Blog

Blog

Lessons from Teaching Cybersecurity: Week 6

As I had mentioned previously, this year, I’m going back to school. Not to take classes, but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to...
Blog

CISA Strategy for 5G Security and Resilience

In August 2020, the Cybersecurity and Infrastructure Security Agency (CISA) released its strategy to ensure the security and resilience of 5G infrastructure in the United States. Roughly every 10 years, the next generation of mobile communication networks is released, bringing faster speeds and increased capabilities. The fifth generation (5G) of...
Blog

Ransomware Gangs Not Honoring Ransom Payments for Stolen Data

Security researchers observed that multiple ransomware gangs are not honoring the ransom payments received from victims for their stolen data. In its Quarterly Ransomware Report for Q3 2020, Coveware revealed that almost 50% of crypto-malware cases involved the threat to publish unencrypted data stolen from victims in addition to the use of...
Blog

Capcom hacked. Resident Evil game developer discloses cyber attack

Japanese game developer Capcom has revealed that it suffered a security breach earlier this week which saw malicious hackers access its internal systems. The maker of such well-known video games as "Resident Evil" and "Street Fighter" disclosed in a short press release that in the early hours of Monday some of its networks "experienced issues" that...
Blog

Building a Security Alliance with Your Cloud Partners

As more infrastructure is moved to the cloud, there are many opportunities to reconsider your security stance and relationships to build ever stronger and more secure IT solutions whilst reducing your security costs. In this post, I’m looking to explore some ways that you can build out your alliances to be better prepared and battle-worthy on the...
Blog

REvil Ransomware Gang Acquire Source Code for KPOT 2.0 Infostealer

The operators of REvil ransomware came into possession of the source code for the KPOT 2.0 information-stealing malware variant. ZDNet reported that UNKN, a member of the REvil ransomware gang, acquired the source code for KPOT 2.0 in an auction announced by the malware's author back in mid-October. https://twitter.com/pancak3lullz/status...
Blog

3 Steps to Building a Resilient Incident Response Plan

According to the Accenture State of Cybersecurity 2020 report, the average cost of a cyber attack for 'non-leaders' stands at $380,000 per incident. The report classifies organizations into ‘leaders’ and ‘non-leaders.’ The ‘leaders’ are those who set the bar for innovation and achieve high-performing cyber resilience. Given the rate of cyber attacks...
Blog

Tripwire Patch Priority Index for October 2020

Tripwire's October 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Apple, Adobe, and Oracle. First on the patch priority list this month is a very high priority vulnerability in Oracle WebLogic Server. The vulnerability is within the Console component of Oracle WebLogic Server, and it can be exploited...
Blog

N-Day Vulnerabilities: How They Threaten Your ICS Systems' Security

In the last quarter of 2019, researchers at ClearSky uncovered an attack operation that they dubbed the “Fox Kitten Campaign.” Iranian actors used this offensive to gain persistent access into the networks of dozens of companies operating in Israel and around the world across the IT, telecommunication, oil and gas, aviation, government and security...
Blog

A WebLogic Vulnerability Highlights the Path-Based Authorization Dilemma

A WebLogic server vulnerability fixed by the October CPU has come under active exploitation after a Vietnamese language blog post detailed the steps needed to bypass authentication and achieve remote code execution on unpatched systems. Although there have been a series of actively exploited WebLogic deserialization bugs, the exploit payload in this...
Blog

Ordell Robbie, Tripwire and Security Configuration Management.

ORDELL: Take the keys, man. Listen to music. LOUIS: Which one is for the car? (Ordell finds it. While he goes through the keys, Vicki comes back on the line.) (Max speaks with her as he fills out his papers.) ORDELL: (holding a key) This one's for the ignition... (holding a little black box) ... but you gotta hit this thing to shut the alarm...
Blog

5 Lessons Learnt from BJJ that Are Applicable to Cybersecurity

Over the last decade, I have focused quite heavily on technology and the cybersecurity space. I've been motivated to create a world that is more inclusive and safer. In 2019, I began a bit of a different journey. Whilst still motivated in a security point of view, this time, I focused on the physical side by beginning to train in Brazilian Jiu-Jitsu...
Blog

Lessons from Teaching Cybersecurity: Week 5

As I had mentioned previously this year, I’m going back to school. Not to take classes, but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to...
Blog

Maze Ransomware Gang to Shut Down Operations

Security researchers learned that the Maze digital crime gang is in the process of shutting down its ransomware operations. Bleeping Computer began hearing rumors of the shutdown in early September 2020. In an email conversation, a ransomware attacker told the computer self-help site that the Maze gang had stopped encrypting new victims in September...
Blog

5 Essential Steps to Improve Cybersecurity Maturity

From small- and medium-sized organizations to large enterprises, every business is under continuous threat of security risk in today’s digital world. With the growing digital footprint and cloud adoption, organizations continue to experience sophisticated cyberthreats that hold the potential to disrupt business continuity. A vast majority of these...
Blog

President Trump's Campaign Website Defaced by Cryptocurrency Scammers

Unknown individuals temporarily defaced the official campaign website of President Donald Trump with a cryptocurrency scam. Twitter user Gabriel Lorenzo Greschler was among the first to spot the defacement, which is believed to have occurred at around 16:00 PST on October 27. https://twitter.com/ggreschler/status/1321225292837367809 As reported by...
Blog

How Containers Support the IT-OT Convergence

The worlds of information technology (IT) and operational technology (OT) are colliding. In July 2019, Automation.com cited a survey finding where 82% of respondents told Forrester and Nozomi Networks that their organizations were in the early stages of an IT-OT convergence. Some said their organizations were embracing this meeting more fully. This...
Blog

4 Considerations for a Secure Cloud Environment

Digital attackers are increasingly turning their attention to the cloud. According to the 2020 Trustwave Global Security Report, the volume of attacks targeting cloud services more than doubled 7% in 2018 to 20% a year later. This growth made cloud services the third most-targeted environment after corporate and e-commerce at 54% and 22%, respectively...
Blog

Amazon Discloses Security Incident Involving Customers' Email Addresses

Amazon informed some of its customers about a security incident that involved the unauthorized disclosure of their email addresses. News of the security incident emerged over the weekend of October 23 when multiple users took to Twitter to voice their confusion over an email they had received from Amazon. In an email notification obtained by...