Blog

Blog

Security Incident at VA Exposed 46K Veterans' Information

The Office of Management at the U.S. Department of Veterans Affairs (VA) disclosed a security incident involving the personal data of 46,000 veterans. The VA detailed the data breach in a statement published on its website on September 14. According to this press release, the VA's Financial Services...
Blog

Joint Cybersecurity Advisory on Threat Hunting and Incident Response Released

A joint cybersecurity advisory released on September 1st detailed technical methods for uncovering and responding to malicious activity including best practice mitigations and common missteps. A collaborative effort, this advisory (coded AA20-245A) is the product of research from the cybersecurity organizations of five nations. Those include the...
Blog

Gearing Towards Your Next Audit - Understanding the Difference Between Best Practice Frameworks and Regulatory Compliance Standards

Security configuration management (SCM) can help organizations do much more than just harden their attack surfaces against intrusions. This fundamental control also has the ability to make your audits flow more smoothly. Indeed, it allows organizations to pull reports from any point in time and demonstrate how their configuration changes and...
Blog

O365 Phishing Attack Used Real-Time Validation against Active Directory

A phishing attack used real-time validation against an organization's Active Directory in order to steal users' Office 365 credentials. According to Armorblox, the phishing attack targeted an executive working at an American brand that was named one of the world's Top 50 most innovative companies for 2019 on a Friday evening. The email used spoofing...
Blog

Pakistani Electric Supply Company Struck by Netwalker Ransomware

An electric supply company based in Karachi, Pakistan suffered a Netwalker ransomware infection that disrupted its billing and online services. Bleeping Computer learned of the attack through Ransom Leaks, a ransomware researcher who received word from a local Pakistani company that the attack was affecting K-Electric's internal services. According...
Blog

Learn Ghidra From Home at SecTor 2020

Running the IoT Hack Lab at SecTor has been a highlight of my year since 2015. Although we won’t be back this year to fill our corner of the MTCC, I’m happy to be teaching A Beginner’s Guide to Reversing with Ghidra as part of the SecTor 2020 virtual conference October 19-20. Ghidra is an advanced software reverse engineering suite developed by NSA...
Blog

VERT Threat Alert: September 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s September 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-903 on Wednesday, September 9th. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs included in this month’s security guidance. CVE Breakdown by Tag While...
Blog

DoppelPaymer Gang Claims Responsibility for Newcastle University Issues

The DoppelPaymer ransomware gang claimed responsibility for a digital security incident that affected Newcastle University's network and systems. In a news release published on its website, Newcastle University revealed that it had begun experiencing issues with several of its IT systems on August 30. Those issues rendered all services inoperable...
Blog

Identifying the Most Dangerous Common Software and Hardware Weaknesses and Vulnerabilities – The CWE Top 25 (2020 Edition)

So far, there has not been a perfect solution to ridding the world of software and hardware weaknesses. Keeping up-to-date with which weaknesses have are most common and impactful can be a daunting task. Thankfully, a list has been made to do just that the Common Weakness Enumeration Top 25 (CWE). The CWE Top 25 is a community-developed list of the...
Blog

Targeted Company's Homepage Used in Message Quarantine Phish

Security researchers observed that malicious actors had incorporated a targeted company's homepage into a message quarantine phishing campaign. The Cofense Phishing Defense Center found that the phishing campaign began with an attack email that disguised itself as a message quarantine notification from the targeted company's IT department. The email...
Blog

Google Ups Bug Bounty Reward Amounts for Product Abuse Risks

Google announced its decision to increase the reward amounts for product abuse risks reported through its bug bounty program. On September 1, Google employees Marc Henson and Anna Hupa announced that researchers could now receive up to $13,337 for reporting a High-Impact vulnerability through which a malicious actor could abuse Google products for...