Blog

Blog

BSidesSF 2016 Preview: Sweet Security

Securing the Internet of Things (IoT) has become increasingly difficult. Devices are often shipped with out-of-date operating systems and unmaintained code, which is littered with vulnerabilities. To add to the frustration, traditional security tools cannot be installed on many of these devices. For many users, especially home and SMBs, there are...
Blog

Tripwire at RSA Conference 2016: Cyberwar @ the Endpoint

Celebrating its 25th anniversary this year, the RSA Conference creates invaluable opportunities for attendees to connect with top security leaders, discover innovative technologies and deliberate the industry’s most pressing issues. With over 30,000 attendees, this annual event continues to help drive the information security agenda worldwide, and...
Blog

GitHarvester: Finding Data on GitHub

Even if you are not a developer, you should be familiar with GitHub. If you are not familiar, then consider this blog post your introduction. GitHub is a large cloud-based software repository that uses the git protocol. Creating a GitHub account is painless and free for anyone who is interested. You don’t even need to supply a valid email address to...
Blog

DevSecOps: The Marriage of SecOps and DevOps

IT and software development, departments that have historically had a somewhat contentious relationship, are on a collision course – and at the center of this convergence is security. The rapid adoption of public cloud infrastructure is enabling new levels of cost efficiency, business agility and development capability for organizations of all sizes...
Blog

Why is Change Detection so Important?

It’s the new byword in federal cyber security: “Act as though your network is already compromised.” But what does it mean? DHS’s big cybersecurity programs focus on solutions that either catch the bad guys at the perimeter (Einstein), or harden individual assets to make compromise more difficult (CDM investments in asset management, vulnerability...
Blog

Half of American Ransomware Victims Have Paid the Ransom, Reveals Study

Exactly half of all Americans who have fallen victim to ransomware have fulfilled the attackers' demands and paid the ransom. This is just one of the findings of Ransomware. A Victim's Perspective: A study on US and European Internet Users (PDF), a report conducted by Bitdefender in November of last year. For its study, the security firm spoke with...
Blog

BSidesSF 2016 Preview: Fuzz Smarter, Not Harder

Fuzz testing is one of the most powerful tools in the bug hunter’s toolset. At a basic level, fuzzing is the art of repeatedly processing crafted test inputs while checking for ill-effects, such as memory corruptions or information disclosures. One of the main advantages of fuzz testing is that it works 24x7 without a break and with no need for...
Blog

Avoid These 3 Mistakes in Secure Software Development

Developers today recognize the importance of secure software development. Indeed, security was one of the key topics at this month's DeveloperWeek conference in San Francisco. This level of focus should be applauded. At the same time, however, we must recognize that planning for secure software development is not the same thing as implementing it....
Blog

Hollywood Hospital Pays $17,000 to Ransomware Attackers

A hospital located in Southern California has paid $17,000 for the restoration of its system following a ransomware attack. News first broke last week about how staff at the Hollywood Presbyterian Medical Center began noticing issues in the hospital's IT system in early February. The Center decided to temporarily suspend its computer system, which...
Blog

Chess Lessons for Security Leaders

Since the Middle Ages, chess has been used to teach strategic and tactical concepts to military leaders. For the same reasons, chess can be a great tool for today’s security leaders. We’re going to take a look at the parallels between chess and security in a series of blog posts. In Part 1, we will consider the specific elements that make up the...
Blog

Contra-Cracking: How to Steer Kids Away from Malicious Hacking

In today's interconnected world, computer crime knows no age requirements. People of all ages are capable of committing malicious acts online. That includes teenagers. For example, in October 2015, a teenager allegedly breached the email account of CIA Director John Brennan. UK authorities now believe that they have arrested that same individual,...
Blog

Fighting Ransomware – More Bad News for Ransomware Authors

There’s so much doom and gloom in the security industry because of ransomware. And yet, occasional success stories inspire us to fight back. Last time we wrote about ten ransomware recovery cases. New ransom Trojan variants have surfaced ever since, including the one dubbed HydraCrypt. The operators of TeslaCrypt campaign pulled off defiant attacks...
Blog

Active Directory is Your Friend

Active Directory should be the single source of truth for user and account management. With Windows Server system penetration, it is surprising to note that a significant majority of Microsoft customers do not extend their user management processes into the Active Directory. This is a world where your employees are granted accounts on partners or...
Blog

Android users warned of malware attack spreading via SMS

Security researchers are warning owners of Android smartphones about a new malware attack, spreading via SMS text messages. As the team at Scandinavian security group CSIS describes, malware known as MazarBOT is being distributed via SMS in Denmark and is likely to also be encountered in other countries. Victims' first encounter with the malware...
Blog

How we Support Magicians, Fraudsters & Hackers

One advantage of running a small boutique consultancy is I get to steer the business activity towards subjects I personally find interesting. Throughout my career, I have always been fascinated with frauds and that is where my focus normally lies. It’s that magic-like performance for me that has a very similar feeling to the showmanship of great...
Blog

Cisco Patches 'Critical' ASA IKE Buffer Overflow Vulnerability

Cisco has patched a 'critical' buffer overflow vulnerability affecting the Internet Key Exchange (IKE) implementation in Cisco ASA. On Wednesday, the multinational technology company published a security advisory for CVE-2016-1287. First discovered and reported by researchers at Exodus Intelligence, the vulnerability could lead to a complete...