Blog

Blog

What are Product Security Incident Response Team (PSIRT) Best Practices?

In my previous post, I disclosed that SonicWall had quietly released vulnerability fixes over the course of several days before vulnerability advisories were published for CVE-2020-5135. Rather than properly fixing CVE-2020-5135, SonicWall’s fix introduced a new vulnerability in the same code. SonicWall was aware of the new vulnerability but...
Blog

VERT Threat Alert: July 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s July 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-954 on Wednesday, July 14th. In-The-Wild & Disclosed CVEs CVE-2021-34527 The vulnerability dubbed PrintNightmare was patched prior to the Tuesday patch drop, but it is still worth including...
Blog

Protecting Your Business Against Malware in the Cloud

There are multitudes of advantages that the cloud has to offer to companies. These include making the task of security management more accessible. However, there are still many gray areas associated with the cloud and its implications for an organization's overall security. With the widespread implementation of cloud-based computing within...
Blog

Tripwire Patch Priority Index for June 2021

Tripwire's June 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Cacti, Docker, Adobe, and Microsoft. First on the patch priority list this month are patches for Microsoft SharePoint (CVE-2021-31181), Cacti (CVE-2020-14295), and Docker (CVE-2019-5736). Exploits for these vulnerabilities have been recently added to the...
Blog

The False Identity Frenzy and the Need for Authentication

Emil Sayegh, president and CEO of Ntirety, unpacks the issue of inauthentic identities opening doors to untraceable, fake social accounts and the impact that it has on society. Emil is a cloud visionary and is known as one of the "fathers of OpenStack." https://open.spotify.com/episode/6I4Voxz3682NpA0geZpbLQ?si=2630c8fda2f74f32 Spotify: https:/...
Blog

Lazarus gang targets engineers with job offers using poisoned emails

Security researchers at AT&T Alien Labs report that a notorious hacking group has been targeting engineers working in the defence industry. In recent months there have been a series of reports of malicious emails that use the disguise of a job offer to target defence contractors in the United States and Europe. Attached to the emails are Word...
Blog

98% of Infosec Pros Say Multi-Cloud Environments Create Additional Security Challenges, Reveals Survey

Organizations have multiple reasons for embracing a multi-cloud strategy. First, it enables them to avoid “vendor lock-in” where they need to rely on a single vendor for all their cloud-based needs. Second, it empowers them to take advantage of the perks offered by several cloud service providers at once. Lastly, such a strategy helps to protect them...
Blog

What is Asset Discovery? A Look Beneath the Surface

The corporate network can be a busy place with devices connecting, reconnecting and disconnecting every day. With the ever-growing landscape of today’s corporate networks, the difficulty of knowing and understanding what is on an enterprise network has highlighted the importance of effective asset discovery. So what does asset discovery involve?...
Blog

The Rundown on Google’s Cloud Security Foundations Guide

Google recently released the new Cloud Security Foundations Guide. We’re going to take apart Google’s guide and show you what’s worth looking into. First, an introduction. “This comprehensive guide helps you build security into your Google Cloud deployments.” - Google What’s going on: Google Cloud Services are out there, being deployed in the...
Blog

Bringing Governance, Risk, and Compliance to Life

I was recently asked to host a round table discussion on ‘Governance, Risk and Compliance' (GRC), and I have to admit I was more than a little excited. Why? Because the other people around the table were leading lights in the world of Cybersecurity, Risk and Resilience, and I was looking forward to exploring how a GRC framework can work across...
Blog

Protecting Your Online Privacy: Three Levels of Security

Data leaks happen once every few months at least. Millions of users can have their phone number, address, and Social Security Number smeared across the internet in a matter of seconds. Your online browsing behavior is also sold legally by tech companies to the highest bidder. Ever seen an ad that is a little too specific? Most major tech companies...
Blog

The Aviation Industry Needs to Move Towards Cyber Resilience

2021 is a significant year for aviation. It marks the 20th anniversary of the 9/11 attacks, the worst acts of unlawful interference in the history of aviation. It is also the Year of Security Culture for the ICAO community, which aims to enhance security awareness and foster a security culture throughout the industry. The importance of understanding...
Blog

Anticipate, Respond & Adapt: Organizational Resilience

Gary Hibberd, professor of communicating cyber for Cyberfort and former head of business continuity and information security at various companies, teaches the importance of building resilience in your organization not just with technology but also with people and processes. https://open.spotify.com/episode/3jR9SJrjzjRqRZZYfqoXy2 Spotify: https:/...
Blog

Cybersecurity Challenges in the Construction Industry

Digital transformation is at the heart of every industry. There are no longer any industries that are immune to the rapid adoption of this movement. When we think of the construction industry, we may think back to an image of ironworkers sitting over a city and enjoying a lunch break on a construction beam. However, rapid digitalization has...
Blog

Cyber Workforce: Gender Diversity Challenges

Over the years, there have been many news headlines, policy reports, white papers, and corporate newsletters that have highlighted cybersecurity workforce challenges; namely, the global shortage of cybersecurity professionals. Some of the challenges involved in achieving a more desirable cyber workforce include addressing the barriers to entry for...
Blog

On the Importance of Protecting U.S. Pipeline Owners and Operators

In the beginning of May, a U.S. pipeline company suffered a ransomware attack. The company decided to respond by halting operations while it investigated the incident. This delayed tens of millions of gallons of fuel from reaching their destination all along the East Coast. Less than a week later, Bloomberg reported that the company had paid...
Blog

Analyzing SonicWall’s Unsuccessful Fix for CVE-2020-5135

Back in September 2020, I configured a SonicWall network security appliance to act as a VPN gateway between physical devices in my home lab and cloud resources on my Azure account. As I usually do with new devices on my network, I did some cursory security analysis of the product and it didn’t take long before I had identified what looked like a...