The term APT (Advanced Persistent Threat), like many other acronyms in the world of IT/Information/Cyber Security entered our vocabulary some years ago, along with other partnering phrases, such as Advanced Evasion Techniques (AET), which at the time took the headlines as something new. Whilst these new outlined logical dangers do serve up a very...

Tripwire has been getting more involved in connecting its products to threat intelligence services lately. I described the reasons why we care about threat intelligence, particularly STIX and TAXII, in my article last month: Why We Should Care About STIX & TAXII. My colleagues also talked in more specifics about some of the partners Tripwire is...

A security firm has identified a new type of malware that spams a mobile device’s contact list with SMS text messages touting fake Amazon gift card offers. According to an article posted on its blog, AdaptiveMobile states that the malware, dubbed ‘Gazon,’ is quickly becoming “one of the ‘spammiest’ mobile malware outbreaks seen yet.” Gazon employs a...

It was revealed this evening that Hillary Clinton was using a personal email account while serving as the secretary of state. This has raised a number of issues with regards to both compliance and security. Apparently, Clinton chose not to use a government-issued email address despite the Federal Records Act, which only applies to official email...

Financial gain or fraud was the primary driver of the 11,698 instances of insider privilege abuse – defined as any unapproved or malicious use of organization resources – in last year's Verizon Data Breach Investigations Report. Source: 2014 VDBIR A malicious insider can be detected in a number of...

A new phishing campaign has been targeting European users of the popular video streaming service Netflix. According to security researcher Jovi Umawing from Malwarebytes, the fake website – with the domain nefixx.co.uk – is nearly identical to that of netflix.co.uk, and even offers potential customers a "free trial." The malicious campaign prompts...

In the fall of 2014, Tripwire published a series on the 10 Most Wanted Hackers by the FBI. Each of those articles revealed the extent to which cyber crime has become more sophisticated and threatens online users’ information now more than ever. Given this growing threat, it is understandable that some might feel disheartened by the challenges...

Outsourcing critical aspects of our lives is nothing new. We trust banks to safeguard our money, even though many of us do not trust bankers. We trust taxi cab drivers with our lives, even if we do not know their first name. We do this not out of ignorance but because we trust the overall system that these components work within. With the...

Cyber criminals are phishing for customers’ sensitive information following a data breach at TalkTalk, a UK Internet service provider. In an email sent to its four million customers, TalkTalk confirmed that “in a small number of cases,” scammers might have compromised customers’ information. “We have now become aware that some limited, non...

Companies like mine, and consultants like me, have long been instructed and expected to pass on the mantra that the solution to security is compliance with standards and that being in compliance means you are secure. Having worked in the industry for more than a decade, I know that this is demonstrably not true. My hypothesis is that compliance and...

Computer manufacturer Lenovo has been under fire lately after news of an ad-injecting software, known as Superfish, was discovered to come pre-installed on some of its laptops. The issue, which was ongoing for several months, posed significant risk to affected users, as the software installed self-signed root certificates capable of intercepting...

Imagine coming into the office one day, and finding that visitors to your website are not only seeing messages and images posted by hackers, but that the attackers are also posting screenshots of private emails sent to your company on Twitter. That's the scenario Lenovo faces today—although there is no evidence that the PC manufacturer's own servers...

Attackers altered the domain name system (DNS) records for Lenovo.com on Wednesday, allowing them to spoof the computer manufacturer’s website and gain access to the company’s MX mail server records. Following the attack, users who visited Lenovo’s company page saw a teenager’s slideshow, with the song “Breaking Free” from Disney’s High School...

For the past several months, the major threats to mobile security, especially within large enterprises, have relied on exploiting one thing—iOS Enterprise Certificates. With this part of Apple’s framework seemingly a significant source of danger, we’re taking a look at iOS Enterprise certificates from a mobile security perspective. By examining...

If you’ve been following the drafts of this RFC, then nothing here will surprise you. The first draft was published on July 21, 2014, and, a short seven months later, RFC 7465 has been published. It’s a great idea for an RFC that I’d like to see used more frequently, but more on that in a moment. If you’re unfamiliar the term RFC, it stands for...

A “very high risk” vulnerability was recently discovered in the analytics plugin WP-Slimstat, potentially impacting more than one million websites operating the WordPress content management system. According to security researchers, the flaw was found to give attackers the capability of performing...

Recently, Tripwire published a study on the use of the term “cyber” in the United States’ National Security Strategy (NSS) documents. This analysis reveals that each NSS report has used the word “cyber” more frequently than its immediate predecessor. It also demonstrates how the meaning of “cyber” has diversified and evolved over time. I will now...

As someone who spends way too much time in Internet land, especially around the data protection and hacking crowd that I come across running a VPN review site, I wind up talking about hacker movies often. With Blackhat, starring Chris Hemsworth, stirring up interest in hacking movies again, we had a bit of a debate around the office. Not all hacker...

According to a recent report, companies are failing to properly patch and update their systems despite the disclosure of threatening vulnerabilities. The 2015 Cyber Risk Report (PDF) produced by HP analyzing last year’s threat landscape found that as many as 44 percent of breaches were the result of attackers leveraging a patched two- to four-year...

Updated Tuesday, Feb. 24, 2015, 2:11 PM: Added content for Tripwire Enterprise customers to find Samba in their environment. A major vulnerability (CVE-2015-0240) has been discovered in Samba, which is a widely used and distributed SMB/CIFS Linux/Unix application for interoperability with Microsoft Windows. Samba provides integration of Linux...