Last week, I had the opportunity to travel to Tokyo, Japan to visit the Tripwire Japan office. I also had time to tour the city a bit with my colleague Lane Thames and his wife Linda. While the flights were long, the experience was absolutely worth it. The subway system, while pretty crazy to look at via map, was easy to navigate with the help of...

Android users are being reminded to only install apps from the official Google Play store or trusted third parties, after new research has revealed an alarming number of devices continue to be infected by a notorious family of malware. Security researchers at Cheetah Mobile Security claim that it is responsible for most of the Android infections...

It's no secret that some computer crime can generate a lot of money. For example, the author of Cerber ransomware relies on an affiliate system to distribute their creation. The malware developer collects only a fraction of the ransom payments, the average value of which usually amounts to around one Bitcoin. But even with just 0.3 percent of...

Today’s VERT Alert addresses 10 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-693 on Wednesday, October 12th. EASE OF USE (PUBLISHED EXPLOITS) TO RISK TABLE Automated Exploit Easy ...

SSL is a primary layer of defense on the Internet that makes it possible to have authenticated private conversations even over an untrusted network. Implementing a robust and secure SSL stack, however, is not trivial. Mistakes can lead to large attack surfaces, such as what we witnessed with OpenSSL when “Heartbleed” was discovered. In the wake of ...

One of my tasks here at Tripwire is to capture, understand and track security issues in our software products. Generally, I think of this as a kind of "technical debt" called "security debt." Like any kind of debt, the first step to managing and reducing it is identifying it. In my mind, this is something that is essential for a company producing...

As most of you already know, October is National Cyber Security Awareness Month (NCSAM). The aim of NCSAM is to raise awareness across the international community about cyber threats, discuss best practices, and educate the public and private sector on how to stay safe online. Cyber Security is promoted extensively during this month, and many events...

TorrentLocker, a ransomware family member, is a type of file-encrypting ransomware that significantly infected Windows operating systems. It was first observed in February 2014 and released in late August 2014. Later, it released with five new major releases. TorrentLocker encrypts the victim's data files by using a symmetric block cipher AES and...

In acknowledgment of National Cyber Security Awareness Month (NCSAM) 2016, we at The State of Security weighed in on how organizations can leverage the right people, processes and technology to defend themselves against common IT security threats. We covered a variety of risks, including POS malware, browser vulnerabilities and stolen IT assets....

Since 2003, the Department of Homeland Security (DHS) has designated October as National Cyber Security Awareness Month (NCSAM). Each week of NCSAM carries its own theme that is meant to help users stay safe online. To help promote those topics, the DHS partners with public and private entities. Together, they create resources, hold special events...

A company is offering to pay 1.5 million USD to anyone who submits a remote jailbreak for Apple's iOS 10. On Tuesday, the exploit broker Zerodium made the announcement on Twitter: https://twitter.com/Zerodium/status/781516292901789696 Zerodium is well known for offering bug bounty rewards whose value dwarfs those offered by Apple, Google, and other...

In my last blog post, I discussed the five levels of preparedness for cybercrime and remarked on the sad fact that the majority of enterprises are at the reactive or compliant levels. I also discussed that reacting to cybercrime is driven by attempting to deliver security, which is predominantly built upon an over-reliance on prevention capabilities...

In a previous blog post, ICS: Next Frontier For Cyber Attacks blog, I spoke about the cybersecurity posture of industrial control systems (ICS) and the enormous implications for such attacks. For industrial organizations, it means downtime and lost business. For individuals, it means potential safety issues and lost services. For society, it means...

Microsoft has announced the release of Project Springfield, a fuzzing tool which helps customers find security bugs in software before the hackers do. According to the Redmond-based company, the service is designed to help developers find security vulnerabilities proactively. As a result, they don't need to undertake the costly effort of releasing a...

Cybersecurity has become a board level discussion, and worries about cybersecurity breaches are part of what keeps C-suite execs and BOD members up at night. So much so that many organizations have started to adopt the mentality that they’ve likely been breached already and they just don’t know it yet. It’s what’s known as the “assume breach”...

On April 7, 2014, the world first learned about the Heartbleed vulnerability. A small flaw in OpenSSL's implementation of the TLS/DTLS (transport layer security protocols) heartbeat extension (RFC6520), Heartbleed enables an attacker to unravel the encryption measures in systems protected by vulnerable OpenSSL software, which some at the time...

On June 7, 2016, the Angler exploit kit all of a sudden disappeared. It's unclear exactly what led to Angler's demise, but all reports indicate the exploit kit shut down after Russian authorities arrested 50 members of a hacker group that developed Lurk malware along with Angler. So, what did the exploit kit world do in response? It did what it always...

In 2015, Tripwire partnered with FIRST Robotics to bring on summer interns from local high schools. Our goal was to teach the students about various aspects of information security on both the offensive and defensive side. The goals I set out for our interns in 2015 were a bit lofty, to say the least. I had planned on teaching them about the various...

Looking at the cyberthreat landscape, millions of new devices come online every day. But there’s a shortage of qualified cybersecurity workers to protect those devices once they come online. Additionally, in almost every case, it takes minutes or less to compromise them. Simply running more vulnerability scans to collect more data and generating more...

It’s hard to believe that in such a relatively short period of time, smartphones and other mobile devices, such as tablets, have become so tightly woven into both our personal and work lives. And unlike desktop or laptop computers that are usually company-owned, personally-owned mobile devices are often filled with company related apps, data, email...