Blog

Blog

Cisco Patches 'Critical' ASA IKE Buffer Overflow Vulnerability

Cisco has patched a 'critical' buffer overflow vulnerability affecting the Internet Key Exchange (IKE) implementation in Cisco ASA. On Wednesday, the multinational technology company published a security advisory for CVE-2016-1287. First discovered and reported by researchers at Exodus Intelligence, the vulnerability could lead to a complete...
Blog

Phishing Email Scam Targeting Airbnb Customers

Security researchers have identified a new phishing scam that is targeting customers of the popular accommodation booking site Airbnb. Christopher Boyd, a malware intelligence analyst at Malwarebytes, says he recently discovered an email phishing campaign impersonating the company and redirecting users to a fake Airbnb login page in an attempt to...
Blog

CryptoBin Down Amid Claims Hacker Posted Details of 20,000 FBI Employees

Sometimes things would be better if people didn't keep their word. Take hackers, for instance. Hackers using the online handle "DotGovs" published information about 9,000 Department of Homeland Security (DHS) workers earlier this week after stealing it from the Department of Justice's intranet. Many of us probably hoped that DotGovs couldn't be...
Blog

Seasonal Defective Password Disorder

Another change of the seasons is upon us. An interesting correlation is that these quarterly seasonal changes also follow the password change schedule in use in many organizations. If you work in an office, you probably receive a notice to change your password every 90 days. The odd correlation of requiring a password change every 90 days in a...
Blog

Improving ICS Security: How to Bridge the IT-OT Divide

Security incidents pose a real threat to industrial networks. In 2014 alone, organizations in the energy, utilities, industrial, and oil and gas sectors encountered 245 unique industrial control system (ICS) incidents, with more than 800 security advisories published that same year. To make matters even more daunting, only a fraction of those events...
Blog

Disable the Easy Button: Pen Test Preparation Steps

Week after week and year after year penetration tests are performed against companies and we continue to find the same things. Do you really want to hire that pentest company to come in and tell you the obvious? You could get better value from your tester if you take some simple steps to prepare before they start their assessment, not to mention you...
Blog

VERT Threat Alert: February 2016 Patch Tuesday Analysis

Today’s VERT Alert addresses 13 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-656 on Wednesday, February 10th. Ease of Use (published exploits) to Risk Table Automated Exploit ...
Blog

Obama to Appoint First Federal Chief Information Security Officer

The Obama administration has announced its intention to appoint the United States' first ever federal chief information security officer (CISO). On Tuesday, the President is expected to roll out a budget of $19 billion for federal information security spending. That budget, which marks a 35 percent increase over last year's allotment of $14 billion,...
Blog

The Change Management and Baselines Challenge in NERC CIP

In the last year, change management has been one of the top challenges customers want to solve. The problem is complex, and integration is essential to producing a sustainable solution. There are multiple drivers behind the challenge. First of all, there must a compliant change management process that produces supporting evidence. For high-impact...
Blog

Under the Hood of Cryptowall 4.0

Back in December, Heimdal Security spotted the Angler exploit kit leveraging drive-by campaigns to infect unsuspecting web users with Cryptowall 4.0 ransomware. The notorious malware has since been spotted in additional attack campaigns, leading Heimdal to wonder whether a newer version is on the horizon. Cryptowall's next installment will no doubt...
Blog

EMET 5.5 - Update Released for Microsoft's Best Kept Secret

It's one of Microsoft's best kept secrets. First released in 2009, the Enhanced Mitigation Experience Toolkit from Microsoft (EMET for short) has been helping companies reduce the risk of being exploited via unknown vulnerabilities in Windows and Windows applications. By detecting and preventing the buffer overflows and memory corruption...
Blog

How to Build a Remote Security Team

This will not come as a surprise to many of you, but there’s a current shortage of cyber security experts out in the field, which is causing job vacancies all over the country. Over the years, we’ve seen the demand for cyber security professionals spike dramatically as organizations realize there’s a problem, and are actively looking to recruit...
Blog

3 Fundamental Traits of an Infosec Aficionado

I’ve had a lot of conversations with high school students and students in their initial years of university who don’t particularly know what they want to be when they grow up. Heck, I’m still trying to figure that out! The advice you hear from most guidance councilors and others who mean well is generally to find something you like to do, something...
Blog

Slaying Rogue Access Points with Python and Cheap Hardware

Imagine we’re sitting at a Starbucks on a Friday afternoon. The coffee shop is pretty busy and full of aspiring hipsters sipping soy lattes and typing away at their MacBooks while loudly listening to Miles Davis. Suppose we really dislike Miles Davis for some reason, and we really want to turn that music off. We could connect to the open WiFi...