Blog

Blog

2021 Cybersecurity: Mitigating Mobile Security Risks for CISOs

Cybersecurity has always been a significant challenge for businesses, mostly due to the increasing financial and reputational cost of data breaches. As a result, there has been a consistent rise in tactics and technologies used to combat these threats. These methods fulfill the need for better, smarter ways to augment enterprise-level security and...
Blog

IT Network Attacks Can Impact Your OT Networks, Too

On May 8th, I was at a gas station filling up my car before a trip I was taking when the news about a cyberattack against a large pipeline company broke. The attack led them to halt all operations. Ultimately, the incident stemmed from a ransomware infection in which a well-known threat actor took volumes of corporate data in just two hours and made...
Blog

Ghosts in the Machine – OT and IT Convergence

There is a saying in cybersecurity that “Data is the new oil.” If that is true, then that oil is powering not only the economy but also industry. The term ‘Industry 4.0’ refers to the fourth industrial revolution where traditional manufacturing and industrial processes are increasingly using IT and data to the point that we’re now seeing the...
Blog

Mind the GAAP: A Lens for Understanding the Importance of the CIS Controls

Given that attacks are only increasing and there needs to be greater efficacy in how companies protect themselves, let us reference how the financial industry has created and relies on a body of standards to address issues in financial accounting as a defined comparison for Information Security. To support this argument, there is a defined contrast...
Blog

VERT Threat Alert: May 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s May 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-943 on Wednesday, May 12th. In-The-Wild & Disclosed CVEs CVE-2021-31204 Up first in the list this month, we have a vulnerability that impacts .NET and Visual Studio and could allow a...
Blog

Learn Ghidra from Your Home at Black Hat USA 2021

I am very excited to share that I will be offering my Ghidra training course at Black Hat USA 2021. As an online event, this is the perfect opportunity for Black Hat caliber training without hotel and airfare costs. Registration for "A Beginner’s Guide to Reversing with Ghidra "on July 31 and August 1 2021 is now available via the Black Hat web site...
Blog

NAME:WRECK DNS Bugs: What You Need to Know

For most internet users, there's not much of a perceivable difference between the domain name they want to visit and the server that the domain queries. That's because the Domain Name System (DNS) protocol does a good job of seamlessly routing users to different IP addresses that are all associated with a single domain name. The bad news is that...
Blog

Cybersecurity and Compliance for Healthcare Organizations

Amidst the pandemic overwhelming the capacity of many hospital systems, malicious hackers have been quick to target healthcare providers and medical agencies. These cyber-attacks have hit both the United States and Europe in recent months, serving as a reminder for organizations to closely review their information security posture during these times...
Blog

Tripwire Patch Priority Index for April 2021

Tripwire's April 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Google Chrome and Microsoft.First on the patch priority list this month are patches for insufficient input validation vulnerabilities in Google Chrome (Chromium). Exploits for these vulnerabilities have been recently added to the Metasploit Exploit...
Blog

The Death Star’s Demise: Can You Trust Your IoT Vendors?

It was 1977, and soon-to-be-fans were greeted with a masterful score and scrolling text. Darth Vader and Princess Leia share the screen in those opening moments, and the Star Wars universe was created. Nearly 30 years later, a new film would introduce us to the events immediately preceding the “scene that launched a franchise,” but how did things...
Blog

Creating Cloud Security Policies that Work

Now that the ongoing worldwide trend toward “going digital” has been accelerated by COVID-19, taking extra precautions to protect your organization’s data, communications and information assets is more important than ever. Of course, there are many traditional and emerging ways to protect and secure your business: Employing cybersecurity...
Blog

The Winds of Change – What SolarWinds Teaches Us

In December 2020, the world discovered that the SolarWinds' Orion Platform had been compromised by cybercriminals, potentially affecting thousands of businesses the world over. Security groups such as the National Cyber Security Centre (NCSC) provided advice and guidance to security teams and IT companies on what actions they should take to minimize...
Blog

REvil ransomware - what you need to know

What is REvil? REvil is an ambitious criminal ransomware-as-a-service (RAAS) enterprise that first came to prominence in April 2019, following the demise of another ransomware gang GandCrab. The REvil group is also known sometimes by other names such as Sodin and Sodinokibi. There’s been plenty of ransomware before. What makes REvil so special? ...
Blog

A Full Rainbow of Protection: Tripwire Is More than ‘Just FIM’

Imagine an arc. Not just any arc. A rainbow. When we think of a rainbow, it conjures impressions of color, inspiration and even supernatural characteristics. Does your cybersecurity program long for a magical pot of gold at the end of a rainbow? With all the moving parts of cybersecurity, sometimes it seems like we are merely chasing rainbows. ...
Blog

6 Cybersecurity Tips for Working from Home

Here at Tripwire, we, like many others, recently surpassed the one-year anniversary of working from home due to the COVID-19 pandemic. Since March of 2020, we have converted kitchens, spare bedrooms and garages into office spaces. Our pets and children have become our coworkers, and companies are reporting a sudden increase in shirt sales as opposed...
Blog

VERT Threat Alert: April 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s April 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-939 on Wednesday, April 14th. In-The-Wild & Disclosed CVEs CVE-2021-28310 Borin Larin of Kaspersky Lab discovered this vulnerability being actively used for exploitation and suspects that it...
Blog

Tripwire Patch Priority Index for March 2021

Tripwire's March 2021 Patch Priority Index (PPI) brings together important vulnerabilities from SaltStack, VWware, BIG-IP and Microsoft.First on the patch priority list this month are patches for vulnerabilities in Microsoft Exchange (CVE-2021-27065, CVE-2021-26855), SaltStack (CVE-2021-25282, CVE-2021-25281), BIG-IP (CVE-2021-22986) and VMware...