Blog

Blog

FBI warns of Ranzy Locker ransomware threat, as over 30 companies hit

The FBI has warned that over 30 US-based companies had been hit by the Ranzy Locker ransomware by July this year, in a flash alert to other organisations who may be at risk. According to the alert, issued with the Cybersecurity and Infrastructure Security Agency (CISA), most of the victims were compromised after brute force credential attacks...
Blog

Hidden Value In Creating Cybersecurity Audit Programs

One of my first tasks after leaving NSA for private industry in the early 90s was to write my new company’s information security policy. I’m not sure my previous job as a cryptanalyst left me qualified for this, but I was viewed as the security guy. So, I attacked the task with vim and vigor.That first information security policy I wrote was a thing...
Blog

5 Cybersecurity Considerations for the Auto Industry

Technology has become an essential part of daily life. From the way we get around to the things we buy, computers are at the forefront of change. This is especially true for vehicles. Vehicle technology has evolved dramatically over recent decades. The latest iteration of vehicle remodelling in the automobile industry is heavily software-focused,...
Blog

No Integrity, No Trust. The Foundation of Zero Trust Architecture

In the episode, Tripwire's Maurice Uenuma discusses the role of integrity when it comes to zero trust architecture. With results from our latest research survey on The White House's Executive Order and zero trust, he and Tim make the case that zero trust cannot be maintained without proper Integrity controls at its foundation. https://open.spotify...
Blog

Top 3 Grooming Techniques in Fraud: What to Watch for

Grooming is a method of establishing a connection with a person to perpetrate a crime against them. Grooming is becoming more common in fraud, both online as well as in interpersonal interactions. What's more, scammers are getting more sophisticated in their techniques. There is a mistaken belief that scammers are forceful, arrogant, and therefore...
Blog

What Pandemic Responses Teach Us About Cybersecurity

I’ve been working at Tripwire for over two decades, and I’ve acquired a fair bit of swag over those years: branded jackets, hats, shoes, a watch, and of course a drawer full of t-shirts. One thing I never would have predicted owning was a Tripwire-branded face mask to protect me from a global pandemic. Over the past year, I’ve worn that face mask...
Blog

Learning All About Ghidra – Inside a Class with Craig Young

I was recently tasked with reverse engineering (RE) some mobile apps. The actual task was to “learn” to RE – I don’t actually know how to do it, so it’s a good thing it’s more of a learning experience than an actual security job. And the task wasn’t really to RE apps. It was “do a security check on these mobile apps.” I’ve never done that and didn’t even know where to start. RE? Disassemble?...
Blog

Windows 11: Registry Keys, SMB Protocol, and SystemInfo

Windows 11 was released on October 5, 2021. It has several new installation requirements including, most notably, Secure Boot and a Trusted Platform Module. These features can provide a more secure computing environment, but if you need to virtualize a Windows 11 environment, you will need virtualization software that supports this. Although I...
Blog

Analysis of 80 million ransomware samples reveals a world under attack

Google has released a report taking a close look at the more than 80 million ransomware samples uploaded to its VirusTotal service in the last year and a half. Each day, approximately 150,000 ransomware samples were analysed by the free VirusTotal service after being submitted by suspicious computer users, and shared with the security community to...
Blog

VERT Threat Alert: October 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s October 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-968 on Wednesday, October 13th. In-The-Wild & Disclosed CVEs CVE-2021-40449 Up first this month, we have an elevation of privilege in Win32k that has been exploited in-the-wild via...
Blog

Contextualizing the Ransomware Threat Confronting OT Environments

Back in early June, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) published a fact sheet discussing the rising threat of ransomware to operational technology (OT) assets. This development raises several questions. Why is ransomware a threat to OT environments? And what can organizations do to protect their OT assets against...
Blog

Ada Lovelace Day: Celebrating Women's Achievements in STEM

Ada Lovelace Day is October 12th, celebrating women in STEM, which includes cybersecurity! Every year, the holiday does end up being a history of computing, as Ada was composing what we’d now consider the software for a theoretical first computer that had not been built. But that was in the 1840s. What are women doing today? Have you heard of...
Blog

SecTor Episode MMXXI: Return of The Hack Lab

I’m happy to announce that arrangements have now been finalized for the Tripwire team to return for the Tripwire VERT Hack Lab at the MTCC! We will be bringing some new hardware devices as well as a new virtualized hack target. This new virtual target, an ASUS DSL modem with recent firmware, can be compromised by applying the tools & methods we’ve...
Blog

The Changing Role of the CISO

Back in the early days of networking, many companies assigned all of the responsibilities to anyone who showed any aptitude towards operating a computer. In many companies, this was an accountant or someone else who also managed sensitive financial information. The assumption was that the person managing the corporate books was the most trustworthy...