One of our customers (You know who you are, thanks!) made us aware of a new practice guide titled “ERO Enterprise CMEP Practice Guide: Assessment of SVCHOST.EXE” published exactly two weeks ago today on September 15th, 2020. North American Electric Reliability Corporation (NERC) seldom releases guidance like this, so they shouldn’t go unnoticed....

A federal jury convicted the owner of a bitcoin exchange for his role in a multi-million dollar scheme involving online auction fraud. On September 28, a federal jury in Frankfort, Kentucky found Bulgarian national Rossen Iossifov, 53, guilty of one count of conspiracy to commit racketeering and one...

I’ve spoken before about Zero Trust approaches to security, but for many of those starting on their journey, there isn’t an obvious place to start with the model. With this post, I wanted to share an example approach I’ve seen working that many organisations already have in place and can be easily rolled into a larger program of Zero Trust hardening...

Cybersecurity Supply Chain Risk Management (C-SCRM) deals with more than protecting an organization from cyber-attacks on third parties. It also addresses third parties to those third parties (known as “fourth parties”). Further still, a vendor to your vendor's vendor is a fifth party, then a sixth party, etc. Your SCRM should involve knowledge of...

A new ransomware strain called "Mount Locker" is demanding that victims pay multi-million dollar ransom payments to recover their data. According to Bleeping Computer, the ransomware first began making the rounds in July 2020. The malicious actors responsible for this threat took a cue from other crypto-malware gangs by stealing victims' unencrypted...

A computer programmer pleaded guilty to making false statements about his involvement with the Silk Road underground web marketplace. On Setpember 21, Michael R. Weigand (also known as "Shabang") surrendered himself and told U.S. District Judge William H. Pauley III that he had lied to federal...

A critical vulnerability in Instagram's Android and iOS apps could have allowed remote attackers to run malicious code, snoop on unsuspecting users, and hijack control of smartphone cameras and microphones. The security hole, which has been patched by Instagram owner Facebook, could be exploited by a malicious hacker simply sending their intended...

If you had asked 10 year old Tyler what he wanted to be when he grew up, the answer would have been a very enthusiastic, “Teacher!” Over time, however, that desire lessened as my fascination with technology grew. I ultimately ended up attending Fanshawe College to study Computer Systems Technology. I never fully abandoned that desire to teach,...

Earlier this month, the Federal Energy Regulatory Commission (FERC) published a joint report entitled “Cyber Planning Response and Recovery Study” (CYPRES) in partnership with the North American Electric Reliability Corporation (NERC) and eight of its Regional Entities (REs) in order to review the methods for responding to a cybersecurity event. The...

Canadian multinational e-commerce company Shopify disclosed a security incident that involved the information of some of its merchants. On September 22, Shopify published an incident update on its website. This bulletin explained that "two rogue members" of the company's support team had attempted to...

Cyber-attacks against maritime and shipping organizations are only increasing. Notwithstanding the IMO’s requirement for organizations in this sector to achieve cyber resilience by 2021, more and more entities are being crippled by malicious attacks. Maritime cyber-attacks are increasing The last victim in a long list of cyber-attacks was cruise...

Scammers are impersonating governmental departments within the State of Texas to send out fake Requests For Quotations (RFQs). On September 21, Abnormal Security revealed that it had spotted an attack email that impersonated the Texas Department of State Health Services. Scammers used spoofing techniques to camouflage the sender address as an...

For many organizations, security flows from the top down. That’s a problem when executives don’t emphasize security as much as they should. Cisco learned as much in its CISO Benchmark Study “Securing What's Now and What's Next 20 Cybersecurity Considerations for 2020.” Here are just some of the findings from Cisco’s study: A majority (89%) of...

Burnout is a health hazard in any high-stress workplace, especially in any industry where highly skilled professionals must tackle urgent demands at unpredictable intervals and where effective response is time-sensitive or even urgently needed. Employee burnout is a security and business continuity issue. It directly impacts both an employee’s...

By now, we know a lot about secure configuration management (SCM). We know the way it works, the integral processes of which it consists, the areas of your IT infrastructure that it can help secure as well as the different types of best practice frameworks and regulatory compliance standards with which it can help you to maintain compliance. All we...

A patient died after being redirected to another medical facility as the result of a German hospital having suffered a ransomware infection. On September 17, the Associated Press reported that a woman who needed urgent medical attention died after being transferred from University Hospital of...

The gang responsible for the Maze ransomware family conducted an attack in which they distributed their malware payload inside of a virtual machine (VM). Sophos’ Managed Threat Response (MTR) observed the technique in action while investigating an attack that occurred back in July 2020. In that incident, the attackers packaged the ransomware payload...

US authorities have charged two Russian men with allegedly defrauding cryptocurrency exchanges and their customers out of at least $16.8 million. The men - Danil "Cronuswar" Potekhin, 25, and 35-year-old Dmitrii Karasavidi, of Voronezh and Moscow respectively - are said to be responsible for a phishing campaign that targeted customers of...

In a fast-changing world, stopping to assess your success isn’t really an option anymore. It is increasingly important that security teams are constantly proving their worth and tracking their successes with a view to constantly improving so as to not to get caught behind the times and therefore exposed. How to Make Sure You’ve Got the Momentum You...

During the late 1990s, security professionals were using information assurance tools in concert with vulnerability scanners to detect and remove vulnerabilities from the systems for which they are responsible. There’s just one problem – each security vendor has its own database with little to no crossover. Each vendor’s tool generates its own alert...