We are familiar with the problem of ransomware – malicious software that seeks to encrypt user data and demand a ransom in return for the decryption key. There are several defensive measures that help work against crypto-malware. Backups work, in theory, but are not always available or are partial. We need to realize that ransomware does, and will,...

Details of a Virtual Box 0-day privilege escalation bug were disclosed on GitHub earlier this week. This was the work of independent Russian security researcher Sergey Zelenyuk, who revealed the vulnerability without any vendor coordination as a form of protest against the current state of security research and bug bounty programs. From my...

Security researchers are warning that a botnet has been exploiting a five-year-old vulnerability to hijack home routers over the last couple of months. Analysts working at Qihoo 360's Netlab team say that they first identified the new botnet in September 2018. They have dubbed it "BCMUPnP_Hunter" because of its exploitation of a security hole in the...

Tripwire Data Collector has been providing industrial organizations with visibility into their operational technology (OT) environments since its release in mid-2018. Data can be gathered and monitored via multiple avenues – not only native industrial protocols, such as EtherNet/IP CIP and Modbus TCP, but also integrations with management...

Thanks to a new notification service launched by the United States government in 2018, the President now has the power to issue alerts to every citizen with a working cell phone. The technology for this service, known as the Wireless Emergency Alerts (WEA) system, has been around for a number of years and has been implemented for events like Amber...

Tripwire's October 2018 Patch Priority Index (PPI) brings together the top vulnerabilities from libssh, Microsoft and Oracle. First on the patch priority list this month is an authentication bypass vulnerability in libssh. This vulnerability can be exploited remotely, and exploit code has recently been added to Metasploit. Next are patches for...

Federal investigators traced a malware infection at the U.S. Geological Survey (USGS) to an employee's habit of viewing adult content. On 17 October, the Office of Inspector General (OIG) submitted a report in which it revealed its discovery of suspicious internet traffic during an IT security audit of the USGS computer network. The OIG specifically...

A New Jersey man received a court order to pay $8.6 million for launching a series of distributed denial-of-service (DDoS) attacks against Rutgers University. On October 26, the U.S. Attorney's Office for the District of New Jersey announced the sentence handed down by U.S. District Judge Michael...

October is National Cybersecurity Awareness Month, an annual, national observance to raise awareness for online security. This is a relevant topic today, as every day it seems like a new data breach makes headlines. From government organizations to big-name corporations, everyone is a target of cybercrime. Most of us have probably been a victim or...

A dating app geared towards connecting supporters of U.S. President Donald Trump exposed members' personal and account information. On 15 October, security researcher Baptiste Robert (who also goes by the name "Elliot Alderson") discovered security weaknesses in the Donald Daters dating app that exposed several pieces of users' information. https:/...

The healthcare industry is one of the largest industries in the United States and potentially the most vulnerable. The healthcare sector is twice as likely to be the target of a cyberattack as other sectors, resulting in countless breaches and millions of compromised patients per year. Advancements in the techniques and technology of hackers and...

An effective container security strategy consists of many parts. Organizations should first secure the build environment using secure code control along with build tools and controllers. Next, they should secure the contents of their containers using container validation, code analysis and security unit tests. Finally, they should develop a plan to...

In a recent article about U.S federal policy concerning IoT security, Justin Sherman identified several gaps in both cybersecurity and privacy policies. As Sherman has highlighted: The United States federal government, like the rest of the world, is increasingly using IoT devices to improve or enhance its existing processes or to develop new...

Today’s VERT Alert addresses Microsoft’s October 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-800 on Wednesday, October 10th. In-The-Wild & Disclosed CVEs CVE-2018-8453 This vulnerability, a privilege escalation in Win32k’s handling of objects in memory, has been exploited in the...

The Information Commissioner's Office (ICO) issued a fine of £120,000 to Heathrow Airport Limited (HAL) following a data security incident that occurred in 2017. On 8 October, ICO announced the penalty under section 55A of the 1998 Data Protection Act (DPA). Under that piece of legislation, the ICO...

The first article in this series examined configuration hardening, essentially looking at ports, processes and services as the “doors, gates and windows” into a network where security configuration management (SCM) becomes the job of determining which of these gateways should be open, closed, or locked at any given time. Now it’s time to look at...

Inspired by Europe’s General Data Protection Regulation (GDPR), the State of California has set a new precedent with the passage of the California Consumer Privacy Act (CCPA). The major data incidents last year have driven citizens into a frenzy about securing their data, and states have rushed to developing and passing policies and legislation....

The healthcare industry continues to be challenged with securing patient health information. According to the Verizon Protected Health Information Data Breach Report (PHIDBR), 58 percent of all security incidents involved insiders, ransomware accounts for 70 percent of all malicious code, and alarmingly, basic security hygiene is still lacking at...