Blog
Blog

Are You Ready for the Remote Work’s Toll on Corporate Security?

By David Henderson on Mon, 03/30/2020
Given the situation that many companies, organizations and government agencies have been forced into working remotely due to COVID-19, it is imperative to give some thought about corporate security. Using a VPN for New Stay-at-Home Workers Millions of employees are now working from the confines of their own homes in an effort to keep businesses running smoothly. In most situations, employees are...
COVID-19 Scam Roundup – March 30, 2020
Blog

COVID-19 Scam Roundup – March 30, 2020

By David Bisson on Mon, 03/30/2020
Many in the digital security community are coming together to combat malicious actors during the coronavirus disease 2019 (COVID-19) global outbreak. One of the most visible of these new efforts is the COVID-19 CTI League. Made up of approximately 400 volunteers living in approximately 40 countries, the COVID-19 CTI League is working to block...
Mr and Mrs CISO: Security in the Age of the Lockdown
Blog

Mr and Mrs CISO: Security in the Age of the Lockdown

By Editorial Staff on Mon, 03/30/2020
With so many of us frantically learning to juggle our roles as parents, workers and most recently teachers; is it just my wife and I who feel it necessary to monitor the online activity of our teenagers during this lockdown? Sure, there’s rich educational content out there, but it sits amongst social networks, streaming services, gaming consoles and...
Now Is the Time to Get up to Speed with CMMC and SP 800-171 Rev 2
Blog

Now Is the Time to Get up to Speed with CMMC and SP 800-171 Rev 2

By David Bisson on Sun, 03/29/2020
At the beginning of March 2020, Fifth Domain reported that Colorado-based aerospace, automotive and industrial parts manufacturer Visser Precision LLC had suffered a DoppelPaymer ransomware infection. Those behind this attack ultimately published information stolen from some of Visser’s customers. Those organizations included defense contractors...
PLEASE_READ_ME Ransomware Campaign Targeting MySQL Servers
Blog

Tupperware Website Compromised with Credit Card Skimmer

By David Bisson on Fri, 03/27/2020
Digital attackers compromised the website of kitchen and household products manufacturer Tupperware with a credit card skimmer. On March 20, researchers at Malwarebytes observed that attackers had compromised tupperware[.]com by hiding malicious code within an image file. This code activated when a user attempted to check out and complete their...
Third-party data breach exposes GE employees' personal information
Blog

Third-party data breach exposes GE employees' personal information

By Graham Cluley on Thu, 03/26/2020
Past and present employees of General Electric (GE) are learning that their sensitive information has been exposed by a data breach at a third-party service provider. Fortune 500 company GE says it was recently informed of a security breach at one of its partners, Canon Business Process Services. According to GE, between approximately February 3 -...
The Future is Hybrid: Practicing Security in the Hybrid Cloud
Blog

The Future is Hybrid: Practicing Security in the Hybrid Cloud

By Lamar Bailey on Thu, 03/26/2020
By now, many organizations have adopted the cloud in some way. We saw organizations moving whole servers over to the cloud at the beginning, but now we see small parts of a system being moved to the cloud and new cloud native offerings. We’ll use the analogies of Lincoln Logs and Legos to describe these deployment models. Infrastructure-as-a...
Free Cyber Safety Resources during COVID-19
Blog

Free Cyber Safety Resources during COVID-19

By Tripwire Guest Authors on Tue, 03/24/2020
Whether you are reading this from somewhere in the United States or overseas, chances are you are doing it from the comfort of your home. Not because you chose to but because you were asked to do so in order to prevent Coronavirus disease 2019 (COVID-19) from spreading any further. If you are a parent, working remotely with your kids at home, you...
COVID-19 Scam Roundup – Week of 3/16/20
Blog

COVID-19 Scam Roundup – Week of 3/16/20

By David Bisson on Mon, 03/23/2020
Malicious actors are increasingly leveraging COVID-19 as a theme for new digital fraud attacks. In February 2020, for instance, Action Fraud received 21 reports of fraud relating to the coronavirus. This number of reports more than doubled to 46 between March 1 and March 13, 2020. Between March 14 and March 18, 2020, the United Kingdom's national...
The MITRE ATT&CK Framework: Initial Access
Blog

The MITRE ATT&CK Framework: Initial Access

By Tripwire Researcher on Mon, 03/23/2020
Although ATT&CK is not laid out in any linear order, Initial Access will be the point at which an attacker gains a foothold in your environment. This tactic is a nice transition point from PRE-ATT&CK to ATT&CK for Enterprise. What is different about the techniques within Initial Access is that they are more high-level than some of the other...
How Organizations Can Fight to Retain Talent Amidst the Infosec Skills Gap
Blog

How Organizations Can Fight to Retain Talent Amidst the Infosec Skills Gap

By Joe Pettit on Sun, 03/22/2020
In a previous post, I shared some expert insight into how organizations can address the challenges of hiring skilled talent despite the ongoing infosec skills gap. Organizations can’t rest easy once they’ve brought on new talent, however. They need to make sure they hold onto their existing workforce. That’s easier said than done. Cybersecurity...
Whatever happened to cryptojacking?
Blog

Whatever happened to cryptojacking?

By Graham Cluley on Thu, 03/19/2020
A couple of years ago it felt like you couldn't turn your head in any direction without seeing another headline about cryptomining and - its more evil sibling - cryptojacking. Countless websites were hijacked, and injected with cryptocurrency-mining code designed to exploit the resources of visiting computers. Victims included the likes of the LA...
Phorpiex Botnet Named "Most Wanted Malware" in November 2020
Blog

Food Delivery Website in Germany Targeted by DDoS Attackers

By David Bisson on Thu, 03/19/2020
Malicious individuals targeted a food delivery website located in Germany with a distributed denial-of-service (DDoS) attack. Jitse Groen, founder and CEO of the Germany-based food delivery service Takeaway (Lieferando.de), announced on March 18 that his company had suffered a DDoS attack. https://twitter.com/jitsegroen/status/1240332307262832642 In...
PLEASE_READ_ME Ransomware Campaign Targeting MySQL Servers
Blog

Nefilim Ransomware Threatens to Release Victims' Data within a Week

By David Bisson on Wed, 03/18/2020
A newly discovered ransomware family called "Nefilim" told its victims that it would publish their stolen data within a week unless they paid their ransom. According to Bleeping Computer, Nefilim started up near the end of February 2020. The threat attracted the attention of security researchers because it shared much of the same code with version 2...
How Organizations Can Achieve Security Availability
Blog

How Organizations Can Achieve Security Availability

By Chris Hudson on Tue, 03/17/2020
We have seen great strides in improving security tooling and processes over the past ten years. Via constantly maturing security models, security teams have become increasingly dependent upon an ever-more complex toolchain of products and services. But what happens when these systems fail. How much effort are we putting into planning and maintaining...
Blog

The State of the Cybersecurity Market: Where We’ve Come, Where We’re Going

By Irfahn Khimji on Mon, 03/16/2020
There’s an interesting trend that I have personally noticed over the past few years: organizations are starting to take cybersecurity more seriously. With the multitude of high-profile data breaches, organizations are starting to realize that cybersecurity is a significant risk to the business. This allows CISOs and other similar titles with leadership responsibilities to have a larger budget for...
New Microsoft Spear-Phishing Attack Uses Exact Domain Spoofing Tactic
Blog

Cloudflare Worker Employed as C&C Server by BlackWater Malware

By David Bisson on Mon, 03/16/2020
Security researchers spotted BlackWater malware leveraging a Cloudflare Worker for command-and-control (C&C) functionality. MalwareHunterTeam observed that the threat activity began with an RAR file called "Important - COVID-19.rar." The file pretended to contain important information about the global COVID-19 outbreak, an event which other malware...
Phorpiex Botnet Named "Most Wanted Malware" in November 2020
Blog

Illinois Public Health Dept's Website Went Down After NetWalker Attack

By David Bisson on Fri, 03/13/2020
The website for a public health department in Illinois went down after the agency suffered a NetWalker ransomware attack. According to local media reports, officials at the Champaign-Urbana Public Health District (C-UPHD) became aware of the ransomware attack on March 10 when the department's website went down. It took the agency, which serves 210...
Phishing attacks exploit YouTube redirects to catch the unwary
Blog

Phishing attacks exploit YouTube redirects to catch the unwary

By Graham Cluley on Thu, 03/12/2020
Attackers are increasingly exploiting the fact that email gateways turn a blind eye to links to popular sites such as YouTube, in order to phish passwords from unsuspecting computer users. Researcher Ashley Trans of Cofense highlighted the threat in a blog post describing a recent phishing campaign. In the attack, an unsuspecting user receives an...