Blog

Blog

Attackers Modifying Core WordPress Files to Redirect Visitors to Spam

Attackers are hacking WordPress sites and modifying core files in order to redirect legitimate visitors to malicious domains hosting spam. Sucuri Security analyzed the attack while helping a customer with their website. Bad actors had infected the site and modified it to redirect visitors to malicious domains, including “windows7keyonsale[dot]com...
Blog

Lessons from the Frontlines of Power Utility Attacks

Security experts have been warning companies and policymakers that systems protecting power utilities and other critical infrastructure are vulnerable to cyber attacks. Those intrusions could produce widespread damage, if they proved to be successful. In fact, as reported by Dark Reading, the Industrial Control Systems Cyber Emergency Response Team ...
Blog

TorrentLocker - Crypto-Ransom Is Still Active in Shadows

TorrentLocker, a ransomware family member, is a type of file-encrypting ransomware that significantly infected Windows operating systems. It was first observed in February 2014 and released in late August 2014. Later, it released with five new major releases. TorrentLocker encrypts the victim's data files by using a symmetric block cipher AES and...
Blog

End-to-End Encryption in Facebook Messenger

Facebook has added end-to-end encryption in Facebook Messenger but there are a few caveats that people need to be aware of. The first is that current messages are not encrypted. You will need to start a new message in order to enable this new option. It’s also important to note that encrypted messages are not available via Facebook but only found...
Blog

Sending The Elevator Back Down

"If you have done well in whatever business you are in, it's your duty to send the elevator back down and try to help bring up the next generation of undiscovered talent." As someone who has been in the security industry for over a decade, this quote from Kevin Spacey resonates with me. I have found the information security field to be particularly...
Blog

How I Became a CISSP – A Journey to Certification

On September 26, 2016, I received my final notice of my Certified Information Systems Security Professional (CISSP®) designation. My path to certification really began in 1996 when I first stepped into the computer world, but my decision to pursue certification began with a conversation that took place at NolaCon in 2015. I was chatting with a...
Blog

Keeping Your Privileged Users Aware

You know you’ve got them. Employees with nearly unfettered access to every nook and cranny of your organization’s network, devices and servers. While often a necessity in the digital age, privileged users represent a huge cybersecurity risk that you should not overlook. Employees who hold the “keys to the kingdom” are an appealing target for hackers...
Blog

VERT Vuln School – SQL Injection 103

Reminder: VERT Vuln School guides are published for educational purposes only. In our last post, we demonstrated how an attacker could leverage a classical SQL injection vulnerability in a web application to leak database information (by reflecting the result of the database queries onto the web application itself). In this post, we are going to...
Blog

MarsJoke Ransomware Made into Laughing Stock by Decryption Tool

MarsJoke ransomware once posed a serious threat to users, but not as much now that researchers released a decryption tool. Kaspersky Lab's Anton Ivanov, Orkhan Mamedov, Fedor Sinitsyn said they created the decryptor by exploiting a flaw in the ransomware's code. Specifically, MarsJoke uses a function "rand()" to randomly generate an array of...
Blog

$1.5 Million Reward Announced for Remote Jailbreak of iOS 10

A company is offering to pay 1.5 million USD to anyone who submits a remote jailbreak for Apple's iOS 10. On Tuesday, the exploit broker Zerodium made the announcement on Twitter: https://twitter.com/Zerodium/status/781516292901789696 Zerodium is well known for offering bug bounty rewards whose value dwarfs those offered by Apple, Google, and other...
Blog

Meet Sp@mLooper, the Bot that Will Spam Spammers Back for You

Everyone hates scams. That's because everyone's a target. As we all know, social media websites like Facebook, Twitter and LinkedIn are rife with fraudsters. Most of those scammers just want a few hundred dollars or access to their target's account. But some want more. Some try to steal their victim's identity, while others attempt to exploit a...
Blog

The Number One Reason Enterprises Fail to Attain Cyber Resilience

In my last blog post, I discussed the five levels of preparedness for cybercrime and remarked on the sad fact that the majority of enterprises are at the reactive or compliant levels. I also discussed that reacting to cybercrime is driven by attempting to deliver security, which is predominantly built upon an over-reliance on prevention capabilities...
Blog

Linux Security – The Next Big Target for Cyber Criminals

As the cyber security threats continue to evolve and expand upon both consumers and companies, we observe a shift from the traditional Trojans and Worms to more complex malware that can truly devastate a system. The contemporary viruses execute their payloads in stages and can dynamically affect different parts of the target system. The biggest...
Blog

Europol Warns of the Top 8 Cybercrime Trends in 2016

A new report released by Europol's European Cybercrime Center (EC3) warns of the eight main cybercrime trends that investigators have seen impact a growing number of citizens and businesses this year. The 2016 Internet Organised Crime Threat Assessment (IOCTA) found that the volume, scope and...
Blog

Why Is Endpoint Protection a Big Deal in ICS Environments?

In a previous blog post, ICS: Next Frontier For Cyber Attacks blog, I spoke about the cybersecurity posture of industrial control systems (ICS) and the enormous implications for such attacks. For industrial organizations, it means downtime and lost business. For individuals, it means potential safety issues and lost services. For society, it means...