Blog

Blog

Criminal Claims They Stole 20K British Pharmacy Chain Customers' Data

A computer criminal claims to have stolen the personal data and account information of 20,000 British pharmacy chain customers. On 21 August, certain customers of UK health and beauty retailer Superdrug received an email warning them about the "possible disclosure of [their] personal data." It wasn't long before that notice began making the rounds...
Blog

Inside the Judicial Challenges of When Ransomware Strikes a City

Earlier this year, the City of Atlanta suffered a ransomware attack on the city’s computer systems. The attack affected more than one-third of Atlanta's 424 essential programs, close to 30 percent of which were “mission critical” functions. While most of the visible damage has been remedied, the effects of the attack will be felt for a long time....
Blog

A 'How To' for Asset Tagging

The systems in your environment are extremely important assets. Storing intellectual property, customer information, financial information, business automation, etc. If any of these systems are breached or become unavailable, there is a business and financial impact. You’ve installed Tripwire Enterprise agents on these systems to ensure that you know...
Blog

Microsoft Seized Six Fake Domains Mimicking U.S. Political Organizations

Microsoft seized six fake domains that mimic the websites of prominent political organizations located in the United States. On 20 August, the Redmond-based tech giant revealed that its Digital Crimes Unit (DCU) had successfully executed a court order to take control of six fake domains created by Fancy Bear. Also known as "Strontium" and "APT28,"...
Blog

ICS Security in the Age of IT-OT Convergence

March 15, 2018, was a momentous day for U.S. homeland security officials. On that date, the Department of Homeland Security (DHS) and the Federal Bureau of Investigations (FBI) for the first time ever attributed digital attacks on American energy infrastructure to actors associated with the Russian government. Their joint technical alert (TA)...
Blog

ITIL, Problem Management and Tripwire Enterprise

I’ve written about ITIL and Tripwire Enterprise, offering a secure approach to managing your Change Management processes, but ITIL’s guidelines offer more than just recommendations around ensuring changes happen as expected. Problem management is another key area where Tripwire Enterprise can help you on your ITIL journey. ITIL sensibly focuses on...
Blog

Hackers steal $13.5 million from Indian bank in global attack

Hackers planted malware on an automated teller machine (ATM) server belonging to an Indian bank as part of a criminal scheme which saw the theft of nearly 944 million rupees (US $13.5 million) in a co-ordinated attack across 28 countries last weekend. India's Cosmos Bank, based in the western city of Pune, suffered an attack which saw hackers use...
Blog

Sextortion Scams Using Redacted Phone Numbers to Demand Payment

Sextortion scammers are now using potential targets' redacted phone numbers in an attempt to trick them into submitting payment. Perhaps after having obtained a list that ties people's phone numbers and email addresses together, scammers are sending out sextortion emails that use redacted phone numbers to lure in victims. Here's an example, as...
Blog

Caller ID Spoofing – What It Is and What to Do About It

What is Caller ID? Caller identification (Caller ID) is a service that allows the receiver of a phone call to determine the identity of the caller. Caller ID is initially sent over at the start of the phone call and identifies the incoming caller before the receiver answers the phone. Caller ID is not associated with the actual phone number but is...
Blog

“Accelerate” Review: What Makes a High Performer of Software Development and Delivery

The last book campaign was on “The Phoenix Project,” which is an easy-to-read story about a fictional company’s transformation into the world of DevOps. “Accelerate” is nothing like that, and if you’re a sucker for raw data like I am, then you may enjoy it more. “Accelerate” details the results of a multi-year study analyzing company’s software...
Blog

Log Management for Government Agencies: What You Need to Know

Without a doubt, log management should be part of the core of any IT security platform of a government agency. It has a role in not only security but also in operations and compliance requirements. Logging can provide situational awareness of things happening within an environment by keeping track of events recorded in the logs of the different...
Blog

VERT Threat Alert: August 2018 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s August 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-792 on Wednesday, August 15th. In-The-Wild & Disclosed CVEs CVE-2018-8373 A vulnerability exists within the scripting engine in Internet Explorer. An attacker exploiting this vulnerability...
Blog

'Hack the Marine Corps' Bug Bounty Program Announced by DoD

The U.S. Department of Defense (DoD) and HackerOne together announced the creation of a new bug bounty program called "Hack the Marine Corps." On 12 August, DoD kicked off its new vulnerability disclosure initiative at DEF CON 26 in Las Vegas, Nevada with a live hacking session. For the launch event,...
Blog

Alert Fatigue Is a Big Cybersecurity Problem

Alarms and alerts surround us every day. From the moment our clocks wake us up in the morning, we rely on alarms for many things. But what happens when those alarms and alerts malfunction? What does it do to us and how does that affect our day to day life? Recall the Dallas Emergency Alert Malfunction. As it turns out, getting tired of these alarms...
Blog

ICS Security: The European Perspective

ICS security is concerned with securing and safeguarding industrial control systems, keeping processes and machinery running smoothly, and ensuring that the information and data shown on the control room dashboards and screens are accurate. Like every system that is networked to the Internet, ICS must be properly secured. The problem is that ICS...