Crypto ransomware authors were really busy coining new samples, updating the existing ones and adopting novel techniques in September, just as they did in August and the months before it. Some of them opted for the use of pop culture themes in their victim interaction modules. Others started leveraging ‘autopilot’ offline encryption mode with no...

In the information age, an organization is nothing without its critical endpoints. Those network systems function as the cornerstones of a corporate IT network and, as such, are crucial to maintaining smooth business flow. Without them, a company could suffer fiscal and/or operational consequences. Critical endpoints come in many shapes and sizes....

What is the first question you ask when something goes wrong in your environment? A system goes down? Service isn’t performing as it should? You flip the switch but nothing happens? In November of 1988, something happened that forever changed IT security and exponentially increased the need to ask this question. That is when the Morris worm was...

SSL is a primary layer of defense on the Internet that makes it possible to have authenticated private conversations even over an untrusted network. Implementing a robust and secure SSL stack, however, is not trivial. Mistakes can lead to large attack surfaces, such as what we witnessed with OpenSSL when “Heartbleed” was discovered. In the wake of ...

The Mirai botnet has made plenty of headlines recently after launching record-breaking distributed denial-of-service (DDoS) attacks against the website of well-known security journalist Brian Krebs. Earlier this month, hackers publicly released the source code of the Internet of Things (IoT) botnet powered by easily hacked routers, IP cameras and...

A Facebook Messenger trojan known as "Eko" is targeting French users of the social networking site via private message (PM) scams. The malware takes the form of a common Facebook scam type: a fake video of the recipient captured by one of their social media friends. It even uses the recipient's profile picture and name to add a sense of plausibility...

One of my tasks here at Tripwire is to capture, understand and track security issues in our software products. Generally, I think of this as a kind of "technical debt" called "security debt." Like any kind of debt, the first step to managing and reducing it is identifying it. In my mind, this is something that is essential for a company producing...

We at The State of Security kicked off National Cyber Security Awareness Month (NCSAM) 2016 with a review of how companies can defend against common IT security threats. In one guide, we discussed how organizations can leverage their people, processes and technologies to protect against the likes of phishing and other risks. We then crafted...

As most of you already know, October is National Cyber Security Awareness Month (NCSAM). The aim of NCSAM is to raise awareness across the international community about cyber threats, discuss best practices, and educate the public and private sector on how to stay safe online. Cyber Security is promoted extensively during this month, and many events...

London authorities have charged a member of a European ATM malware gang with conspiracy to defraud. The City of London Magistrates Court officially charged Emanual Leahu, 30, of Bacau, Romania on 30 September, though the City of London Police didn't announce the charges until 4 October. Officers with the London Regional Fraud Team (LRFT), which is...

Every October, the Department of Homeland Security (DHS) acknowledges National Cyber Security Awareness Month (NCSAM) to help individual users and companies stay safe online. All NCSAM themes are connected by a single point of understanding: cyber security is a personal matter. As such, it often takes a person-centric approach to mitigate IT...

It has been a long time since Yahoo has been number one in any market, but in September 2016, it "achieved" a new distinction: the single largest public data breach in human history. The numbers are astonishing, with tectonic shift-like potential implications for companies and organizations of all kinds: 500 million+ accounts affected $4.8...

Oh dear. It may very well be National Cybersecurity Awareness Month, but a new study suggests that many of the general public have thrown in the towel and given up. The detailed study, from the National Institute of Standards and Technology (NIST), suggests that the public is suffering from "security fatigue" and a feeling of helplessness when it...

Attackers are hacking WordPress sites and modifying core files in order to redirect legitimate visitors to malicious domains hosting spam. Sucuri Security analyzed the attack while helping a customer with their website. Bad actors had infected the site and modified it to redirect visitors to malicious domains, including “windows7keyonsale[dot]com...

Security experts have been warning companies and policymakers that systems protecting power utilities and other critical infrastructure are vulnerable to cyber attacks. Those intrusions could produce widespread damage, if they proved to be successful. In fact, as reported by Dark Reading, the Industrial Control Systems Cyber Emergency Response Team ...

TorrentLocker, a ransomware family member, is a type of file-encrypting ransomware that significantly infected Windows operating systems. It was first observed in February 2014 and released in late August 2014. Later, it released with five new major releases. TorrentLocker encrypts the victim's data files by using a symmetric block cipher AES and...

Facebook has added end-to-end encryption in Facebook Messenger but there are a few caveats that people need to be aware of. The first is that current messages are not encrypted. You will need to start a new message in order to enable this new option. It’s also important to note that encrypted messages are not available via Facebook but only found...

A misconfigured database exposed the passwords and login details of 1.5 million people who have signed up for multiple dating websites. The MacKeeper Security Research Center spotted an unprotected MongoDB instance owned by C&Z Tech Limited, a New Zealand-based company which operates several...

"If you have done well in whatever business you are in, it's your duty to send the elevator back down and try to help bring up the next generation of undiscovered talent." As someone who has been in the security industry for over a decade, this quote from Kevin Spacey resonates with me. I have found the information security field to be particularly...

On September 26, 2016, I received my final notice of my Certified Information Systems Security Professional (CISSP®) designation. My path to certification really began in 1996 when I first stepped into the computer world, but my decision to pursue certification began with a conversation that took place at NolaCon in 2015. I was chatting with a...