Tripwire's June 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, BIND and Oracle. Up first on the Patch Priority Index this month are patches for Microsoft, BIND and Oracle for vulnerabilities that have been integrated into various Exploits. Metasploit has recently added exploits for BIND (CVE-2020-8617),...

Security researchers came across a new ransomware family called "CryCryptor" that masqueraded as a Canadian COVID-19 tracing app. CryCryptor emerged just days after the Canadian government announced it would support the development of a national, voluntary tracing app for COVID-19 called "COVID Alert." That official app had not yet entered its...

Organizations protect critical assets and sensitive information from the outside world by continually updating their security controls and policies. However, the origin of a breach is not always outside of the organization, and recently, insider breaches have gained attention amid an increase in the flexibility of tools for information sharing....

Several attack campaigns waited two weeks after achieving a successful Trickbot infection before they deployed Ryuk ransomware as their final payload. SentinelOne came across the attacks as the result of monitoring an attack server employed by Trickbot's handlers. In the process, they discovered data for three separate attacks that occurred in the...

Not everything that tastes good is healthy, and not everything healthy tastes good. I think of exams as the latter. They are one way to test knowledge, and that attitude is a big part of how I survived getting certified. After taking all kinds of exams, one thing hasn't changed – I don't like them. I get anxious when faced with tests. I dislike the...

As smart ticketing systems and technological solutions become more prevalent in the transportation industry, the issue of transportation systems' cybersecurity becomes a greater concern. Transportation Systems Cybersecurity is a Major Concern In August 2019, Transport for London (TfL) was forced to temporarily close down the online facility for...

Security researchers discovered a new malware threat called "NitroHack" that modifies the Discord client for Windows into an infostealing trojan. MalwareHunterTeam observed malicious actors abusing DM's from infected Discord users as a distribution vector. Specifically, they leveraged those accounts to inform a victim's friends that they could...

Fraudsters stole more than $3.2 million from the banking division of South Africa's post office, after - in a catastrophic breach of security - employees printed out the bank's master key. According to South African media reports, the security breach occurred in December 2018 when a copy of Postbank's digital master key was printed out at a data...

Amazon Web Services (AWS) said that it mitigated a distributed denial-of-service (DDoS) attack with a volume of 2.3 Tbps. In its "Threat Landscape Report – Q1 2020," AWS Shield revealed that its team members had spent several days responding to this particular network volumetric DDoS attack. In Q1 2020, a known UDP reflection vector, CLDAP...

Cybersecurity is not a static world. You can say that it is a social system, it affects and is affected by its surrounding environment. For example, back in 2018, it was the GDPR that shook the foundations of security and privacy by making the protection of our personal data a fundamental human right. But that was then. What is shaping today’s...

Security researchers came across a series of odd protest-themed spam email messages that appeared to target the Atlanta Police Foundation. SANS' Internet Storm Center observed that the spam messages first appeared to be instances of an extortion scam campaign. With "Crime Research Center" as the sender, the emails claimed in their messages that...

The MITRE ATT&CK Framework has gained a lot of popularity in the security industry over the past year. I have spent a lot of time researching the hundreds of techniques, writing content to support the techniques, and talking about the value to anyone who will listen. What is the MITRE ATT&CK Framework? For those who are not familiar, ATT&CK is the...

Security researchers observed sextortionists leveraging social engineering techniques to steal their victims' personal information. SANS' Internet Storm Center (ISC) discovered that sextortionists had begun creating profiles for young women on dating websites. They used those profiles and the stated interest of finding "good times" to connect with...

Thank you to everyone who joined us for our virtual charity event, Cyberthon 2020 on the 9th June. Given our company started out over 20 years ago as a piece of freeware pioneering many of the early approaches in intrusion detection, there has always been a strong seam of altruism running through Tripwire. This extends far beyond providing open...

Tripwire's General Manager of Industrial Cybersecurity, Kristen Poulos, discusses the risks that come with the increasing number of connected devices operating on the plant floor and throughout facilities. In this episode, Kristen shares how IT can partner with OT to protect the safety, productivity, and quality of operations. https://open.spotify...

Researchers found that extortionists are targeting website owners with a scam in which they claim to have hacked their site and extracted a database. WebARX observed that the ploy first makes itself known to website owners when they receive a ransom message from the attackers. In a sample note analyzed by the web application security platform, the...

In 2019, the State of Security published its most recent list of essential bug bounty frameworks. Numerous organizations and government entities have launched their own vulnerability reward programs (VRPs) since then. COVID-19 has changed the digital security landscape, as well. With that in mind, it’s time for an updated list. Here are 10 essential...

Information security (IS) and/or cybersecurity (cyber) are more than just technical terms. They’re the processes, practices and policy that involve people, services, hardware, and data. In particular, IS covers how people approach situations and whether they are considering the “what if’s” of malicious actors, accidental misuse, etc. I’m not sure...

In part one of this post, we talked about why identity access management (IAM) is important. In that discussion, we identified three types of IAM: Single Sign On Multi-Factor Authentication Privileged Access Management We discussed the different types of single sign on and some examples of what can be used to help streamline the user...

Italian multinational energy company Enel Group suffered a SNAKE ransomware infection that affected its internal network. According to a statement issued by Enel Group, the ransomware attack first registered with the energy company on June 7 when its internal IT network suffered a disruption. A spokesperson for the company said that officials...