Blog

Blog

Addressing Log4j2 Vulnerabilities: How Tripwire Can Help

On December 9th 2021, Apache published a zero-day vulnerability (CVE-2021-44228) for Apache Log4j being referred to as “Log4Shell.” This vulnerability has been classified as “Critical” with a CVSS score of 10, allowing for Remote Code Execution with system-level privileges. If you are currently working to identify instances of this vulnerability,...
Blog

Mitigating Industrial Production Risk with Tripwire

It seems that the most popular topics in cybersecurity for the last year have been zero trust as well as the convergence of Information Technology (IT) and Operational Technology (OT). These developments are good, as they signal some positive motion towards better overall security. Some of the current risks are worth noting, with a forward glance to...
Blog

VERT Threat Alert: December 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s December 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-978 on Wednesday, December 15th. In-The-Wild & Disclosed CVEs CVE-2021-43890 Up first this month is a vulnerability in the Windows AppX Installer that could allow spoofing. This...
Blog

A Bank SMS Text Phish Attempt

Phishing attempts over text messages are becoming more prevalent. I received an SMS text message that contained a phishing attempt for a Canadian Bank. The message implied that I have received a new notification with this bank and I should visit the provided link. I usually do not click on any links, but I decided to see what would happen when I...
Blog

Australia Leads with Controversial Cyber Laws

The Australian government is looking to pass the Security Legislation Amendment (Critical Infrastructure) Bill 2020, an overhaul which is aimed to help Australian businesses fend off cyberattacks. The Bill expands the business sectors that were previously defined as critical infrastructure by adding, amongst others, Food and Grocery, Finance and...
Blog

CIS Control 14: Security Awareness and Skill Training

Users who do not have the appropriate security awareness training are considered a weak link in the security of an enterprise. These untrained users are easier to exploit than finding a flaw or vulnerability in the equipment that an enterprise uses to secure its network. Attackers could convince unsuspecting users to unintentionally provide access...
Blog

The Cybersecurity Skills Gap: Myth or Reality?

Take a glance on social media on any given day, and we'll hear from commentators stating how there is a (cyber) skills gap and that it must be addressed if we are to meet the challenges we are all increasingly facing. Let's be clear about something before we continue. If we are saying that there is a skills gap, then there are organizations out...
Blog

State of Cybersecurity in Germany in 2021

According to Germany's Federal Office for Information Security (BSI), the country faces a grave and growing threat as society becomes more digitally connected and criminals more sophisticated. The BSI said threat levels have reached red alarm levels. Threat level increased BSI published their annual report “The State of IT Security in Germany in...
Blog

9-1-1 There's Been A Data Breach

In this episode, Lisa Forte, partner at Red Goat Cybersecurity, discusses what happens when organizations go unprepared for an inevitable cyber breach. She explains how practicing your breach plan is the best line of defense in preparing your strategy. https://open.spotify.com/episode/2JUS5UGeDwa1fIe5dzeYyl?si=hTjjNB7NTQGGgTmW0q5ZwQ Spotify:...
Blog

FluBot malware warning after 70,000 attacks launched over SMS

Finland's National Cyber Security Centre (NCSC-FI) has issued a warning about malicious SMS messages that have been spammed out to mobile users, directing iPhone owners to phishing sites and Android users to download malware. The messages are written in Finnish but without the customary accented characters. In some instances, the messages pose as a...
Blog

CIS Control 13: Network Monitoring and Defense

Networks form a critical core for our modern-day society and businesses. People, processes, and technologies should be in place for monitoring, detecting, logging, and preventing malicious activities that occur when an enterprise experiences an attack within or against their networks. Key Takeaways for Control 13 Enterprises should understand that...
Blog

Tripwire Patch Priority Index for November 2021

Tripwire's November 2021 Patch Priority Index (PPI) brings together important vulnerabilities for open-source software components and Microsoft. First on the patch priority list this month are patches for Open Management Infrastructure (CVE-2021-38648, CVE-2021-38647), Eclipse Jetty (CVE-2021-28164), and ExifTool (CVE-2021-22204). Exploits for...
Blog

National Computer Security Day: Tips for Securing Your Home Computers

Tuesday, November 30th, is National Computer Security Day. Although this special day has been around since 1988, many people are not only unaware of it, but are still also unaware of some of the basic security required for protecting their computing devices. The rise of remote work has stretched the security perimeters of all corporations, and...
Blog

Ghidra 101: Binary Patching

In this blog series, I will be putting the spotlight on useful Ghidra features you may have missed. Each post will look at a different feature and show how it helps you save time and be more effective in your reverse engineering workflows. Ghidra is an incredibly powerful tool, but much of this power comes from knowing how to use it effectively. ...