. When we think of a rainbow, it conjures impressions of color, inspiration and even supernatural characteristics. Does your cybersecurity program long for a magical pot of gold at the end of a rainbow? With all the moving parts of cybersecurity, sometimes it seems like we are merely chasing rainbows. ...

Here at Tripwire, we, like many others, recently surpassed the one-year anniversary of working from home due to the COVID-19 pandemic. Since March of 2020, we have converted kitchens, spare bedrooms and garages into office spaces. Our pets and children have become our coworkers, and companies are reporting a sudden increase in shirt sales as opposed...

Today’s VERT Alert addresses Microsoft’s April 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-939 on Wednesday, April 14th. In-The-Wild & Disclosed CVEs CVE-2021-28310 Borin Larin of Kaspersky Lab discovered this vulnerability being actively used for exploitation and suspects that it...

Tripwire's March 2021 Patch Priority Index (PPI) brings together important vulnerabilities from SaltStack, VWware, BIG-IP and Microsoft.First on the patch priority list this month are patches for vulnerabilities in Microsoft Exchange (CVE-2021-27065, CVE-2021-26855), SaltStack (CVE-2021-25282, CVE-2021-25281), BIG-IP (CVE-2021-22986) and VMware...

Digital attackers are increasingly launching sophisticated campaigns in an effort to target U.S. federal agencies and other organizations. Two recent examples demonstrate this reality. These are the SolarWinds supply chain attack and the HAFNIUM Exchange exploit campaign. The SolarWinds Supply Chain Attack In mid-December 2020, the security...

Hidden deep in Google’s release notes for the new version of Chrome that shipped on March 1 is a fix for an “object lifecycle issue.” Or, for the less technically inclined, a major bug. Bugs like these have been common in Chrome, leading some to wonder whether the world’s most popular web browser is as safe as it could be? Google created Chrome as...

Organizations are increasingly turning to containers to fuel their digital transformations. According to BMC, a 2019 survey found that more than 87% of respondents were running containers—up from 55% just two years earlier. Additionally, 90% of survey participants that were running applications in containers were doing so in production. That was up...

When it comes to cybersecurity, industrial IT—consisting mainly of operational technology (OT) and industrial control systems (ICS)—has failed to keep up with development in the enterprise IT world. That’s mostly because industries’ adoption of internet technology has been slower when compared with enterprises.It would take some time to close the gap,...

CISA, the US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, has told federal agencies that they have until 12:00pm EDT on Monday April 5 to scan their networks for evidence of intrusion by malicious actors, and report back the results. CISA is ordering agencies with on-premises Microsoft Exchange servers to...

Organizations are increasingly introducing new Internet of Things (IoT) devices into their environments. According to Statista, the aggregate number of IoT devices deployed by organizations globally increased from 7.74 billion in 2019 to around 8.74 billion a year later. The market and consumer data firm reported that the next few years will see...

Due in large part to COVID-19 and the increased prevalence of remote work, ransomware attacks dominated 2020, and experts predict there will be at least twice as many cases of data theft in the new year.The U.S. Cybersecurity & Infrastructure Security Agency defines ransomware as “a type of malicious software, or malware, designed to deny access to a...

The trucking sector is essential to countless other industries. Without reliable transportation, supply chains would crumble, and companies and consumers would face shortages. With so much riding on it, it’s no wonder why the industry has fully embraced technology like telematics in recent years.Telematics refers to the suite of technologies fleets...

The objective of an organization when implementing cybersecurity controls is to eliminate risk, but this oftentimes involves settling for managing risk at an acceptable level. Each organization defines what that acceptable level is depending on several factors including the environment, the criticality of function, the asset type, etc.There are many...

Craig Young, Principal Security Researcher at Tripwire, unpacks the modern security researcher's toolkit to reverse engineer complex designs. https://open.spotify.com/episode/3Je17m2Sc4mNGMcDD8Cc45?si=wrdchOOLTJ-KQOxtyw0Low Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnm Stitcher:...

The purpose of every security team is to provide confidentiality, integrity and availability of the systems in the organization. We call it “CIA Triad” for short. Of those three elements, integrity is a key element for most compliance and regulations.Some organizations have realized this and decided to implement File Integrity Monitoring (FIM). But...

Today’s VERT Alert addresses Microsoft’s March 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-933 on Wednesday, March 10th. In-The-Wild & Disclosed CVEs CVE-2021-26855 CVE-2021-26857 CVE-2021-26858 CVE-2021-27065 These CVEs are part of the bundle of Exchange vulnerabilities that...

Have you ever worked with a company that operates as “close to broken” as reasonably possible? Companies that follow that mindset usually do not have the most robust security practice, and they certainly will walk very close to the edge of compliance. Even if you don’t work in such a dysfunctional enterprise as described above, many companies still...