Blog

Blog

Telephone Scams: Your Credit Card was Used in Fraudulent Activities

By now, everyone should have heard about the telephone scams involving a caller claiming to be from the CRA (Canada Revenue Agency) or the IRS (Internal Revenue Service). These tax agency scams generally receive the most coverage, but some don’t get much attention. Recently, people have also received calls from individuals claiming to be from their ...
Blog

Not All Sandboxes Are Created Equal

Sandbox environments are a common feature of many cybersecurity solutions in their fight against advanced malware. Firewalls, endpoint protection, and even next-generation machine learning systems use sandboxes as one of their lines of defense. However, not all sandboxes are created equal. Sandboxes can take different approaches towards malware...
Blog

GitHub Ups the Rewards, Expands the Scope of Its Bug Bounty Program

Web-based hosting service GitHub has decided to increase both the potential reward amounts and scope of its bug bounty program. On 19 February, GitHub announced its decision to raise its reward amounts. Security researchers can now expect to earn a minimum of $617 for reporting a low-severity vulnerability in the service's products. On the other end...
Blog

Report: Concerted Global Cyber Attack Could Disrupt Global Economy

According to a hypothetical cyber risk scenario prepared by the Cyber Risk Management (CyRiM) project for risk management purposes, a ransomware strain that can disrupt more than 600,000 businesses worldwide within 24 hours would potentially lead to damages in the amount of billions of dollars. Cyber Risk Management (CyRiM) project is a collaborative...
Blog

How Federal Agencies Can Fulfill the Next Steps of the FCWAA

On 25 January 2019, the longest U.S. government shutdown in history came to an end. It’s unclear exactly what impact this closure had on the government’s digital security. A SecurityScorecard report found that the shutdown coincided with a rise of expired SSL certificates protecting .gov domains, thereby producing a slight dip in overall network...
Blog

AWS System Manager And The Dangers of Default Permissions

In September of 2018, Amazon Web Services (AWS) announced the addition of the Session Manager to the AWS Systems Manager. The session manager enables shell or remote desktop level access to your AWS EC2 Windows and Linux instances, along with other benefits. This is a great new feature, but care should be taken when enabling this capability. While the...
Blog

Tribbles, Supply Chains and Industrial Cyber Security

In the original Star Trek episode “The Trouble with Tribbles,” an unscrupulous merchant, Cyrano Jones, gives a small furry animal called a Tribble to communications officer Uhura. Uhura takes the Tribble aboard the Starship Enterprise where the animal begins to quickly reproduce, thereby threatening to overrun the ship and cause significant damage....
Blog

When it Comes to NIST 800-171 Compliance - There’s ‘On Time’ and There’s ‘Lombardi Time’

If you wait to become 800-171 compliant, you won’t win contracts. That was the message we wanted to make loud and clear to over 200 federal contractors during last week’s Washington Technology (WT) webcast, Inside NIST 800-171: Cyber Requirements and the Risk of Non-Compliance. Currently, all DoD contractors that handle, process or store sensitive types of government information must comply with...
Blog

Optus Customers Saw Incorrect Info After Logging Into My Account Site

Some customers of Optus said they saw incorrect information when they attempted to log into their profiles using the My Account website. On 13 February, customers of Australia's second-largest telecommunications company took to Twitter to explain that they were having issues accessing their accounts. One such user explained that the My Account...
Blog

Hacker arrested for wave of fake bomb and shooting threats against schools

FBI agents have arrested a 20-year-old man alleged to have been part of a hacking gang that not only launched distributed denial-of-service (DDoS) attacks but also launched a wave of bomb and shooting threats against thousands of schools in the United States and United Kingdom. Timothy Dalton Vaughn of Winston-Salem, North Carolina, is alleged to be...
Blog

To Agent or Not to Agent: That Is the Vulnerability Management Question

With the evolution of technology comes new approaches to solving problems. Sometimes a new approach fixes the problem; sometimes it creates new ones. The good thing is as folks who work in fast-paced, high-tech environment, we information security professionals are great at quickly analyzing the new technologies and applying them to our daily lives. ....
Blog

VERT Threat Alert: February 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s February 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-817 on Wednesday, February 13th. In-The-Wild & Disclosed CVEs CVE-2019-0676 The first vulnerability in the list today is an Internet Explorer vulnerability that is already seeing active...
Blog

High Severity RunC Vulnerability Exposes Docker And Kubernetes Hosts

Often claimed as a worst-case scenario, a container breakout vulnerability has been discovered in RunC, the universal container runtime used by Docker, Kubernetes and other containerization systems. Further research has discovered that a similar version of the same vulnerability affects the LXC and Apache Mesos packages. Identified as CVE-2019-5736,...
Blog

Dunkin' Says Credential Stuffing Attacks Targeted DD Perks Accounts

Dunkin' Brands Inc. ("Dunkin'") said that bad actors recently used credential stuffing attacks to target some DD Perks accounts. Kari McHugh, senior director of customer relations at Dunkin', wrote in a sample letter sent to the Office of the Vermont Attorney General that the company detected a wave of credential stuffing attacks near the beginning...
Blog

Supply Chain Security – Sex Appeal, Pain Avoidance and Allies

Every security professional and every privacy professional understands that supply chain security is as important as in-house security. (If you don’t understand this, stop and read Maria Korolov’s January 25, 2019 article in CSO, What is a supply chain attack? Why you should be wary of third-party providers.) So how do you marshal the resources that you need to implement effective supply chain...