Blog

Blog

Red Team v. Blue Team? They Are In Fact One – The Purple Team

Some people hate the red team. They think of them as the adversary, and at the extreme, people worry that their jobs are on the line. If any holes are found, network defenders worry it could be a mark on their competency. However, this should not be the case. Although it does not come across this way initially, the red team is leveraged to help the...
Blog

Computer Crime Never Pays, and These 5 Stories Prove It

It's no secret that some computer crime can generate a lot of money. For example, the author of Cerber ransomware relies on an affiliate system to distribute their creation. The malware developer collects only a fraction of the ransom payments, the average value of which usually amounts to around one Bitcoin. But even with just 0.3 percent of...
Blog

Hacker grabs over 58 million customer records from data storage firm

At least 58 million people have had their personal information published on the internet - including their names, dates of birth, email and postal addresses, job titles, phone numbers, vehicle data, and IP addresses - after a hacker stole a massive unsecured database. And, if you think that sounds bad, there may be yet more hacked data still to be...
Blog

POS Malware Infection Responsible for Data Breach at Vera Bradley

Vera Bradley has notified its customers that a point-of-sale (POS) malware infection at some of its retail store locations caused a data breach. The American handbag design company says the incident affected some payment cards used at several of its retail store locations between 25 July 2016 and 23 September 2016. There's no evidence to suggest the...
Blog

Targeted Attack Caused "Disruption" at Nuclear Plant, Confirms IAEA Chief

The chief of the International Atomic Energy Agency (IAEA) has confirmed a targeted attack caused "some disruption" at a nuclear power plant. Yukiya Amano, director of the IAEA, said the attack was not destructive, a term which some have used to describe the 2014 Sony hack because actors destroyed corporate data and denied employees access to some...
Blog

Eight Years of Hell, But No End in Sight for Victim of Cyber Stalker

Bad actors are continuously looking for ways to prey upon web users. Sometimes they turn to ransomware and other malicious software like remote access trojans to extort victims. Other times, they leverage the web's great wealth of information to hone in on a particular target, stalk their digital presence, and endeavor to make their lives a living...
Blog

Defeating Cybercrime with Awareness and Good Habits

Information security is a growing problem even in the protected, static environment of the business office. The challenges of securely accessing and storing data while traveling, however, are particularly acute, but they are manageable with (1) a high-level of awareness coupled with (2) a few good habits. Awareness Forget about hackers in the...
Blog

VERT Threat Alert: October 2016 Patch Tuesday Analysis

Today’s VERT Alert addresses 10 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-693 on Wednesday, October 12th. EASE OF USE (PUBLISHED EXPLOITS) TO RISK TABLE Automated Exploit Easy ...
Blog

September 2016: The Month in Ransomware

Crypto ransomware authors were really busy coining new samples, updating the existing ones and adopting novel techniques in September, just as they did in August and the months before it. Some of them opted for the use of pop culture themes in their victim interaction modules. Others started leveraging ‘autopilot’ offline encryption mode with no...
Blog

Two-Thirds of Orgs Don't Have a Strategy to Protect Their Endpoints, Study Reveals

In the information age, an organization is nothing without its critical endpoints. Those network systems function as the cornerstones of a corporate IT network and, as such, are crucial to maintaining smooth business flow. Without them, a company could suffer fiscal and/or operational consequences. Critical endpoints come in many shapes and sizes....
Blog

Change Management: The Foundation to Your Organization's IT Security

What is the first question you ask when something goes wrong in your environment? A system goes down? Service isn’t performing as it should? You flip the switch but nothing happens? In November of 1988, something happened that forever changed IT security and exponentially increased the need to ask this question. That is when the Morris worm was...
Blog

Flawed MatrixSSL Code Highlights Need for Better IoT Update Practices

SSL is a primary layer of defense on the Internet that makes it possible to have authenticated private conversations even over an untrusted network. Implementing a robust and secure SSL stack, however, is not trivial. Mistakes can lead to large attack surfaces, such as what we witnessed with OpenSSL when “Heartbleed” was discovered. In the wake of ...
Blog

Researchers Discover 500,000+ IoT Devices Vulnerable to Mirai Botnet

The Mirai botnet has made plenty of headlines recently after launching record-breaking distributed denial-of-service (DDoS) attacks against the website of well-known security journalist Brian Krebs. Earlier this month, hackers publicly released the source code of the Internet of Things (IoT) botnet powered by easily hacked routers, IP cameras and...
Blog

Eko Facebook Messenger Malware Targeting French Users via PM Scams

A Facebook Messenger trojan known as "Eko" is targeting French users of the social networking site via private message (PM) scams. The malware takes the form of a common Facebook scam type: a fake video of the recipient captured by one of their social media friends. It even uses the recipient's profile picture and name to add a sense of plausibility...
Blog

Managing Security Risk Introduced by Third-Party Libraries

One of my tasks here at Tripwire is to capture, understand and track security issues in our software products. Generally, I think of this as a kind of "technical debt" called "security debt." Like any kind of debt, the first step to managing and reducing it is identifying it. In my mind, this is something that is essential for a company producing...
Blog

Expert Advice on How to Create a Security Culture at the Workplace

We at The State of Security kicked off National Cyber Security Awareness Month (NCSAM) 2016 with a review of how companies can defend against common IT security threats. In one guide, we discussed how organizations can leverage their people, processes and technologies to protect against the likes of phishing and other risks. We then crafted...
Blog

Towards a Cyber Resilience Strategy

As most of you already know, October is National Cyber Security Awareness Month (NCSAM). The aim of NCSAM is to raise awareness across the international community about cyber threats, discuss best practices, and educate the public and private sector on how to stay safe online. Cyber Security is promoted extensively during this month, and many events...
Blog

ATM Malware Attacker Charged with Conspiracy to Defraud

London authorities have charged a member of a European ATM malware gang with conspiracy to defraud. The City of London Magistrates Court officially charged Emanual Leahu, 30, of Bacau, Romania on 30 September, though the City of London Police didn't announce the charges until 4 October. Officers with the London Regional Fraud Team (LRFT), which is...
Blog

Implementing a Password Security Policy at the Workplace for NCSAM

Every October, the Department of Homeland Security (DHS) acknowledges National Cyber Security Awareness Month (NCSAM) to help individual users and companies stay safe online. All NCSAM themes are connected by a single point of understanding: cyber security is a personal matter. As such, it often takes a person-centric approach to mitigate IT...
Blog

The Unforeseen Impact of Unforeseen Risk

It has been a long time since Yahoo has been number one in any market, but in September 2016, it "achieved" a new distinction: the single largest public data breach in human history. The numbers are astonishing, with tectonic shift-like potential implications for companies and organizations of all kinds: 500 million+ accounts affected $4.8...