Blog

Blog

Signs of Phishing: Protecting Yourself During the Holidays

I recently wrote about phishing around the holidays and while I was working on the piece, I noticed a couple of friends posting recent emails on Facebook. I thought it might be fun to dig a bit deeper into those emails and look at the telltale signs that indicate these are phishing attempts. Signs of Phishing - Example #1 ...
Blog

Farewell, Mr. Robot

This is the third and last blog I will write for State of Security on the topic of the groundbreaking, maverick TV series ‘Mr Robot.’ As this week, the credits rolled one final time on the show's mind bending and utterly bizarre (even by its own standards) conclusion. A lot has changed since the first season aired, both for cybersecurity and the...
Blog

PayPal Phishing Scam Tries to Steal Much More than Login Credentials

A newly discovered PayPal phishing scam attempts to steal much more than just a user's login credentials for the online payments service. Slovakian security firm ESET observed that the scam began by targeting users with an attack email warning them of unusual activity involving their account. The email urged recipients to click on an embedded link...
Blog

Is Your Company Suffering from Supplier Stockholm Syndrome?

That phrase came to me many years ago when working on a multi-million pound IT outsourcing deal. We were up to our necks in the finer points of platform-wide and stack-deep security, and I realised we were fighting amongst ourselves more than challenging the final competing vendors. This infighting was partly due to the large amount of IT staff in...
Blog

Top Cloud Security Resources: Certifications, Events and Social Media

Context setting: In my first article on cloud security, I talked about the journey to cloud migration. What are the things you need to consider when planning the big move? To realize the full value of this post, you must have already identified the motivations for migration and the locations of some resources you can use to enhance your security...
Blog

Worst Passwords List Reveals "123456" to Still Be Top Offender

A list of some of the worst passwords for 2019 revealed that users continue to turn to "123456" above all of the other ill-advised combinations. In total, TeamsID published 50 of the worst passwords used during the past year. The top 15 of these are presented below: 123456 123456789 qwerty password 1234567 12345678 12345 iloveyou 111111 ...
Blog

Looking to Drive down the Cost of Doing Business? Use Managed Services

Businesses are always looking for ways to control and reduce the cost of doing business as well as gain a competitive advantage over their respective competitors. The constant pressure of doing more with less has introduced many offerings designed to reduce the cost and complexity of the IT/OT infrastructures that support the business. Let’s take a...
Blog

Navigating ICS Security: The Threat Landscape

Whilst working for a management consultancy, I learned a lot more about industrial control systems (ICS) than I ever imagined I would. In many cases, this wasn’t from working on them directly; it was from simply speaking to the technicians and reading documentation. Oftentimes, we have the false belief that our systems are safe from compromise...
Blog

Poison Frog Malware Samples Reveal OilRig's Sloppiness

An analysis of a new backdoor called "Poison Frog" revealed that the OilRig threat group was sloppy in its development of the malware. Kaspersky Lab came across Poison Frog while scanning its archives using its YARA rule to hunt for new and old malware samples employed by OilRig. It launched this investigatory effort shortly after crackers operating...
Blog

What Does Integrity Monitoring Have To Do With Security Anyway?

After spending several decades in this industry, I have seen growth in many different security products and in many different areas. All the while, I've questioned whether specific technologies were offering real value or were just over-marketed to create more revenue opportunities for investors. As we have seen repeatedly, categories of security...
Blog

Companies That Request PII From Vendors Must Protect It

In my line of work, it is often a requirement to provide our customers with background information on the employees who will be performing on-site professional services. This is not in itself an issue, but how the customer receives and handles that information can be. Tripwire best practice is for HR to provide an attestation of all requested...
Blog

Medical Care at NJ Hospital Disrupted by Ransomware Attack

A New Jersey hospital said that it was forced to cancel some surgeries and other medical procedures after falling victim to a ransomware attack. Hackensack Meridian Health, a non-profit health care center based in Edison, New Jersey, revealed to the Wall Street Journal (WSJ) that the attack began on...
Blog

Social Engineering the Silver Screen: Home Alone Edition

I have wanted to do a series like this for some time. I frequently watch movies and point out social engineering and OSINT techniques or inaccuracies as well as OPSEC blunders. These blunders, in addition to the matrix style waterfall screens, are equally bad as the "hacking" you see in movies. So, let's level the playing field about the specific...
Blog

Government Procurement Services Targeted in Phishing Campaign

Researchers discovered a phishing campaign which attackers designed to harvest login credentials from government procurement services. According to Anomali Labs, malicious actors crafted their campaign to target various services used by public and private entities to match buyers and sellers of government services. They did so by directing...
Blog

Waco water bill attack just the latest in a wave of Click2Gov breaches

The City of Waco has warned residents that their online payments for water services may have been intercepted by hackers who stole credit card details. The heart of the problem lies in the third-party online payment software that Waco and several other cities and municipalities use to let residents pay their bills, pay parking fines, as well as make...
Blog

Finding a Good Vendor Partner: More than Technology

Finding a security vendor that is the best fit for your company’s business objectives, culture, risk profile, and budget is challenging today. The purpose of this blog is to suggest that working with a “vendor partner” is more than working with a standard technology vendor in that a partner aligns not only with “Technology” concerns but also with ...
Blog

VERT Threat Alert: December 2019 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s December 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-863 on Wednesday, December 11th. In-The-Wild & Disclosed CVEs CVE-2019-1458 A vulnerability in Win32k is currently seeing active exploitation that could give an attacker the ability to...