Blog

Blog

Paid Online Survey Site Breached, 6 Million User Accounts Stolen

Hackers have reportedly stolen account details for about six million users of CashCrate, a site that pays users for completing surveys online. According to a report by Motherboard, who obtained the database, the compromised data includes users email addresses, names, passwords and physical addresses. “Judging by timestamps in the stolen database,...
Blog

Phishing Campaign Stealing Money and Data from Industrial Companies

An ongoing targeted phishing campaign is making off with industrial companies' money and sensitive corporate information. In October 2016, Kaspersky Lab identified a spike in the number of malware infection attempts received by customers with industrial control systems (ICS) installed. The malware arrives via well crafted phishing messages that...
Blog

Newbie Retailer's Guide to E-commerce Security

Don’t think security impacts sales? Think again. A secure web environment ensures the protection of customer data, but it also makes for a fast and optimized website that drives conversions. An unsecured web environment will be slow, frequently unresponsive, and even dangerous. Opening your first online store is an exciting milestone, and security...
Blog

TrickBot Uses "Service Update" Windows Task in a Grab for Persistence

TrickBot malware is using a Windows Task named "service update" in an attempt to evade detection and maintain persistence on infected endpoints. The refinement is part of a new wave of phishing emails that distribute the botnet trojan, a threat which shares many characteristics with Dyre. These emails all come with PDF documents containing an...
Blog

VERT Threat Alert: June 2017 Patch Tuesday Analysis

Today’s VERT Alert addresses the Microsoft June 2017 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-729 on Wednesday, June 14th. In-The-Wild & Disclosed CVEs CVE-2017-8543 According to Microsoft’s Security Guidance, they are aware of in-the-wild exploitation against CVE-2017-8543, a code...
Blog

How a Single Email Stole $1.9 Million from Southern Oregon University

Southern Oregon University has announced that it is the latest organization to fall victim to a business email compromise (BEC) attack after fraudsters tricked the educational establishment into transferring money into a bank account under their control. According to media reports, the university fell for the scam in late April when it wired $1.9...
Blog

Talent Shortage Sanity Check

I saw yet another security talent shortage article this weekend and thought: it’s just another sad cyb song wrecking my brain. New college graduates and people in career transitions who are struggling to land an entry-level role email me almost daily asking some variation of this question: If there is such a shortage, why are companies refusing to...
Blog

Women in Information Security: Heather Butler

As a woman who works in cybersecurity, I think it's very important to encourage more women and non-males to enter our field. I've had the pleasure of speaking to many female and non-male information security professionals. Last time, I spoke to Jennifer Sunshine Steffens, the CEO of IOActive. This time, I speak to Heather Butler. She works in a key...
Blog

What Does the Future Hold for Ransomware?

The recent WannaCry ransomware attack left thousands of businesses in more than 150 countries worldwide reeling, with countless Internet users coerced into paying a Bitcoin ransom in the hope they'd regain access to their critical files. For all the advances that have been made by IT security providers to halt such malicious online activity, the...
Blog

GDPR – Good Times Ahead for Cybercriminals

Just as GDPR will bring more focus (we hope) to cybersecurity at organizations around the world, the emphasis on protecting personal private information (PII) of EU/UK citizens – no matter where the company resides – will make this information more valuable to cybercriminals. One of the first rules of cybercriminals is they will not miss an...
Blog

Encryption: The GDPR Standard That's Got Web Privacy Services Hopeful

Businesses now have less than a year to achieve compliance with the General Data Protection Regulation (GDPR). As part of their efforts, organizations must look to Article 32 of the Regulation. This section affirms the data controller's and processor's responsibility to leverage "the pseudonymisation and encryption of personal data" to protect...
Blog

What the hacking of Gordon Ramsay’s email teaches us all

It doesn't matter if you're a regular computer user, the chairman of Hillary Clinton's presidential campaign , or a notoriously short-fused celebrity chef, we all need to harden the defences of our email accounts. Tabloid readers should know that all too well, having seen plenty of stories over the years of intimate photos stolen from Hollywood...
Blog

WannaLocker - The WannaCry Copycat Targeting Android Users in China

Attackers are using a copycat version of WannaCry ransomware dubbed "WannaLocker" to target Android users living in China. WannaLocker has been targeting Chinese gaming forms disguised as a plugin for King of Glory, a popular Chinese game. Upon installation of this fake add-on, the threat conceals its icon from the Android app drawer and changes the...
Blog

Turla Using Instagram Comments to Obtain C&C Servers

The Turla threat actor group is using comments posted on Instagram to obtain command and control (C&C) servers for its watering hole campaigns. For years, Turla has been targeting government officials and diplomats with watering hole techniques. Such attacks involve compromising websites its targets are likely to visit and redirecting them to its C...
Blog

VERT Research: A Security Review of Freelance Web Development

Back in June, Robert Hansen posted an interesting write-up[1] on his Smartphone Exec blog about outsourced web development that was returned with multiple embedded PHP backdoors. While this betrayal of trust by a freelance web developer shouldn’t have been surprising, it was, and it prompted Tripwire’s Vulnerability and Exposure Research Team (VERT)...
Blog

14-Year-Old Japanese Teen Arrested for Allegedly Creating Ransomware

Japanese authorities arrested a 14-year-old teen on Monday for allegedly creating and spreading ransomware. According to reports, the third-year junior high school student is suspected of combining free encryption programs to create the malicious software. The teenager admitted to creating the malware on Jan. 6 and uploading it to a foreign website,...
Blog

Ordinary People Need Cryptography

With the British election this June, cryptography on the internet is a hot topic. This past March, British Home Secretary Amber Rudd criticized WhatsApp's implementation of encryption in the wake of a terrorist attack: "It is completely unacceptable. There should be no place for terrorists to hide. We need to make sure that organisations like...
Blog

May 2017: The Month in Ransomware

May 2017 shaped up to be the busiest ransomware month to date. The bare statistics speak for themselves: a total of 79 new strains came out and 38 existing ones received updates. Extortion-based cybercrime is obviously more prolific and ubiquitous than ever. Last month, the world confronted the unprecedented WannaCry ransomware epidemic employing...