Tag: The State of Security

Read the original article: Ransomware Characteristics and Attack Chains – What you Need to Know about Recent Campaigns Ransomware has been around for decades going back all the way to 1989. Since then it has only magnified in scope and…

Read more →

Read the original article: Nigerian National Extradited to United States on BEC Scam Charges A Nigerian national entered into the custody of the FBI to face charges of having targeted several U.S. companies with business email compromise (BEC) scams. On…

Read more →

Read the original article: Entry-Level Career Advice for Aspiring Cybersecurity Professionals If the global cybercrime forecast took the form of a weather report, it might go something like this: The extended outlook calls for continued online lawlessness, scattered malware attacks…

Read more →

Read the original article: Using “Update.exe” as a Case Study for Robust OT Cybersecurity In 2020, car manufacturer Honda fell victim to a ransomware attack. Using a payload called “update.exe,” the attack crippled Honda’s international customer service and Financial Services…

Read more →

Read the original article: Design & Implementation of OEM ICS Cybersecurity Frameworks: The Good, The Bad, and The Ugly The cyber threat landscape today continues to pose a myriad of unique challenges. This is especially the case for industrial organizations…

Read more →

Read the original article: Entornos ICS y gestión de parches: qué hacer si no puede aplicar parches La evolución de las de amenazas de ciberseguridad destaca la necesidad emergente de que las organizaciones fortalezcan su capacidad para identificar, analizar y…

Read more →

Read the original article: Checking the Windows Store for Patching the Codecs Library Vulnerability What is the Windows Store? The Windows Store is a digital platform that allows for the distribution of applications. This platform offers both free and paid.…

Read more →

Read the original article: 22,900 MongoDB Databases Held to Ransom by Hacker Threatening to Report Firms for GDPR Violations Hackers are once again finding unsecured MongoDB databases carelessly left exposed on the internet, wiping their contents, and leaving a ransom…

Read more →

Read the original article: Trickbot Malware Using Screen Resolution Checks as Anti-VM Tactic Security researchers spotted Trickbot malware checking the screen resolution as a means of evading analysis on a virtual machine (VM). Digital security firm MalwareLab came across a…

Read more →

Read the original article: Understanding the Purpose of Security Controls and the Need for Compliance What are the brakes on a car designed to do? I have asked this question many times when speaking to customers or organizations who were…

Read more →

Read the original article: A Checklist for Preparing for Your Organization’s Next PCI Audit Organizations cannot afford to neglect their PCI compliance obligations. According to its website, PCI could punish offending organizations with a monetary penalty ranging in value from…

Read more →

Read the original article: New Mac Ransomware Leveraged Piracy as Means of Distribution Security researchers detected a new ransomware strain that leveraged piracy as a means of distributing itself to Mac users. On June 29, a Twitter user reached out…

Read more →

Read the original article: The CSA IoT Security Controls Framework Building the Case for IoT Security Framework The Internet of Things (IoT) is growing in technical, social, and economic significance. ENISA defines the increasingly complex IoT systems as “cyber-physical ecosystem[s]…

Read more →

Read the original article: Attackers Targeted Dozens of U.S. Companies with WastedLocker Security researchers identified a string of attacks in which malicious actors attempted to target dozens of U.S. organizations with WastedLocker ransomware. Symantec detected the attack attempts on several…

Read more →

Read the original article: Into the Dark: Scratching the Surface of the Dark Web and Its Potential Risks to Users Numerous data leaks appeared on the dark web in the second quarter of 2020. At the end of May, for…

Read more →

Read the original article: What to Expect from Brazil’s New Data Protection Law The European GDPR (General Data Protection Regulation) is one of the most influential consumer privacy laws that has affected 500,000 companies throughout the world. This law has…

Read more →

Read the original article: Vancouver Man Sentenced to Federal Prison for Developing DDoS Botnets A Vancouver man received a federal prison sentence for his involvement in developing several distributed denial-of-service (DDoS) botnets. On June 25, the U.S. Attorney’s Office for…

Read more →

Read the original article: Foundational Controls Make the Hard Things Easier to Do Let’s begin with a short story. Imagine that we have two large organizations in the public sector. These entities are very similar. Both are on the receiving…

Read more →

Read the original article: Lucifer Malware Abused Windows Exploits for Cryptomining, DDoS Attacks New malware called “Lucifer” came with numerous exploits for conducting cryptomining functionality and performing distributed denial-of-service (DDoS) attacks on infected Windows machines. Palo Alto Networks’ Unit 42…

Read more →

Read the original article: Find a PlayStation 4 vulnerability and earn over $50,000 Do you think you have found a vulnerability in the Sony PlayStation 4 or the PlayStation Network? If so, you could be heading towards a sizeable sum…

Read more →

Read the original article: How to Reduce the Risk of Misoperations in Your Bulk Electric Systems Reliability is essential to the functionality of an electric power grid. This principle guarantees that a constant qualitative and quantitative supply of electric power…

Read more →

Read the original article: Tripwire Patch Priority Index for June 2020 Tripwire’s June 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, BIND and Oracle. Up first on the Patch Priority Index this month are patches for Microsoft,…

Read more →

Read the original article: New CryCryptor Ransomware Masqueraded as COVID-19 Tracing App Security researchers came across a new ransomware family called “CryCryptor” that masqueraded as a Canadian COVID-19 tracing app. CryCryptor emerged just days after the Canadian government announced it…

Read more →

Read the original article: State of Insider Data Breaches in 2020 Organizations protect critical assets and sensitive information from the outside world by continually updating their security controls and policies. However, the origin of a breach is not always outside…

Read more →

Read the original article: Ryuk Ransomware Deployed Two Weeks After Initial Trickbot Infection Several attack campaigns waited two weeks after achieving a successful Trickbot infection before they deployed Ryuk ransomware as their final payload. SentinelOne came across the attacks as…

Read more →

Read the original article: Transportation Systems Sector Cybersecurity Framework Implementation Guide As smart ticketing systems and technological solutions become more prevalent in the transportation industry, the issue of transportation systems’ cybersecurity becomes a greater concern. Transportation Systems Cybersecurity is a…

Read more →

Read the original article: Beyond Passing the Test: Lessons from My Infosec Certification Journey Not everything that tastes good is healthy, and not everything healthy tastes good. I think of exams as the latter. They are one way to test…

Read more →

Read the original article: NitroHack Modifies Windows Discord Client into Infostealing Trojan Security researchers discovered a new malware threat called “NitroHack” that modifies the Discord client for Windows into an infostealing trojan. MalwareHunterTeam observed malicious actors abusing DM’s from infected…

Read more →

Read the original article: Mejores prácticas del programa de gestión de vulnerabilidades Un programa de gestión de vulnerabilidades puede alcanzar su máximo potencial cuando se basa en objetivos fundamentales bien establecidos que abordan las necesidades de información de todas las…

Read more →

Read the original article: Copied master key forces South African bank to replace 12 million cards Fraudsters stole more than $3.2 million from the banking division of South Africa’s post office, after – in a catastrophic breach of security –…

Read more →

Read the original article: Amazon Web Services Mitigated a 2.3 Tbps DDoS Attack Amazon Web Services (AWS) said that it mitigated a distributed denial-of-service (DDoS) attack with a volume of 2.3 Tbps. In its “Threat Landscape Report – Q1 2020,”…

Read more →

Read the original article: The COVID-19 Pandemic Dominates the Cybersecurity World Cybersecurity is not a static world. You can say that it is a social system, it affects and is affected by its surrounding environment. For example, back in 2018,…

Read more →

Read the original article: Odd Protest-Themed Spam Messages Targeted Atlanta Police Foundation Security researchers came across a series of odd protest-themed spam email messages that appeared to target the Atlanta Police Foundation. SANS’ Internet Storm Center observed that the spam…

Read more →

Read the original article: The MITRE ATT&CK Framework: What You Need to Know The MITRE ATT&CK Framework has gained a lot of popularity in the security industry over the past year. I have spent a lot of time researching the…

Read more →

Read the original article: Sextortionists Using Social Engineering Tactics to Collect Victims’ Data Security researchers observed sextortionists leveraging social engineering techniques to steal their victims’ personal information. SANS’ Internet Storm Center (ISC) discovered that sextortionists had begun creating profiles for…

Read more →

Read the original article: Cyberthon 2020: Valuable Discussions, For a Worthy Cause. Thank you to everyone who joined us for our virtual charity event, Cyberthon 2020 on the 9th June. Given our company started out over 20 years ago as…

Read more →

Read the original article: Podcast Episode 8: Industrial Cybersecurity – From HVAC Systems to Conveyor Belts Tripwire’s General Manager of Industrial Cybersecurity, Kristen Poulos, discusses the risks that come with the increasing number of connected devices operating on the plant…

Read more →

Read the original article: Extortionists Preying on Site Owners with Fake Website Hacking Scam Researchers found that extortionists are targeting website owners with a scam in which they claim to have hacked their site and extracted a database. WebARX observed…

Read more →

Read the original article: 10 Essential Bug Bounty Programs of 2020 In 2019, the State of Security published its most recent list of essential bug bounty frameworks. Numerous organizations and government entities have launched their own vulnerability reward programs (VRPs)…

Read more →

Read the original article: Building on the IAM Benefits of SSO with MFA and Privileged Access Management In part one of this post, we talked about why identity access management (IAM) is important.  In that discussion, we identified three types…

Read more →

Read the original article: The Importance of Implementing an Information Security Policy That Everyone Understands Information security (IS) and/or cybersecurity (cyber) are more than just technical terms. They’re the processes, practices and policy that involve people, services, hardware, and data.…

Read more →

Read the original article: SNAKE Ransomware Affected Enel Group’s Internal Network Italian multinational energy company Enel Group suffered a SNAKE ransomware infection that affected its internal network. According to a statement issued by Enel Group, the ransomware attack first registered…

Read more →

Read the original article: Babylon Health App Leaked Patients’ Video Consultations Babylon Health, makers of a smartphone app that allows Brits to have consultations with NHS doctors, has admitted that a “software error” resulted in some users being able to…

Read more →

Read the original article: Trickbot Using Fake Black Lives Matter Voting Campaign for Distribution Security researchers came across an attack email that leveraged a fake Black Lives Matter voting campaign to distribute Trickbot malware. Digital security firm Abuse.ch found that…

Read more →

Read the original article: ¿Qué son los desvíos en configuraciones o ‘configuration drift’? En una publicación anterior de mi colega Irfahn Khimji, habló sobre cómo reducir la superficie de ataque en su infraestructura de red. Organizaciones como el Centro de…

Read more →

Read the original article: Ragnar Locker Partnered with Maze Ransomware Cartel The actors behind Ragnar Locker partnered with the Maze ransomware gang as a means of extorting victims whose unencrypted data they had stolen. On June 8, the operator of…

Read more →

Read the original article: VERT Threat Alert: June 2020 Patch Tuesday Analysis Today’s VERT Alert addresses Microsoft’s June 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-888 on Wednesday, June 10th. In-The-Wild…

Read more →

Read the original article: U.S. Utilities Targeted with FlowCloud Malware by LookBack Attackers The digital attackers responsible for distributing LookBack malware targeted U.S. utility providers with a new threat called “FlowCloud.” Proofpoint first observed threat actors attempting to spread FlowCloud…

Read more →

Read the original article: How ExpertOps Can Help You Address the Infosec Skills Gap Are you struggling to hire skilled digital security talent in 2020? If so, you’re not alone. According to a Tripwire study on the infosec skills gap,…

Read more →

Read the original article: Zorab Ransomware Disguised as STOP Djvu Ransomware Decryptor A security researcher discovered a new ransomware strain called “Zorab” masquerading as a decryptor for STOP Djvu ransomware. Michael Gillespie, creator of the Ransomware ID service, spotted Zorab…

Read more →

Read the original article: Using AWS Session Manager with Enhanced SSH and SCP Capability Last year, Amazon Web Services announced new capabilities in the AWS Systems Manager Session Manager. Users are now capable of tunneling SSH (Secure Shell) and SCP…

Read more →

Read the original article: Final Version of NIST SP 1800-23 Guides Identification of Threats to OT Assets In September 2019, the National Cybersecurity Center of Excellence (NCCoE) at the National Institute of Standards and Technology (NIST) announced the release of…

Read more →

Read the original article: Three New Ways Tripwire Enterprise Can Help Monitor Ephemeral Assets in Dynamic Cloud Environments With Great Power Comes Great Responsibility Moving applications and infrastructure to the cloud offers a degree of flexibility and scalability that can…

Read more →

Read the original article: HyperBeard Fined $150K for Allegedly Collecting Children’s Data Illegally The U.S. Federal Trade Commission (FTC) fined app developer HyperBeard $150,000 for allegedly collecting children’s data in an unlawful way. On June 4, the FTC announced that…

Read more →

Read the original article: The scammer who tried to launder over $500,000 through Business Email Compromise A 64-year-old man has pleaded guilty in a Texan court to charges of money laundering after a series of attacks that defrauded companies out…

Read more →

Read the original article: Phishers Use Fake VPN Config Notification to Target Office 365 Details Security researchers observed phishers leveraging a fake VPN configuration notification to target employees’ Office 365 credentials. Abnormal Security found that the campaign attempted to capitalize…

Read more →

Read the original article: Why NHS, UK Healthcare Orgs Need to Boost Their Security in Age of COVID-19 All National Health Service (NHS) and social care organisations in the United Kingdom have always been and will always be a target…

Read more →

Read the original article: Cyberthon 2020: Helping Support Front Line Carers With everything going on in the world currently, it feels wrong to lament the cancellation of cybersecurity exhibition season in Europe. Typically a time when vendors and end-users are…

Read more →

Read the original article: Contact Tracing: De-mystifying How an App Designed to Track People Can Ensure User Privacy and Security Many governments in many countries around the world recognise that contact tracing plays a very important part to reduce the…

Read more →

Read the original article: Cybersecurity Must be an Integral Part of any Pandemic Response Plan from Now On Sometimes the best way to inform ourselves about how cybersecurity is dealing with a new threat, technology, or situation is to just…

Read more →

Read the original article: Passenger Railroad Service Says Data Breach Might Have Affected PII A passenger railroad service announced that a data breach might have affected some passengers’ personally identifiable information (PII). In a “Notice of Data Breach” letter sent…

Read more →

Read the original article: The Cybersecurity Implications of 5G Technology The coming of widespread 5G technology promises more than just faster everything, enhanced capacity and greater reliability. Leading proponents of the wonders of 5G, such as the theoretical physicist and…

Read more →

Read the original article: Tripwire Patch Priority Index for May 2020 Tripwire’s May 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Adobe, SaltStack, and VMware. Up first on the patch priority list this month are patches for…

Read more →

Read the original article: Sandworm Team Exploiting Vulnerability in Exim Mail Transfer Agent The U.S. National Security Agency (NSA) warned that the Sandworm team is exploiting a vulnerability that affects Exim Mail Transfer Agent (MTA) software. In a cybersecurity advisory…

Read more →

Read the original article: NetWalker Ransomware – What You Need to Know What is NetWalker? NetWalker (also known as Mailto) is the name given to a sophisticated family of Windows ransomware that has targeted corporate computer networks, encrypting the files…

Read more →

Read the original article: PonyFinal Ransomware Delivered by Extended Human-Operated Attacks Security researchers witnessed the deployment of PonyFinal ransomware at the end of extended human-operated attack campaigns. In a series of tweets, Microsoft Security Intelligence revealed it had observed human-operated…

Read more →

Read the original article: Business Continuity Requires Infrastructure Continuity in Times of Remote Working Over the last few weeks, most organisations have had to transition to enable their employees to work remotely. The key focus has been on business continuity…

Read more →

Read the original article: [F]Unicorn Ransomware Masquerading as COVID-19 Contact Tracing App A new ransomware family called “[F]Unicorn” masqueraded as a COVID-19 contact tracing app in order to target Italian users. On May 25, the the Computer Emergency Response Team…

Read more →

Read the original article: The MITRE ATT&CK Framework: Exfiltration Once an attacker has established access and pivoted around to the point of gathering the necessary data, they will work on exfiltration of that data. Not all malware will reach this…

Read more →

Read the original article: Protecting Fleet Data from Security Threats Big data is revolutionizing fleet management — specifically in the form of telematics. From engine diagnostics that track fuel efficiency and mileage to sensors that detect aggressive driving behavior and…

Read more →

Read the original article: Updated AnarchyGrabber Steals Passwords, Spreads to Discord Friends Researchers found an updated version of AnarchyGrabber that steals victims’ plaintext passwords for and infects victims’ friends on Discord. Detected as AnarchyGrabber3, the new trojan variant modified the…

Read more →

Read the original article: Climbing the Vulnerability Management Mountain: Reaching the Summit (VM Maturity Level 5) Only the truly committed ever reach the summit of anything. This sentiment holds true for vulnerability management. An organization cannot reach the summit without…

Read more →

Read the original article: Reaching the Summit (VM maturity Level 5) Only the truly committed ever reach the summit of anything. This sentiment holds true for vulnerability management. An organization cannot reach the summit without a serious commitment to fund…

Read more →

Read the original article: How to Protect the Future of IT Working remotely, either from home or from elsewhere, isn’t something new. It has been used by many companies worldwide over the past decade. That said, it was typically restricted…

Read more →

Read the original article: U.S. Elections: Effectively Balancing Access and Security For a Democratic Party desperate to unseat President Trump in November, the primary election process has been filled with large-scale technology failure, official miscalculations, voter annoyance and public embarrassment,…

Read more →

Read the original article: Observing a Privacy Milestone: Expert Thoughts on GDPR’s 2nd Anniversary May 25, 2020 marks the second anniversary of when the European Union’s General Data Protection Regulation (GDPR) took full effect. Undoubtedly, many organizations have succeeded in…

Read more →

Read the original article: MilkmanVictory Ransomware Created for Purpose of Attacking Scammers A hacking group claimed that it developed a new ransomware strain called “MilkanVictory” for the purpose of attacking scammers. Collectively known as “CyberWare,” the group announced their creation…

Read more →

Read the original article: BlockFi Hacked Following SIM Swap Attack, But Says No Funds Lost For just under 90 minutes last Thursday, hackers were able to compromise the systems of cryptocurrency lending platform BlockFi, and gain unauthorised access to users’…

Read more →

Read the original article: Scattered Canary Behind Hundreds of Fraudulent Unemployment Claims Security researchers discovered that the Scattered Canary group had filed hundreds of fraudulent unemployment claims in the wake of COVID-19. According to Agari Cyber Intelligence Division, at least…

Read more →

Read the original article: Verizon DBIR 2020: Cloud Apps, Stolen Credentials, and Errors It’s DBIR season! Put down your pens, stop watching “The Last Dance” and get to reading the key findings of the 13th edition of the annual Verizon…

Read more →

Read the original article: Attacks Targeting ICS & OT Assets Grew 2000% Since 2018, Report Reveals The digital threat landscape is always changing. This year is an excellent (albeit extreme) example. With the help of Dimensional Research, Tripwire found out…

Read more →

Read the original article: Winning with Cyber Threat Intelligence: Taking a More Personal View In this final article of our trilogy, we investigate how a cyber threat intelligence (CTI) analyst and associated programmes provide insight about physical and cyber threats…

Read more →

Read the original article: Around 9 Million easyJet Customers’ Details Stolen in Hacking Incident British low-cost airline group easyJet revealed that an hacking incident had exposed approximately nine million customers’ information. On May 19, easyJet issued a “Notice of cyber…

Read more →

Read the original article: Podcast Episode 7: The Perimeter Really Is Gone – CIS Controls and COVID-19 with Tony Sager Tony Sager, Senior Vice President and Chief Evangelist at CIS (Center for Internet Security) joins us to discuss the best…

Read more →

Read the original article: ‘Glitch’ in Illinois’ PUA System Blamed for Exposing SSNs, Private Data Government officials said that a glitch in the State of Illinois’ Pandemic Unemployment Assistance (PUA) program exposed thousands of people’s Social Security Numbers (SSNs) and…

Read more →

Read the original article: A Look at Trump’s Executive Order to Secure the Bulk Power System On May 1st President Trump signed an Executive Order on “Securing the United States Bulk-Power System.” The order cites foreign adversaries and their increased creation…

Read more →

Read the original article: Why OPSEC Is For Everyone, Not Just For People With Something To Hide – Part III In this final part of the series, I discuss why everyone should consider reviewing their OPSEC (Operations Security), not just…

Read more →

Read the original article: Understanding Single Sign On as a Means of Identity Access Management I usually spend my mornings doing some reading and enjoying my coffee. On this one particular morning, I noticed that I had received an email…

Read more →

Read the original article: UK Power Grid Network Middleman Struck by Digital Attack A middleman organization in the United Kingdom’s power grid network suffered a digital attack that affected its internal IT systems. Electricity trading arrangements provider Elexon publicly disclosed…

Read more →

Read the original article: The top 10 most-targeted security vulnerabilities – despite patches having been available for years Newly-discovered zero-day vulnerabilities may generate the biggest headlines in the security press, but that doesn’t mean that they’re necessarily the thing that…

Read more →

Read the original article: Survey: Nearly Two-Thirds of Orgs Have Experienced COVID-19 Related Attacks This new world is putting a strain on organizations’ digital security defenses. First, malicious actors are increasingly leveraging coronavirus 2019 (COVID-19) as a theme to target…

Read more →

Read the original article: I, CyBOK – An Introduction to the Cyber Security Body of Knowledge Project The Cyber Security Body of Knowledge project or CyBOK is a collaborative initiative mobilised in 2017 with an aspiration to “codify the foundational…

Read more →

Read the original article: VERT Threat Alert: May 2020 Patch Tuesday Analysis Today’s VERT Alert addresses Microsoft’s May 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-884 on Wednesday, May 13th. In-The-Wild…

Read more →

Read the original article: Best Practices for Scoring Your Environment’s Security Measures For most practical uses today, a combination of hardening and vulnerability detection is required to secure even the most basic digital environment. In each area it is important…

Read more →

Read the original article: U.S. Marshals Announced Data Breach of Prisoners’ Information The United States Marshals Service announced a data breach involving the personal information of its former and current prisoners. In a data breach notification letter obtained by ZDNet,…

Read more →

Read the original article: COVID-19 Scam Roundup – May 11, 2020 Digital attacks continue to exploit coronavirus 2019 (COVID-19) as part of their malicious operations. On May 5, 2020, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency…

Read more →

Read the original article: The 4 Stages to a Successful Vulnerability Management Program Have you ever been around someone who is just better at something than you are? Like when you were in school and there was this person who…

Read more →

Read the original article: For six years Samsung smartphone users have been at risk from critical security bug. Patch now Samsung has released a security update for its popular Android smartphones which includes a critical fix for a vulnerability that…

Read more →

Read the original article: Spike in Snake Ransomware Activity Attributed to New Campaign Security researchers attributed a spike in Snake ransomware activity to a new campaign that’s targeted organizations worldwide. Snake ransomware first attracted the attention of malware analysts in…

Read more →

Read the original article: Tripwire Patch Priority Index for April 2020 Tripwire’s April 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Oracle, and VMware. Up first on the patch priority list this month is a patch for…

Read more →