Blog

Blog

Vulnerability Management Program Best Practices – Part 1

An enterprise vulnerability management program can reach its full potential when it is built on well-established foundational goals that address the information needs of all stakeholders, its output is tied back to the goals of the enterprise, and there is a reduction in the overall risk of the organization. Such vulnerability management technology...
Blog

Blast a Hole in Adobe Flash and Earn $100,000

Fancy earning $100,000? Of course, you do. Well, now there's an opportunity to earn a huge reward if you can demonstrate how Adobe Flash can be exploited. Sounds good right? Well, here's the bad news for the rest of us: it's not Adobe offering the money in the form of a bug bounty. Less than a month ago, Adobe proudly announced a series of security...
Blog

BlackEnergy Malware Caused Ukrainian Power Outage, Confirms Researchers

Researchers have confirmed that a variant of the BlackEnergy malware was behind a power outage that occurred around Christmas Eve last year. Reuters reports that the Western Ukrainian power company Prykarpattyaoblenergo reported on outage on December 23rd that affected an area including the regional capital Ivano-Frankivsk. A subsequent...
Blog

CISO Resolutions for 2016

2015 was an eventful year for cyber security. Major vulnerabilities, including Superfish, "No iOS Zone" and CVE-2015-2502 made waves in the infosec community, as did a variety of criminal collectives – including Lizard Squad, Phantom Squad and DD4BC – that use distributed denial-of-service (DDoS) attack campaigns to get what they want. Let's also...
Blog

Safety - Part of Information Security

In the Internet of Things (IoT) era that we have entered, it is becoming apparent to me that nothing follows a linear progression anymore. The abstract models created by start ups, which can and often do disrupt the industry, promote new ways of engaging in business that are not common sense. To illustrate this, I’ve made a list of examples that...
Blog

Rising Danger From SQL Injection Attacks

Almost every week, we hear about a new data breach in the news that reports about a major company losing millions of usernames, passwords, credit card numbers, banking transactions after falling victims to a cyber attack. As per a recent report released by Imperva on Web Application attacks, SQL Injection (SQLi) saw the biggest rise compared to last...
Blog

12 Steps to Cyber Health

A recent article by The Financial Times argues that boards should be looking to employ younger directors to tackle the cyber security “problem." Meanwhile, the EU has unveiled the proposed Network and Information Security Directive. Think about the psychology here, really… The more we raise the bar and levels of expectations, given the volume of...
Blog

Testing Scan Credentials for More Accurate Vulnerability Assessment

If your doctor walks into the exam room for your annual physical and listens to your heart, takes a quick look at your throat, and then gives a clean bill of health without asking many questions, a quick interaction might make you feel good if you’re not worried about your health. However, if you haven’t been feeling well, or if you are at risk for...
Blog

InterApp Claims It Can Steal Information from Any Phone User

Earlier this fall, a contributor to The State of Security explained that one of the greatest privacy and security challenges confronting our smartphones today are the apps we choose to install. He noted in his post how app developers often make money by harvesting data from users' devices and in turn selling this information to marketers. They also...
Blog

Adobe Patches 79 'Critical' Vulnerabilities in Flash Player

Adobe has patched 79 "critical" vulnerabilities affecting Flash Player in its December 2015 security bulletin. The alert, which bears the vulnerability identifier APSB15-32, warns that all platforms are affected by the flaws. This includes Windows and Macintosh regarding the Flash desktop version 19.0.0.245 and earlier, as well as the Google Chrome,...
Blog

Fancy Bear Threat Group Deploys 'Rare' Modification of AZZY Backdoors

Last month, Microsoft released a report on the advanced threat group Fancy Bear. This alert, as noted by security blogger Graham Cluely, explains how the group—otherwise known as "Sofacy," "Sednit," "STRONTIUM," and "APT 28"—stalks mailing lists, social media sites, and public forums in search of potential victims from whom it can steal login...
Blog

What's New in CVSSv3?

CVSSv3 was released this past summer and a number of vendors, including Tripwire, are beginning to adopt it both internally and within their tools. I wanted to talk about some of my favourite (and not-so-favourite) aspects of CVSSv3. Up first, we have the addition of Scope. I have a bit of a love-hate relationship with the notion of Scope. I think...
Blog

VERT Threat Alert: December 2015 Patch Tuesday Analysis

Today’s VERT Alert addresses 12 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-648 on Wednesday, December 9th.Ease of Use (published exploits) to Risk TableAutomated Exploit Easy Moderate Difficult MS15-131 MS15-135 Extremely...
Blog

WebEx Android App Users Told to Update ASAP, Due to Risk of Attack

There are often (quite rightly) concerns raised about operating system vulnerabilities on smartphones, and the need for users to patch their devices with the latest software. But the truth is that probably a bigger risk to the typical mobile user are the actual apps that they choose to run on them. Have they been coded reliably, are they taking...
Blog

Unnecessary Risks: Vulnerabilities in ICS Devices

The NERC Critical Infrastructure Protection standards are the most effective tools for securing the electrical supply today. If you think that's a controversial statement, let me explain why I make it. Cybersecurity in the context of the electrical supply is synonymous with reliability. The cyber-risks to electric utilities are ultimately risks to...
Blog

Open Source Router Updates Its Own Security, Analyzes Network Traffic

This open source, crowdfunded router boasts a unique set of features, including the ability to update its own security and analyze the traffic between the Internet and the host network. Based on the Latin word for "tower", the Turris Omnia router is open source and runs OpenWrt, a free operating system that not only provides Omnia's users with the...
Blog

My SecTor Story: Root Shell on the Belkin WeMo Switch

*Updated 12/7/2015 – NOTE: The WeMo attack vector described in this article was resolved with WeMo firmware release 2.00.8643. Customers are encouraged to install the latest update immediately. There were many activities hosted at SecTor 2015. My favorite activity was the Internet of Things Hack Lab sponsored by Tripwire. The term Internet of...
Blog

5 Ransomware Safety Tips for Online Retailers

Just in time for the holiday shopping season, cybercriminals have developed a destructive new form of ransomware that targets the websites of online retailers. According to independent security journalist Brian Krebs, fraudsters have been leveraging the malware – dubbed ‘Linux.Encoder.1’ – to essentially hold a site’s files, pages and images for...