Blog

Blog

Software Monitoring for NERC CIP Compliance: Part 2

In Part 1 of this series, I walked through the background of the NERC CIP version 5 controls and outlined what needs to be monitored for NERC CIP software requirements. In this second half of the series, we’ll take what we’ve learned and explore approaches for meeting the requirements while considering security value. NERC CIP is supposed to be for...
Blog

Half a Million People Potentially Affected by Data Breach at Bankers Life

A data breach at Bankers Life might have compromised the personally identifiable information of over half a million people. On 25 October 2018, Fortune 1000 company CNO Financial Group, Inc. submitted a report to the Office for Civil Rights' Breach Portal at the U.S. Department of Health and Human Services. The report revealed an instance of...
Blog

HSBC Bank Notifies Customers of Data Breach

HSBC Bank sent a letter to an undisclosed number of customers informing them of a data breach that might have exposed their personal information. The California Attorney General's Office recently received a template of a letter that HSBC Bank sent out to customers on 2 November. In the notice, the...
Blog

Statistics Canada Asks for Banking Information of 500,000 Canadians

Everyone knows that it’s not a matter of if your private information will be breached. It’s a matter of when. I don’t have much of an expectation of privacy these days. A search in the Amazon application on my iPhone means that I’ll start seeing Facebook ads for that item. Google maintains a timeline of my visits to various locations. Video cameras...
Blog

Watch Out for the "Programmer Who Cracked Your Email" Bitcoin Scam

The internet can be as dangerous a place as any. And every so often, it gets shaken up by some new threat that jeopardizes the safety of users across the globe. Thus, one of the latest scares that has come to our attention is that of the so-called “Programmer who cracked your email” Bitcoin scam. Exactly how serious this ‘scare’ is still remains to...
Blog

Software Monitoring for NERC CIP Compliance: Part 1

As organizations grappled with NERC CIP version 5, Tripwire learned along the way. In this series, I’ll cover the aspect of CIP that has come up the most in the last year: how to meet the software monitoring requirements. Software Inventory as a Security Control It is a simple question at first, but the more we peel back the layers, the more we...
Blog

Radiation Isn’t the Only Risk Associated with Medical Imaging Devices

As a patient moves down the small, loud tunnel of an MRI tube, CT scan, or other high-powered radiology device, it’s safe to assume they believe the diagnostic benefits outweigh the risk of radiation exposure (and a possible claustrophobic-induced panic attack). In fact, only after understanding – and accepting -- these risks is a patient permitted...
Blog

YAPBS – Yet Another Password Breach Scam

Back in July, I wrote about the sextortion scam that had been circulating for a while. A new wave was spreading, and I’d seen multiple people taking about it on my Facebook, so I figured putting pen to paper (I suppose today that is fingers to keyboard.) made sense. Today, my aunt reached out to share the latest scam email she's received, one that I...
Blog

How Vulnerable Is the Presidential Alert System?

Thanks to a new notification service launched by the United States government in 2018, the President now has the power to issue alerts to every citizen with a working cell phone. The technology for this service, known as the Wireless Emergency Alerts (WEA) system, has been around for a number of years and has been implemented for events like Amber...
Blog

Tripwire Patch Priority Index for October 2018

Tripwire's October 2018 Patch Priority Index (PPI) brings together the top vulnerabilities from libssh, Microsoft and Oracle. First on the patch priority list this month is an authentication bypass vulnerability in libssh. This vulnerability can be exploited remotely, and exploit code has recently been added to Metasploit. Next are patches for...
Blog

Redefining the Meaning of Operational Risk

The definition of "operational risk" is variable but it generally covers the risk of loss resulting from inadequate or failed internal processes, people and systems or from external events. I, however, want to re-examine this general definition, so that the definition of operational risk takes into account all the cybersecurity-related risks that...
Blog

Police Raid Illegal Call Centers Linked to CRA Phone Scam

There have been many scams that have utilized the phone system to gain access to funds or personal information from hardworking individuals. One of the most prevalent scams that seems to persist in both Canada and the United States is the tax agency scam. The Canada Revenue Agency (CRA) and the Internal Revenue Agency (IRS) were both victims of...
Blog

Kraken Ransomware Now Being Distributed by Fallout Exploit Kit

Kraken ransomware recently added the Fallout exploit kit as another means of reaching users and encrypting their information. Working with the Insikt group from Recorded Future, the McAfee Advanced Threat Research team found evidence that the authors of the ransomware had asked those behind Fallout to be added to the exploit kit. Fallout's...
Blog

5 Types of Malware Currently Affecting macOS

Mac malware, or macOS malware, exists contrary to the popular belief that Apple’s operating system is immune to online threats. Cybersecurity researchers have been closely observing the threat landscape only to conclude that malware infections targeting Mac devices have increased in 2018. Is Apple Losing Its Grip? According to statistics, Mac...
Blog

Women in Information Security: Claire Reckless

Last time, I had the opportunity to talk to Toronto’s own Jennifer Fernick. Somehow, she juggles graduate computer science studies with taking care of a bank’s cybersecurity. I couldn’t do that! This time, I had the honour of speaking with software tester Claire Reckless. Testing an application’s security and functionality is a vital cybersecurity...
Blog

The Masquerade Ball: Train Yourself to Detect Spoofed Files

Masquerading is a technique used in which a file name is maliciously named something similar to one which may be trusted. This specific technique is outlined in detail in the MITRE ATT&CK framework, as well. For example, a file named explorer.exe may seem more benign than one called explor3r.exe. However, file names may not be so easy to spot like...