Blog

Blog

New ‘UDPoS’ Malware Exfiltrates Credit Card Details via DNS Server

Researchers have identified a new strain of point-of-sale (PoS) malware that impersonates a LogMeIn service pack to steal credit card data via a DNS server. According to security firm Forcepoint, the malware – dubbed "UDPoS" – is unusual in that it generates a large amount of UDP-based DNS traffic to exfiltrate magnetic strip payment card details. ...
Blog

Cryakl Ransomware Decryption Keys Released by Belgian Federal Police

The Belgian federal police has released free decryption keys for Cryakl ransomware following an international law enforcement operation. On 9 February, the European Union Agency for Law Enforcement Cooperation (Europol) announced the release of the keys through No More Ransom. The move represents the culmination of an investigation that involved...
Blog

Cryptomining Software Discovered on Tennessee Hospital's EMR Server

A Tennessee hospital discovered cryptomining software installed on a server that hosts its electronic medical records (EMR) system. In January 2018, Decatur County General Hospital began notifying patients of a incident involving its electronic medical record systems. Its breach notification letter (PDF) reveals the hospital first learned about the...
Blog

Swisscom data breach exposes 800,000 customers

Swiss telecoms giant Swisscom has admitted that it suffered a serious security breach in the autumn of 2017 that saw the theft of contact details of approximately 800,000 customers - most of whom were mobile subscribers. Data exposed during the breach included: Customers' first and last names Customers' home addresses Customers' dates of birth ...
Blog

Are You PCI Curious? A Short History and Beginner’s Guide

When I was a kid and we would go out to dinner, my dad would often pay using a credit card. The server would come over with an awkward, clunky device, put the credit card in it, and scan the card. By scan, I mean make an impression of the numbers on a piece of paper with a carbon receipt, which he would then sign and each party would get a copy. There were no wires, no electronic transmissions of...
Blog

Advanced Security in All Sorts of Places

There's a growing trend spreading through many different organizations in which automated and advanced security features are being developed, capabilities which were previously in the realm of more traditional security vendors. There’s now more security in more places than ever before, with much of it owing to infrastructure and software-as-a...
Blog

6 Common Cloud Security Myths Debunked for You!

You’ve probably been hearing about the cloud a lot, and with the increasing number of businesses moving their data online, it’s obvious that cloud computing and security are here to stay. With a number of benefits like data security, minimized risks, regulatory compliance, flexibility, round-the-clock availability, uninterrupted maintenance and...
Blog

Grammarly Fixes Vulnerability that Exposes Users' Documents

Grammarly has fixed a vulnerability that exposes users' documents created and saved within the platform's Editor interface. Tavis Ormandy, a Google computer security researcher who discovered a memory disclosure bug in CloudFlare’s reverse-proxy systems in February 2017, wrote up a security advisory about the Grammarly flaw on 2 February. In it, the...
Blog

Best Practices in Healthcare Information Security

Some of the most common phrases that come out of information security professional mouths include: “Well, that did not work” and “The project fell apart, and I don't know what I could have done better.” The pain of not knowing what security best practices your team can/should implement can cost the company time and money. It could also end up...
Blog

3 Simple Steps to Securing Your ICS Systems against Digital Threats

We live in a world where connectivity is key. It’s brought conveniences to our personal lives, and organizations are adopting it into the industrial world to boost productivity. Industrial control systems (ICS), which manage utilities like water, gas, and electricity, are one such example of this ongoing trend. Organizations are putting ICS systems...
Blog

Scammers Impersonating the FBI's IC3 to Distribute Malware, Steal PII

Scammers are impersonating the FBI's Internet Crime Complaint Center (IC3) in order to infect users with malware and/or steal their personally identifiable information (PII). On 1 February, the real IC3 issued a public service announcement warning users of three scams that are impersonating the multi-agency task force. Here's the FBI on the first...
Blog

Tripwire Patch Priority Index for January 2018

BULLETIN CVE Browser - Edge CVE-2018-0803,CVE-2018-0766 Scripting Engine CVE-2018-0780,CVE-2018-0800,CVE-2018-0767,CVE-2018-0781,CVE-2018-0769,CVE-2018-0768,CVE-2018-0778,CVE-2018-0777,CVE-2018-0758,CVE-2018-0773,CVE-2018-0770,CVE-2018-0776,CVE-2018-0774,CVE-2018-0775,CVE-2018-0772,CVE-2018...
Blog

Smominru! Half a million PCs hit by cryptomining botnet

Why go to all the bother of writing ransomware that demands victims pay a Bitcoin ransom? If all you want is cryptocurrency, why not use the infected computers to mine the crypto coins themselves? That way you don't have to rely on a human victim buying some Bitcoin, and nervously making their way onto the dark web to make their ransom payment....
Blog

Survey: How Well Will Organizations Respond To The Next Data Breach?

The European Union's General Data Protection Regulation (GDPR) goes into effect this May, and lawmakers in the U.S. are proposing stricter data breach legislation. With the pressure on to better protect data and improve notification procedures in the event of a data breach, Tripwire surveyed 406 cybersecurity professionals to see how prepared...
Blog

Is Your Financial Data Protected?

Security breaches are becoming more common. They occur most often in the United States (followed by the UK), exposing businesses and their customers to significant risks. Most recently, in December 2017, Kromtech uncovered a breach at Ai.Type with 577GB of data stolen. It's possible the incident exposed the information of 31 million customers. And...