Blog

Blog

Attackers vs. Hackers – Two *Very* Different Animals

The cybersecurity industry is more well-informed than most, but even so, misconceptions arise and spread, helped along by the fact that the rise in cybersecurity incidents has led to substantial “pop culture” intrigue with all things cybersecurity. One of the more harmful of these misconceptions is the conflation of “hacker” and “attacker,” terms...
Blog

VERT Threat Alert: November 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s November 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-915 on Wednesday, November 11th. Note: Microsoft has changed their advisory format and no longer provides basic vulnerability descriptions.In-The-Wild & Disclosed CVEsCVE-2020-17087This CVE...
Blog

What is Policy Compliance? Four Tips to Help You Succeed

Policy compliance within the information security space can be an exhausting concept to wrap our heads around. Writing a policy document, publishing it to staff and then staying hands-on to ensure it is followed in perpetuity is easily seen as an arduous, if not an impossible, task. Policies set the basis for every successful information security...
Blog

Computer Manufacturing Company Compal Discloses Security Incident

Computer manufacturing company Compal Electronics announced that it had suffered a security incident involving some of its systems. Qingxiong Lu, deputy manager director of Compal, told United News Network on November 9 that the company had experienced a security incident. In his explanation of the event, Qingxiong identified that the incident had...
Blog

Lessons from Teaching Cybersecurity: Week 6

As I had mentioned previously, this year, I’m going back to school. Not to take classes, but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to...
Blog

CISA Strategy for 5G Security and Resilience

In August 2020, the Cybersecurity and Infrastructure Security Agency (CISA) released its strategy to ensure the security and resilience of 5G infrastructure in the United States. Roughly every 10 years, the next generation of mobile communication networks is released, bringing faster speeds and increased capabilities. The fifth generation (5G) of...
Blog

Ransomware Gangs Not Honoring Ransom Payments for Stolen Data

Security researchers observed that multiple ransomware gangs are not honoring the ransom payments received from victims for their stolen data. In its Quarterly Ransomware Report for Q3 2020, Coveware revealed that almost 50% of crypto-malware cases involved the threat to publish unencrypted data stolen from victims in addition to the use of...
Blog

Capcom hacked. Resident Evil game developer discloses cyber attack

Japanese game developer Capcom has revealed that it suffered a security breach earlier this week which saw malicious hackers access its internal systems. The maker of such well-known video games as "Resident Evil" and "Street Fighter" disclosed in a short press release that in the early hours of Monday some of its networks "experienced issues" that...
Blog

Building a Security Alliance with Your Cloud Partners

As more infrastructure is moved to the cloud, there are many opportunities to reconsider your security stance and relationships to build ever stronger and more secure IT solutions whilst reducing your security costs. In this post, I’m looking to explore some ways that you can build out your alliances to be better prepared and battle-worthy on the...
Blog

REvil Ransomware Gang Acquire Source Code for KPOT 2.0 Infostealer

The operators of REvil ransomware came into possession of the source code for the KPOT 2.0 information-stealing malware variant. ZDNet reported that UNKN, a member of the REvil ransomware gang, acquired the source code for KPOT 2.0 in an auction announced by the malware's author back in mid-October. https://twitter.com/pancak3lullz/status...
Blog

3 Steps to Building a Resilient Incident Response Plan

According to the Accenture State of Cybersecurity 2020 report, the average cost of a cyber attack for 'non-leaders' stands at $380,000 per incident. The report classifies organizations into ‘leaders’ and ‘non-leaders.’ The ‘leaders’ are those who set the bar for innovation and achieve high-performing cyber resilience. Given the rate of cyber attacks...
Blog

Tripwire Patch Priority Index for October 2020

Tripwire's October 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Apple, Adobe, and Oracle. First on the patch priority list this month is a very high priority vulnerability in Oracle WebLogic Server. The vulnerability is within the Console component of Oracle WebLogic Server, and it can be exploited...
Blog

N-Day Vulnerabilities: How They Threaten Your ICS Systems' Security

In the last quarter of 2019, researchers at ClearSky uncovered an attack operation that they dubbed the “Fox Kitten Campaign.” Iranian actors used this offensive to gain persistent access into the networks of dozens of companies operating in Israel and around the world across the IT, telecommunication, oil and gas, aviation, government and security...
Blog

A WebLogic Vulnerability Highlights the Path-Based Authorization Dilemma

A WebLogic server vulnerability fixed by the October CPU has come under active exploitation after a Vietnamese language blog post detailed the steps needed to bypass authentication and achieve remote code execution on unpatched systems. Although there have been a series of actively exploited WebLogic deserialization bugs, the exploit payload in this...
Blog

Ordell Robbie, Tripwire and Security Configuration Management.

ORDELL: Take the keys, man. Listen to music. LOUIS: Which one is for the car? (Ordell finds it. While he goes through the keys, Vicki comes back on the line.) (Max speaks with her as he fills out his papers.) ORDELL: (holding a key) This one's for the ignition... (holding a little black box) ... but you gotta hit this thing to shut the alarm...
Blog

5 Lessons Learnt from BJJ that Are Applicable to Cybersecurity

Over the last decade, I have focused quite heavily on technology and the cybersecurity space. I've been motivated to create a world that is more inclusive and safer. In 2019, I began a bit of a different journey. Whilst still motivated in a security point of view, this time, I focused on the physical side by beginning to train in Brazilian Jiu-Jitsu...
Blog

Lessons from Teaching Cybersecurity: Week 5

As I had mentioned previously this year, I’m going back to school. Not to take classes, but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to...
Blog

Maze Ransomware Gang to Shut Down Operations

Security researchers learned that the Maze digital crime gang is in the process of shutting down its ransomware operations. Bleeping Computer began hearing rumors of the shutdown in early September 2020. In an email conversation, a ransomware attacker told the computer self-help site that the Maze gang had stopped encrypting new victims in September...