Blog

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the week of September 27, 2021

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly reviewing the news for interesting stories and developments in the cybersecurity world. Here’s what stood out to us during the week of September 27, 2021. We’ve also included the comments from a few folks here at Tripwire VERT. REvil Ransomware Group Goes...
Blog

CIS Control 06: Access Control Management

CIS Control 6 merges some aspects of CIS Control 4 (admin privileges) and CIS Control 14 (access based on need to know) into a single access control management group. Access control management is a critical component in maintaining information and system security, restricting access to assets based on role and need. It is important to grant, refuse,...
Blog

CIS Control 05: Account Management

Knowing who has credentials, how those credentials are granted, and how they are being used is the foundation of any secure environment. It begins with user accounts and the credentials they use. Maintaining a thorough inventory of all accounts and verifying any changes to those accounts as authorized and intentional vs unintended is paramount to...
Blog

CIS Control 04: Secure Configuration of Enterprise Assets and Software

Key Takeaways for Control 4 Most fresh installs of operating systems or applications come with pre-configured settings that are usually insecure or not properly configured with security in mind. Use the leverage provided by multiple frameworks such as CIS Benchmarks or NIST NCP to find out if your organization needs to augment or adjust any...
Blog

VERT Threat Alert: September 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s September 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-964 on Wednesday, September 15th. In-The-Wild & Disclosed CVEs CVE-2021-40444 This CVE describes a publicly exploited vulnerability in MSHTML that provides user level access upon...
Blog

CIS Control 03: Data Protection

For many years, there was a wide misunderstanding that encrypting some data is equivalent to protecting that data. If it’s encrypted, so the thinking goes, nobody else could access it, and it is therefore safe. While it is critical to encrypt data at rest as well as in transit, the job of protecting data goes much deeper. Encryption can mitigate...
Blog

CIS Control 02: Inventory and Control of Software Assets

Today, I will be going over CIS Control 2 from version 8 of the top 18 CIS Controls – Inventory and Control of Software Assets. Version 7 of CIS Controls had 10 requirements, but in version 8, it's simplified down to seven safeguards. I will go over those safeguards and offer my thoughts on what I’ve found. Key Takeaways for Control 2 ...
Blog

CIS Control 01: Inventory and Control of Enterprise Assets

Since 2008, the CIS Controls have been through many iterations of refinement and improvement, leading up to what we are presented with today in CIS Controls version 8. CIS Controls reflect the combined knowledge of experts from every part of the ecosystem (companies, governments, and individuals). The controls reflect consideration by people in many...
Blog

VERT Threat Alert: August 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s August 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-959 on Wednesday, August 11th. In-The-Wild & Disclosed CVEs CVE-2021-36948 This privilege escalation vulnerability that affects the Windows Update Medic Service (WaasMedic) has been...
Blog

VERT Threat Alert: July 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s July 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-954 on Wednesday, July 14th. In-The-Wild & Disclosed CVEs CVE-2021-34527 The vulnerability dubbed PrintNightmare was patched prior to the Tuesday patch drop, but it is still worth including...
Blog

What’s New in v8 of the CIS Controls

Back in 2018, the State of Security spent a lot of time going over v7 of the Center for Internet Security’s Critical Security Controls (CIS Controls). We noted at the time how the Center for Internet Security shuffled the order of requirements for many of the existing controls in that version. It also cleaned up the language of the CIS Controls,...
Blog

VERT Threat Alert: June 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s June 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-947 on Wednesday, June 9th. In-The-Wild & Disclosed CVEs CVE-2021-31955 This is one of two vulnerabilities fixed in today’s patch drop which were reported by Kaspersky Lab after detecting...
Blog

Mind the GAAP: A Lens for Understanding the Importance of the CIS Controls

Given that attacks are only increasing and there needs to be greater efficacy in how companies protect themselves, let us reference how the financial industry has created and relies on a body of standards to address issues in financial accounting as a defined comparison for Information Security. To support this argument, there is a defined contrast...
Blog

VERT Threat Alert: May 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s May 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-943 on Wednesday, May 12th. In-The-Wild & Disclosed CVEs CVE-2021-31204 Up first in the list this month, we have a vulnerability that impacts .NET and Visual Studio and could allow a...
Blog

VERT Threat Alert: April 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s April 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-939 on Wednesday, April 14th. In-The-Wild & Disclosed CVEs CVE-2021-28310 Borin Larin of Kaspersky Lab discovered this vulnerability being actively used for exploitation and suspects that it...
Blog

How Tripwire Can Help U.S. Federal Agencies Implement the CIS Controls

Digital attackers are increasingly launching sophisticated campaigns in an effort to target U.S. federal agencies and other organizations. Two recent examples demonstrate this reality. These are the SolarWinds supply chain attack and the HAFNIUM Exchange exploit campaign. The SolarWinds Supply Chain Attack In mid-December 2020, the security...
Blog

VERT Threat Alert: March 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s March 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-933 on Wednesday, March 10th. In-The-Wild & Disclosed CVEs CVE-2021-26855 CVE-2021-26857 CVE-2021-26858 CVE-2021-27065 These CVEs are part of the bundle of Exchange vulnerabilities that...
Blog

PCI DSS 4.0 Is Coming – Are You Ready?

Ransomware today is a billion-dollar industry. It’s crippled industries like healthcare. In 2017, for instance, WannaCry brought much of the United Kingdom’s National Health Service to its knees using the EternalBlue exploit. It was just a few weeks later when the NotPetya ransomware strain leveraged that same vulnerability to attack lots of...
Blog

VERT at the Movies: Cybergeddon

While I was teaching, one of my students asked if I had seen Cybergeddon, a film distributed by Yahoo! in 2012. I had not, so I decided it would be fun for VERT to watch the film and review it, since my hobby is writing film reviews for RotundReviews. Cybergeddon is not talked about as much as it should be given some of the background around it. It...
Blog

VERT Threat Alert: February 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s February 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-928 on Wednesday, February 10th. In-The-Wild & Disclosed CVEs CVE-2021-1732 A vulnerability in Win32k that allows for privilege escalation has been exploited in the wild. The...