Today’s VERT Alert addresses 18 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins and expects to ship ASPL-716 on Wednesday, March 15th. Ease of Use (published exploits) to Risk Table Automated Exploit Easy ...

Digital attackers have many different strategies for infiltrating a target organization. That even goes for companies with robust perimeter defenses. Bad actors simply need to find a soft target they can exploit. Oftentimes, they find what they're looking for along a target's supply chain. We can best understand the supply chain as a network of...

One might think that the security industry is beefing up its message with profanity and far-fetched stories, and you may regard all of it – to an extent – as scare mongering. The latest attack on the smart "HUE Light Bulbs" by Philips puts this views to rest, I hope. Apparently, modern smart light bulbs are equipped with secure communication...

NextGEN Gallery is an extraordinarily popular plugin for self-hosted WordPress websites, having been downloaded over 16.5 million times. The software's widespread popularity (it claims to have been "the industry's standard WordPress gallery plugin" since 2007) makes it an seemingly obvious choice for website owners looking to add image galleries to...

The annual RSA Conference is a lot of things to a lot of people (43,000 this year!). For me, it’s become an annual opportunity to step out of the stream and to look back at what has happened in the last year and peer forward at what’s to come. This year, I think we have reached an inflection point around the way we as a profession treat the “human...

UPDATE 2/24/17, 4:30 PM PST: Researcher Hanno Böck (@hanno) has confirmed that leaked CloudFlare data was not entirely purged from multiple search engine caches ahead of the public disclosure. In April 2014, the security community was shocked with the revelation that a poorly implemented TLS extension in OpenSSL could allow attackers to easily...

What is GDPR, when is it coming, and what steps should you take to comply?If you’ve been following the information security news or Twitter feeds, then you’ve no doubt seen the increase in traffic around the General Data Protection Regulation (GDPR). And there’s a good chance you’ve been ignoring it, as well. It’s time to pay attention, for GDPR is...

With such a lively 2016 ­for infosec – mega-breaches, new malware strains, inventive phishing techniques, and big debates between security and privacy – there’s plenty of reason to pause and consider what the security community should be most concerned about for 2017 and what they can do to prepare. http://www.slideshare.net/Tripwire/tripwire-survey...

2016 saw a lot of different types of scams prey on unsuspecting users. Some achieved greater prevalence than others. One of those was the tech support scam, a ruse where a fraudster calls a victim while impersonating a customer support representative from a well-known technology company. They tell the victim their computer is infected with malware...

New media, it would appear, now outpaces the old. More data is consumed and processed than at any time before in human history. But as we hasten into a world where the immediate is often favoured over the verified, the attention-grabbing over the considered, and the assumed over the researched in terms of how we both receive and disseminate...

Several high-profile attack campaigns targeting Middle Eastern companies have recently come to the attention of the security community. One of the first operations we heard about occurred on November 17, 2016, when Shamoon resurfaced and leveraged Disstrack malware to wipe the computers at an energy organization based in Saudi Arabia. Apparently, ...

During the second week of February, information security professionals will head over to San Francisco to attend RSA, one of The State of Security's top 13 conferences for 2017. The conference is primarily focused on information security-related topics and typically draws over 45,000 attendees per year, making it one of the largest information...

In the United States, there is a basic rule of thumb that at some point after a block of metal undergoes a certain amount of manufacturing, it becomes a rifle. When approximately 80 percent of the manufacturing is complete, the metal is not a weapon; at 81 percent, it is. A weapon is dangerous; it is often regulated, and more often than not, it has...

A Configuration Management Database (CMDB) is a repository that is an authoritative source of information of what assets are on the corporate network. At least, that’s what it’s supposed to be. However, in many of my recent discussions, the more common definition given for CMDB is “a struggle.” Does that sound familiar? If so, keep reading. If not,...

One of the best friends a user can have in today's digital age is a virtual private network (VPN). This tool masks a user's IP address and tunnels their data through a network of servers. In so doing, a VPN helps a user anonymously and more securely browse the web. Unfortunately, not all VPNs fulfill that purpose. A group of researchers from Queen...

The United States takes the number one spot worldwide in data breaches disclosed last year, revealed a new report analyzing breach activity in 2016. Risk Based Security’s annual report released on Wednesday found that the U.S. accounted for nearly half – 47.5 percent – of all incidents, and a whopping 68.2 percent of all exposed records. Close to 2...

A new variant of the SpyNote remote access trojan (RAT) is infecting Android devices by masquerading as a mobile Netflix app. The malware, which is based off the SpyNote RAT builder leaked in 2016, displays the same icon used by the official Netflix app that's found on Google Play. But it's a fake. Clicking on the app causes the icon to disappear...

A recent report released by Shodan found that as of January 22, 2017, nearly 200,000 publicly accessible internet devices were vulnerable to Heartbleed. The detailed report gives some insight into those who continue to be exposed to this vulnerability. It's no surprise that the majority of these systems are HTTPS pages hosted by Apache and running...

My boyfriend works a demanding day job at a major Canadian big box furniture and appliance retailing chain. Knowing that I write about information security for a living, he had an interesting story to tell me: "An LG Smart TV was returned to us by the customer, and it had their credit card credentials in it! Why didn't they do a factory reset first...

There are numerous ways to redirect a user to an exploit kit. Some of these methods are quite sophisticated. Take pseudo-Darkleech, for instance. This attack campaign injects malicious code into WordPress core files. That code creates a malicious iframe that redirects the user to a landing page for an exploit kit. In so doing, the campaign builds...