Blog

Blog

Creating Cloud Security Policies that Work

Now that the ongoing worldwide trend toward “going digital” has been accelerated by COVID-19, taking extra precautions to protect your organization’s data, communications and information assets is more important than ever. Of course, there are many traditional and emerging ways to protect and secure your business: Employing cybersecurity...
Blog

The Winds of Change – What SolarWinds Teaches Us

In December 2020, the world discovered that the SolarWinds' Orion Platform had been compromised by cybercriminals, potentially affecting thousands of businesses the world over. Security groups such as the National Cyber Security Centre (NCSC) provided advice and guidance to security teams and IT companies on what actions they should take to minimize...
Blog

REvil ransomware - what you need to know

What is REvil? REvil is an ambitious criminal ransomware-as-a-service (RAAS) enterprise that first came to prominence in April 2019, following the demise of another ransomware gang GandCrab. The REvil group is also known sometimes by other names such as Sodin and Sodinokibi. There’s been plenty of ransomware before. What makes REvil so special? ...
Blog

A Full Rainbow of Protection: Tripwire Is More than ‘Just FIM’

Imagine an arc. Not just any arc. A rainbow. When we think of a rainbow, it conjures impressions of color, inspiration and even supernatural characteristics. Does your cybersecurity program long for a magical pot of gold at the end of a rainbow? With all the moving parts of cybersecurity, sometimes it seems like we are merely chasing rainbows. ...
Blog

6 Cybersecurity Tips for Working from Home

Here at Tripwire, we, like many others, recently surpassed the one-year anniversary of working from home due to the COVID-19 pandemic. Since March of 2020, we have converted kitchens, spare bedrooms and garages into office spaces. Our pets and children have become our coworkers, and companies are reporting a sudden increase in shirt sales as opposed...
Blog

VERT Threat Alert: April 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s April 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-939 on Wednesday, April 14th. In-The-Wild & Disclosed CVEs CVE-2021-28310 Borin Larin of Kaspersky Lab discovered this vulnerability being actively used for exploitation and suspects that it...
Blog

Tripwire Patch Priority Index for March 2021

Tripwire's March 2021 Patch Priority Index (PPI) brings together important vulnerabilities from SaltStack, VWware, BIG-IP and Microsoft.First on the patch priority list this month are patches for vulnerabilities in Microsoft Exchange (CVE-2021-27065, CVE-2021-26855), SaltStack (CVE-2021-25282, CVE-2021-25281), BIG-IP (CVE-2021-22986) and VMware...
Blog

How Tripwire Can Help U.S. Federal Agencies Implement the CIS Controls

Digital attackers are increasingly launching sophisticated campaigns in an effort to target U.S. federal agencies and other organizations. Two recent examples demonstrate this reality. These are the SolarWinds supply chain attack and the HAFNIUM Exchange exploit campaign. The SolarWinds Supply Chain Attack In mid-December 2020, the security...
Blog

Digging Into the Third Zero-Day Chrome Flaw of 2021

Hidden deep in Google’s release notes for the new version of Chrome that shipped on March 1 is a fix for an “object lifecycle issue.” Or, for the less technically inclined, a major bug. Bugs like these have been common in Chrome, leading some to wonder whether the world’s most popular web browser is as safe as it could be? Google created Chrome as...
Blog

3 Best Practices for Building Secure Container Images

Organizations are increasingly turning to containers to fuel their digital transformations. According to BMC, a 2019 survey found that more than 87% of respondents were running containers—up from 55% just two years earlier. Additionally, 90% of survey participants that were running applications in containers were doing so in production. That was up...
Blog

Industrial IoT Needs to Catch Up to Consumer IoT

When it comes to cybersecurity, industrial IT—consisting mainly of operational technology (OT) and industrial control systems (ICS)—has failed to keep up with development in the enterprise IT world. That’s mostly because industries’ adoption of internet technology has been slower when compared with enterprises.It would take some time to close the gap,...
Blog

Federal agencies given five days to find hacked Exchange servers

CISA, the US Department of Homeland Security's Cybersecurity and Infrastructure Security Agency, has told federal agencies that they have until 12:00pm EDT on Monday April 5 to scan their networks for evidence of intrusion by malicious actors, and report back the results. CISA is ordering agencies with on-premises Microsoft Exchange servers to...
Blog

Survey: 99% of Security Pros Struggling to Secure Their IoT & IIoT Devices

Organizations are increasingly introducing new Internet of Things (IoT) devices into their environments. According to Statista, the aggregate number of IoT devices deployed by organizations globally increased from 7.74 billion in 2019 to around 8.74 billion a year later. The market and consumer data firm reported that the next few years will see...
Blog

Ransomware on the Rise: How to Keep You & Your Company Safe

Due in large part to COVID-19 and the increased prevalence of remote work, ransomware attacks dominated 2020, and experts predict there will be at least twice as many cases of data theft in the new year.The U.S. Cybersecurity & Infrastructure Security Agency defines ransomware as “a type of malicious software, or malware, designed to deny access to a...
Blog

How Can the Trucking Industry Secure Their Telematics?

The trucking sector is essential to countless other industries. Without reliable transportation, supply chains would crumble, and companies and consumers would face shortages. With so much riding on it, it’s no wonder why the industry has fully embraced technology like telematics in recent years.Telematics refers to the suite of technologies fleets...
Blog

To Patch or Not to Patch in OT – That Is the Real Challenge

The objective of an organization when implementing cybersecurity controls is to eliminate risk, but this oftentimes involves settling for managing risk at an acceptable level. Each organization defines what that acceptable level is depending on several factors including the environment, the criticality of function, the asset type, etc.There are many...
Blog

Reverse Engineering: A Security Researcher's Toolkit

Craig Young, Principal Security Researcher at Tripwire, unpacks the modern security researcher's toolkit to reverse engineer complex designs. https://open.spotify.com/episode/3Je17m2Sc4mNGMcDD8Cc45?si=wrdchOOLTJ-KQOxtyw0Low Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnm Stitcher:...
Blog

How FIM Is More Than Just About Maintaining Compliance

The purpose of every security team is to provide confidentiality, integrity and availability of the systems in the organization. We call it “CIA Triad” for short. Of those three elements, integrity is a key element for most compliance and regulations.Some organizations have realized this and decided to implement File Integrity Monitoring (FIM). But...
Blog

VERT Threat Alert: March 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s March 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-933 on Wednesday, March 10th. In-The-Wild & Disclosed CVEs CVE-2021-26855 CVE-2021-26857 CVE-2021-26858 CVE-2021-27065 These CVEs are part of the bundle of Exchange vulnerabilities that...
Blog

Compliance – The Invisible Hand of Cybersecurity

Have you ever worked with a company that operates as “close to broken” as reasonably possible? Companies that follow that mindset usually do not have the most robust security practice, and they certainly will walk very close to the edge of compliance. Even if you don’t work in such a dysfunctional enterprise as described above, many companies still...