Blog

Blog

Ransomware Attack Takes Down Airport's Flight Information Screens

A ransomware attack prevented an English airport from using its flight information screens to assist passengers in their travels. On 13 September, Bristol Airport tweeted out that its flight information systems were experiencing technical difficulties. https://twitter.com/BristolAirport/status/1040427309306662912 For the two days that followed, the...
Blog

The Challenges of Artificial Intelligence (AI) for Organisations

Governments, businesses and societies as a whole benefit enormously from Artificial Intelligence (AI). AI assists organisations in reducing operational costs, boosting user experience, elevating efficiency and cultivating revenue. But it also creates a number of security challenges for personal data and forms many ethical dilemmas for organisations....
Blog

OilRig Launching Attack Campaigns With Updated BONDUPDATER Trojan

The OilRig group conducted at least one attack campaign containing an updated variant of the BONDUPDATER trojan as its final payload. In August 2018, Palo Alto Networks' Unit 42 threat research team detected an OilRig campaign targeting a high-ranking government organization in the Middle East. The email campaign leveraged spear-phishing, one of the...
Blog

What is Vulnerability Management Anyway?

Vulnerability management (VM) programs are the meat and potatoes of every comprehensive information security program. They are not optional anymore. In fact, many information security compliance, audit and risk management frameworks require organizations to maintain a vulnerability management program. If you don’t have vulnerability management tools...
Blog

Mastering Container Security: Docker, Kubernetes and More

Bolting on security after the fact. It’s been a common approach to software security for decades. We architect, build code, deploy it and then figure out how to secure it. From the parade of application-related breaches and data thefts over the last few years, we pretty much know this approach does not work. Fortunately, the evolution of continuous...
Blog

What Cloud Migration Means for Your Security Posture

It shouldn’t come as a surprise to anyone reading this article that there has been a major shift towards businesses hosting their critical applications in the cloud. Software-as-a-Service (SaaS), as well as cloud-based servers from Amazon or Microsoft, have changed the way we build networked business systems for any size organization. Cloud-hosted...
Blog

Configuration Hardening: Proactively Guarding Systems Against Intrusion

The concept of configuration hardening has nice imagery to it. When we use it to describe battle-hardened soldiers who have been tested in combat, a grim, determined image invariably leaps to mind. The same thing happens when we speak of hardened steel that’s been repeatedly quenched and tempered or of hardened fortifications and bunkers. What Are...
Blog

VERT Threat Alert: September 2018 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s September 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-796 on Wednesday, September 12th. In-The-Wild & Disclosed CVEs CVE-2018-8440 This vulnerability was disclosed on Twitter on August 27th, and a high level analysis was published on...
Blog

Beware the Homeless Homebuyer Real Estate Scam!

Security professionals are warning users who are or soon will be engaged in real estate transactions to watch out for the "homeless homebuyer" scam. On 10 September, Verdict built upon its coverage of account takeover attacks found in its threat insight magazine Verdict Encrypt to discuss this...
Blog

Revised Critical Infrastructure Protection Reliability Standard CIP–003–7: What Are the Changes?

The U.S. Government is constantly working to improve its ability to respond to the growing threat of cyber-attacks facing the national power grid. Towards that end, the Federal Energy Regulatory Commission (FERC) approved the revised critical infrastructure protection reliability standards for cybersecurity management controls on April 19, 2018. The...
Blog

Apps that steal users' browser histories kicked out of the Mac App store

Apple has removed "Adware Doctor" from the macOS App Store amid claims that the program was uploading browser histories to China. Adware Doctor, which sold for $4.99 and was listed last week among the highest grossing apps in the "Paid Utilities" category of the macOS App Store, promised it would "keep your Mac safe", "get rid of annoying pop-up ads...
Blog

Beware of the New Way Crooks Can Drain Your Credit Card Account

This article describes one of the recent frauds used by cybercriminals to steal funds from people’s credit cards. Unfortunately, it is a simple one to pull off, so peruse the details below and make sure you don’t get on the hook. The malicious logic in a nutshell The malefactors use a legit remote access tool for mobile devices called AirDroid....
Blog

Tripwire Patch Priority Index for August 2018

Tripwire's August 2018 Patch Priority Index (PPI) brings together the top vulnerabilities from Microsoft and Adobe. First on the patch priority list this month are patches for Microsoft's Internet Explorer, Edge, and Scripting Engine. These patches resolve 21 vulnerabilities, including fixes for Remote Code Execution, Elevation of Privilege,...
Blog

Use This NERC CIP v6 Standards Summary to Stay Compliant

Thanks to FERC’s Order 822, the North American Electric Reliability Corporation’s critical infrastructure protection standards, known as NERC CIP, are continually updated. Seven updated standards proposed by NERC for inclusion have now been accepted. April 1st, 2016, was the compliance deadline for the NERC CIP v5 requirements. Most of the newly...