Blog

Blog

The Top 10 Tips for Building an Effective Security Dashboard

Today, enterprises must grapple with a panoply of numerous and highly sophisticated threats. In response to this dangerous landscape, it is no wonder that businesses are increasingly turning to security dashboards – a powerful communication vehicle for all information security professionals. An effective security dashboard provides personnel,...
Blog

The Anatomy of a Sakawa Scam

The styles associated with Sakawa scammers have been highlighted in previous articles, but today I would like to describe the anatomy of a scam for people to be aware of just how they complete these wicked assaults on our inboxes. This could serve as a guide for Sakawa, but is intended to give insight. Nothing is new here – these guides are passed...
Blog

VERT IoT Hack Lab @ SecTor

The one-month countdown is on and I figured it was time for a reminder that Tripwire VERT will be at SecTor in the Expo area running an IoT Hack Lab. If you aren’t considering attending SecTor, you really should be. Even if you don’t want to attend the full conference, there’s an Expo Only admission that is free on their website until the start of...
Blog

$1M Bounty Announced for iOS 9 Exploits, Jailbreaks

A security firm has announced a one million dollar bounty in reward for anyone who submits exploits and jailbreaks for Apple's iOS 9 mobile operating system. In a blog post published on Monday, Zerodium officially unveiled "The Million Dollar iOS 9 Bug Bounty". "Apple iOS, like all operating system, is often affected by critical security...
Blog

Why Is Healthcare Data So Valuable?

Over the last year we've seen the healthcare industry become a motivating target for malicious actors attempting to take advantage of stolen healthcare data. This is a unique sector and completely different from organizations within the retail, financial or any other vertical for that matter. The difference here is when network connectivity and...
Blog

SYNful Knock: Opening the Door on Industry Ignorance

UPDATE 9/23/15: VERT has released a script based on FireEye's nping command to report if a host is affected or not. The script is available on the Tripwire VERT GitHub here. For IP360 customers, a variant of this is available as a custom rule. Please contact Tripwire Support or view the TechNote in TCC for details. I’ve always been a big fan of...
Blog

Systema Software Investigates Data Breach that Exposed 1.5M Users' Details

Systema Software, a provider of claims management software solutions, is investigating a breach that exposed the personal information of at least 1.5 million of its customers. According to The Register, insurers using Systema Software allegedly posted the names, addresses, phone numbers, medical records, and other personal information in the clear...
Blog

Exploring Third Party Risks to Network Security

My first few blog entries were written at a time when I had had a couple of prowler incidents at my house, and I wrote about how I installed security counter measures. After all this time, I was out maintaining the motion sensors, and it occurred to me I hadn't taken a look at my network security around the house lately and should put in some...
Blog

Seven Years of Cyber Espionage: F-Secure Unveils 'The Dukes'

Finnish security and privacy company F-Secure recently published a white paper exploring the activities of 'The Dukes,' a group of hackers that has been targeting Western-based governments think tanks, and other organizations for at least the past seven years. According to F-Secure's research, the group is known primarily for its use of advanced,...
Blog

Defensibility: Comparing OT and IT Environments

ICS networks have a lot of considerations. Policies and processes can hamper success. But they are far more defensible than IT networks. — Robert M. Lee (@RobertMLee) September 15, 2015 Sometimes a tweet can catch your attention in interesting ways. Robert's use of the term 'defensible' to describe ICS networks got me thinking about what makes an...
Blog

Banks Allowed to Bring Class Action Suit Against Target for 2013 Breach

Earlier this week, a U.S. judge ruled that banks can proceed with a class action suit filed against Target for a data breach that occurred in 2013. A U.S. District Court judge in St. Paul Minnesota affirmed Target's negligence in the data hack, which compromised upwards of 40 million credit cards. This decision enables the $5 million class action to...
Blog

Cyber Liability Insurance's Data Problem: Mining for Destruction

Cyber liability insurance is becoming an increasing necessity for businesses and could easily become a requirement similar to E&O insurance not just for large corporations, but also small- to medium-sized businesses. The challenge, however, is understanding how much coverage, as well as the scope of the coverage organizations need to properly offset...
Blog

Over 21 Million New Types of Malware Created in Q2 2015, Report Finds

A recent report by Panda Security revealed a record high in the creation of new malware samples, reaching more than 21 million new threats over the course of just three months. In the second quarter of 2015, the Spanish security firm saw an average of 230,000 new types of malware each day – an increase of 43 percent compared to the same period last...
Blog

Russian Hacker Pleads Guilty to Stealing 160M Credit Cards

A Russian hacker has pleaded guilty to stealing 160 million credit cards numbers and to attacking several large American companies. On Tuesday, Vladmir Drinkman, 34, admitted in federal court in Camden, New Jersey that he and four other individuals conspired to steal credit card numbers from Heartland Payment Systems Inc., 7-Eleven Inc., and the...
Blog

Smart Cross-Site Request Forgery (CSRF)

All too often, I find that vendors discount the risks associated with attack vectors involving cross-site request forgery (CSRF). Naturally, remediation of vulnerabilities involving user-interaction should generally take a back seat to those that are exposed to completely remote/unauthenticated exploitation, but that doesn’t mean it is OK to simply...
Blog

Will Quantum Computers Threaten Modern Cryptography?

Modern cryptography, including elliptic curve cryptography, is being used extensively for securing our internet payments, banking transactions, emails and even phone conversations. The majority of today's cryptographic algorithms are based on public-key encryption, which is considered to be secure against attacks from modern computers. Quantum...
Blog

Most Suspicious TLDs Revealed by Blue Coat Systems

In 1985, around the time that the Internet was just beginning to take shape, there were six top-level domains (TLDs) in existence. These were ".com", ".net", ".org", ".gov", ".mil", and ".edu". Along with some 100 country codes, those TLDs led the evolution of the web for over a decade. But then things changed. As the Internet continued to expand in...