Keeping sensitive data and assets safe is the goal of regulatory cybersecurity frameworks like NIST (National Institute of Standards and Technology). But for government agency security professionals, staying compliant can feel like a Sisyphean task due to the complexity of applying the controls themselves. It’s especially difficult to attempt to...

The current security state of industrial control systems (ICS) is a perplexing one. On the one hand, Kaspersky Lab found in a recent report that a majority of organizations (75 percent) regard ICS security as a major priority. On the other hand, organizations aren’t implementing the proper safeguards to secure their industrial control systems. The...

On the aftermath of the Mati wildfires in Greece that killed 100 people, the Greek Fire Department spokesperson made an announcement on June 2018, stating "Any manned and unmanned aircraft systems flights in an area of operations is a serious infringement and creates safety risks for flights. Any breach entails criminal and administrative liability....

Navicent Health, a part of Central Georgia Health System, has disclosed that it suffered a data breach as the result of a digital attack. The second-largest hospital in Georgia and the only regional Level I Trauma Center, Navicent Health explains in a data breach notice that it learned of a digital...

As technology advances and the costs of connecting electronic components to the internet decreases, the lower the cost of having an internet connected smart home is. Sensors placed throughout a house and integrated into home appliances can provide homeowners the advantages of monitoring and managing functions of the home remotely. According to...

Be organized and efficient. It’s a simple rule of life that makes things run a whole lot smoother. This is something especially important when running your vulnerability management program. There are only so many hours in a day, rather, there are only so many hours in a down cycle where the business will let you scan their environment for...

In 1998, Congress unanimously passed the Digital Millennium Copyright Act (“DMCA”) to implement two international copyright treaties. Among other provisions, the DMCA addresses the use of technical measures (digital rights management or DRM) that control access to copyrighted works. The new provisions impose fines and criminal penalties for: ...

A data breach involving luxury retailer Nordstrom has potentially exposed the personal information of thousands of its employees. The Seattle-based company said the compromised data included employee names, Social Security numbers, dates of birth, checking account and routing numbers, salaries, and more. According to reports, employees received an...

In Part 1 of this series, I walked through the background of the NERC CIP version 5 controls and outlined what needs to be monitored for NERC CIP software requirements. In this second half of the series, we’ll take what we’ve learned and explore approaches for meeting the requirements while considering security value. NERC CIP is supposed to be for...

As organizations grappled with NERC CIP version 5, Tripwire learned along the way. In this series, I’ll cover the aspect of CIP that has come up the most in the last year: how to meet the software monitoring requirements. Software Inventory as a Security Control It is a simple question at first, but the more we peel back the layers, the more we...

Tripwire's October 2018 Patch Priority Index (PPI) brings together the top vulnerabilities from libssh, Microsoft and Oracle. First on the patch priority list this month is an authentication bypass vulnerability in libssh. This vulnerability can be exploited remotely, and exploit code has recently been added to Metasploit. Next are patches for...

There have been many scams that have utilized the phone system to gain access to funds or personal information from hardworking individuals. One of the most prevalent scams that seems to persist in both Canada and the United States is the tax agency scam. The Canada Revenue Agency (CRA) and the Internal Revenue Agency (IRS) were both victims of...

Masquerading is a technique used in which a file name is maliciously named something similar to one which may be trusted. This specific technique is outlined in detail in the MITRE ATT&CK framework, as well. For example, a file named explorer.exe may seem more benign than one called explor3r.exe. However, file names may not be so easy to spot like...

A US court has sentenced a programmer to 30 months in a federal prison in connection with software that claimed to be a legitimate tool for Windows sysadmins to remotely manage computers, but was actually used by criminals to backdoor PCs and secretly spy on victims. 21-year-old Colton Grubbs, of Stanford, Kentucky, admitted earlier this year that...

A man received a prison sentence for his part in helping to "cash out" ransom payments made by victims of a specific ransomware family. On 13 August, the U.S. Department of Justice (DOJ) announced the sentencing of Raymond Odigie Uadiale, 41, of Maple Valley, Washington to 18 months in jail and three...

Without a doubt, log management should be part of the core of any IT security platform of a government agency. It has a role in not only security but also in operations and compliance requirements. Logging can provide situational awareness of things happening within an environment by keeping track of events recorded in the logs of the different...

Digital attackers targeted the computer servers of a golfers' association with ransomware and encrypted files stored on those assets. Staff at the Professional Golfers' Association of America (PGA) discovered the attack on 7 August. When they attempted to access certain work files that morning, those...

What does the chairman of MIT’s board of trustees and a Supreme Court judge for New York State have in common with the Weintraubs of Lebanon, Oregon? They were all victims of real-estate spoofing scams, a form of cyber-security fraud that has grown from $19 million in 2016 to over $1B in 2017. Thieves have learned that large sums of money change...

Cyber crime is a serious and growing problem. According to Cybersecurity Ventures, cybercrime damages will cost the world $6 trillion annually by 2021, up from $3 trillion in 2015. And as seen in recent high-profile hacks and data breaches involving U.S. government agencies (the NSA, the Office of Personnel Management, the Securities and Exchange...

European Union data protection law restricts the transfer of EU-origin personal data to countries outside the European Economic Area unless there is a mechanism in place to ensure an adequate level of protection of the personal data. In 2000, the European Commission approved the EU-SU Safe Harbor Privacy Principles that allowed many U.S. companies...