Blog

Blog

How to Approach Cyber Security for Industrial Control Systems

Today's industrial control systems (ICS) face an array of digital threats. Two in particular stand out. On the one hand, digital attackers are increasingly targeting and succeeding in gaining unauthorized access to industrial organizations. Some actors use malware, while others resort to spear-phishing (or whaling) and other social engineering...
Blog

Women in Information Security: Isly

Women in information security, being a minority, deserve a spotlight. Previously, I've interviewed Tiberius Hefflin, a Scottish security analyst who is currently working in the United States, and Tracy Maleeff, a woman who went from library sciences to infosec, who's now a host of the PVCSec podcast, and who runs her own infosec business. Recent years...
Blog

Shadow Brokers Leaks Dilemma – History of Events Explained

In February of 2015, researchers at Kaspersky Lab disclosed the existence of a sophisticated cyber-attack group that's been in operation since early 2001, and targeted almost every industry and foreign countries with its zero-day malware. Kaspersky called this threat actor the Equation Group because of its love for encryption algorithms and the...
Blog

VERT Threat Alert: November 2016 Patch Tuesday Analysis

Today’s VERT Alert addresses 14 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-698 on Wednesday, November 9th. Ease of Use (published exploits) to Risk Table Automated Exploit ...
Blog

Bizarro Sundown Exploit Kit Distributing Locky Ransomware via ShadowGate

The Bizarro Sundown exploit kit is spreading two versions of Locky ransomware via the still-active ShadowGate malvertising campaign. In October, Trend Micro spotted two versions of Bizarro Sundown, a modification of the earlier Sundown exploit kit which rose to prominence with RIG following Neutrino's demise. The first iteration reared its ugly head...
Blog

Half of Retail IT Pros Don't Know How Long Breach Detection Takes, Finds Survey

In February 2016, Tripwire first unveiled the results of its 2016 Breach Detection Survey. The study polled the comments of 763 security information security personnel about their organizations' efficacy of implementing seven key security controls: PCI DSS, SOX, NERC CIP, MAS TRM, NIST 800-53 and IRS 1075. Those controls are essential to helping an...
Blog

Women in Information Security: Tracy Maleeff

Information security really needs female professionals. There aren't a lot of us, but all the women in infosec I've met so far have been fascinating. In my first interview, I spoke with Tiberius Hefflin, a Security Assurance Analyst. The second woman I spoke to was Tracy Z. Maleeff, who is well known on Twitter as @InfoSecSherpa. Kim Crawley: How...
Blog

Evolving Connectivity: Understanding the Benefits and Risks of IoT

We at The State of Security have explored all the ways people can strengthen their security online in acknowledgement of National Cyber Security Awareness Month (NCSAM) 2016. We kicked off the public awareness campaign by providing tips on how users can protect their passwords, as well as defend against ransomware and other common IT security...
Blog

100,000 Bots Infected with Mirai Malware Behind Dyn DDoS Attack

Dyn has stated that approximately 100,000 bots infected with Mirai malware helped launch a large distributed denial-of-service (DDoS) attack against its domain name system (DNS) infrastructure. Scott Hilton, EVP of product at the internet performance management company, said in a statement on 26 October that the distributed denial-of-service (DDoS)...
Blog

New MAC OS and iOS Changes Might Frustrate VPN Users

It’s been weeks since Apple released its new operating systems, iOS 10 and mac OS Sierra. The new updates brought security patches, features and upgrades. Siri assistant has finally arrived on desktops, and an exciting universal clipboard allows you to select photos from an iPhone device and paste them directly on the desktop. However, with these...
Blog

Women in Information Security: Tiberius Hefflin

Information security is the fastest growing area of IT. It affects more people in more ways than ever before. It affects not only our public records, our utilities, our white-collar work, and our entertainment. Now that we carry small computers in our pockets and in our cars, talk of the Internet of Things (IoT) is also starting to become reality....
Blog

The White House Meets WestWorld: The “Future of Artificial Intelligence” in the United States

Perhaps completely in sync with the tremendous press surrounding the new HBO hit series WestWorld, the Obama White House issued a press release on October 11, 2016, entitled "The Future of Artificial Intelligence" along with a lengthy report “National Artificial Intelligence ('A.I') Research and Development Strategic Plan” (PDF, hereinafter the ...
Blog

VERT Goes to Japan

Last week, I had the opportunity to travel to Tokyo, Japan to visit the Tripwire Japan office. I also had time to tour the city a bit with my colleague Lane Thames and his wife Linda. While the flights were long, the experience was absolutely worth it. The subway system, while pretty crazy to look at via map, was easy to navigate with the help of...
Blog

Ghost Push malware continues to haunt Android users

Android users are being reminded to only install apps from the official Google Play store or trusted third parties, after new research has revealed an alarming number of devices continue to be infected by a notorious family of malware. Security researchers at Cheetah Mobile Security claim that it is responsible for most of the Android infections...
Blog

Computer Crime Never Pays, and These 5 Stories Prove It

It's no secret that some computer crime can generate a lot of money. For example, the author of Cerber ransomware relies on an affiliate system to distribute their creation. The malware developer collects only a fraction of the ransom payments, the average value of which usually amounts to around one Bitcoin. But even with just 0.3 percent of...
Blog

VERT Threat Alert: October 2016 Patch Tuesday Analysis

Today’s VERT Alert addresses 10 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-693 on Wednesday, October 12th. EASE OF USE (PUBLISHED EXPLOITS) TO RISK TABLE Automated Exploit Easy ...
Blog

Flawed MatrixSSL Code Highlights Need for Better IoT Update Practices

SSL is a primary layer of defense on the Internet that makes it possible to have authenticated private conversations even over an untrusted network. Implementing a robust and secure SSL stack, however, is not trivial. Mistakes can lead to large attack surfaces, such as what we witnessed with OpenSSL when “Heartbleed” was discovered. In the wake of ...
Blog

Managing Security Risk Introduced by Third-Party Libraries

One of my tasks here at Tripwire is to capture, understand and track security issues in our software products. Generally, I think of this as a kind of "technical debt" called "security debt." Like any kind of debt, the first step to managing and reducing it is identifying it. In my mind, this is something that is essential for a company producing...
Blog

Towards a Cyber Resilience Strategy

As most of you already know, October is National Cyber Security Awareness Month (NCSAM). The aim of NCSAM is to raise awareness across the international community about cyber threats, discuss best practices, and educate the public and private sector on how to stay safe online. Cyber Security is promoted extensively during this month, and many events...