Blog

Blog

October 2017: The Month in Ransomware

Ransomware activity didn’t skyrocket last month, but there was definitely a substantial increase compared to September. Perhaps the most serious wake-up call was the onset of BadRabbit, a Petya-like culprit going on a rampage in Eastern Europe. A likely successor of the Cerber ransomware dubbed Magniber started making the rounds via the Magnitude...
Blog

Tor Browser Gets Interim Fix for Bug that Can Leak Users' IP Addresses

Certain users of the Tor Browser should implement a temporary fix for a vulnerability that can potentially leak their real IP addresses. On 3 November, Tor Browser 7.0.9 rolled out to macOS and Linux users. Included in the updated version is a fix for an issue that affects Tor Browser 7.0.8 on those two operating systems. Windows users aren't...
Blog

Policium Concisium: Advice on Writing a Security Policy

What do your policies look like? If your organization is like most, then your policies are probably voluminous and all-encompassing. This is a good thing – or is it? Probably one of the most painful aspects of being an infosec professional is having to author or review policies. (Audit is the other painful aspect.) When you first entered the field,...
Blog

EOL Systems: Combating the Security Risks with Foundational Controls

Security patches and updates leave companies at risk when they're running systems designated as end of life (EOL), such as .Net systems, Windows Server 2003, and Windows XP. When Microsoft releases an update or patch after the operating system (OS) is no longer supported, cybercriminals and malicious software develops dissect the update and reverse...
Blog

IoT Security: Does Such a Thing Exist?

We've been hearing a lot about IoT security recently. The news is overwhelming us with stories about baby dolls and baby monitors that can listen in on conversations at home, not to mention surveillance cameras that provide video streams to unauthorized individuals. To better understand these events, let’s start by looking at what is IoT. According...
Blog

FBI Charges 22-Year-Old Student for Hacking System to Change Grades

A former student at the University of Iowa was arrested on computer-hacking charges for accessing copies of exams in advance, and altering grades for himself and his classmates. Chemistry major and wrestler Trevor Graves, 22, allegedly plugged keyloggers into university computers in classrooms and labs, allowing him to see whatever his professors...
Blog

50,000 Australian Employees' Personal Data Exposed Online

Negligence by a third-party contractor exposed the personal information of approximately 50,000 Australian employees online. A Polish security researcher who uses the moniker "Wojciech" discovered the information while searching for open Amazon S3 buckets. The details belong to 48,270 employees of Australian government agencies, banks, and a utility...
Blog

Tripwire University: ICS/SCADA Edition

What do Robert M. Lee, Eric Byres, Sean McBride, Dr. Oliver Kleineberg, and Sid Snitkin all have in common? If any of these names do not ring a bell, they’re each industrial cybersecurity experts in different realms. Along with Tripwire customers and other industry leaders, they will be sharing fast-paced perspectives and challenging you to think...
Blog

Welcome Back, Mr. Robot

“Hello, again, friend. It all went quiet for a while and the depictions of hacking and cyber on TV seemed to become trite and clichéd again. We stopped seeing him, Mr. Robot, but now he’s back again. Did you see him, too?” This blog may contain spoilers and was written following ‘eps3.2_legacy.so,’ which seems a good enough point into the new...
Blog

Tripwire Patch Priority Index for October 2017

BULLETIN CVE APSB17-32 CVE-2017-11292 Microsoft Browser - IE CVE-2017-11790,CVE-2017-11822,CVE-2017-11813 Microsoft Browser - Edge CVE-2017-11794,CVE-2017-8726 Microsoft Browser - Scripting engine CVE-2017-11796, CVE-2017-11808, CVE-2017-11809, CVE-2017-11805, CVE...
Blog

46.2 Million Mobile Numbers Leaked Online after Malaysian Data Breach

46.2 million mobile numbers have appeared online following a data breach that affected several Malaysian telecommunication companies. The incident involves 15 Malaysian telcos and mobile virtual network operators (MVNO). Included in the leak are customers' mobile numbers along with their personal and device information. Of note, those exposed...
Blog

Insights into ICS Security: An Interview with Robert Landavazo

Industrial control systems (ICS) are no strangers to digital attacks. In its Threat Landscape for Industrial Automation Systems in H1 2017 report (PDF), Kaspersky Lab blocked attack attempts against 37.6 percent of ICS computers that use the Russian security firm's products. It also detected 18,000 variants of 2,500 different malware families that...
Blog

Could Containers Save The Day? 10 Things to Consider when Securing Docker

By now, we’re all aware of the Equifax breach that affected 143 million customer records. Equifax reports that Apache Struts vulnerability CVE-2017-5638 was used by the attackers. Equifax was not running its vulnerable struts application in a container, but what if it had been? Containers are more secure, so this whole situation could have been...
Blog

Women in Information Security: Glenda Snodgrass

Last time, I had the opportunity to speak with Carrie Roberts. She's a red team engineer at Walmart with lots of penetration testing experience. This time, I had the pleasure of speaking with Glenda Snodgrass. She's a founder and the president of The Net Effect, a cybersecurity services company that's based in Alabama. They must be doing something...
Blog

Britain's Largest Airport Launches Investigation after USB Found on Street

Britain's largest and busiest airport has launched an investigation to determine how someone found a USB containing 2.5GB of its data on the street. News of the incident involving Heathrow London Airport first came to light when an unemployed man contacted The Sunday Mirror. He told the tabloid he was on his way to a local library to search for work...
Blog

9 Security Horror Stories that Will Forever Haunt Our Nightmares

Halloween is upon us! It isn’t just a time for Steven King movies and trick-or-treating, but it's also a time to reflect back on some of our own horror stories in IT. To help celebrate Halloween, we have asked some folks from the security industry to share their scary security stories with us. We hope you enjoy. Feel free to share your own stories in...
Blog

WannaCry Affected 34% of NHS Trusts in England, Investigation Finds

An investigation into the 2017 WannaCry outbreak found that the ransomware affected 34% of National Health Service (NHS) trusts in England. Following the May 2017 attack that struck more than 200,000 organizations in at least 100 countries, the UK government's National Audit Office (NAO) launched an inquiry into the matter. Its purpose was to...
Blog

Cryptominers – The Next Generation

In less than a decade, cryptocurrency became almost mainstream. Many people are familiar with Bitcoin, which was the first decentralized digital currency. In fact, there are more than 10 different cryptocurrencies with a market cap exceeding 1 billion US dollars. Some are very similar, but others significantly differ in the mathematical and...