Blog

Blog

VERT Threat Alert: February 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s February 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-928 on Wednesday, February 10th. In-The-Wild & Disclosed CVEs CVE-2021-1732 A vulnerability in Win32k that allows for privilege escalation has been exploited in the wild. The...
Blog

VERT Threat Alert: January 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s January 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-922 on Wednesday, January 13th. In-The-Wild & Disclosed CVEs CVE-2021-1647 A vulnerability in the Microsoft Malware Protection Engine (MMPE) is currently seeing active exploitation. Since...
Blog

VERT Alert: SolarWinds Supply Chain Attack

Vulnerability Description The United States Cybersecurity & Infrastructure Security Agency (CISA) has advised that an advanced persistent threat (APT) actor was able to insert sophisticated malware into officially signed and released updates to the SolarWinds network management software. The attacks have been ongoing since at least March 2020 and...
Blog

VERT Threat Alert: December 2020 Patch Tuesday Analysis

Today’s VERT Threat Alert addresses Microsoft’s December 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-918 on Wednesday, December 9th. In-The-Wild & Disclosed CVEs There are no In-The-Wild or Disclosed CVEs patched this month. CVE Breakdown by Tag While historical Microsoft...
Blog

VERT Threat Alert: November 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s November 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-915 on Wednesday, November 11th. Note: Microsoft has changed their advisory format and no longer provides basic vulnerability descriptions. In-The-Wild & Disclosed CVEs CVE-2020-17087 ...
Blog

N-Day Vulnerabilities: How They Threaten Your ICS Systems' Security

In the last quarter of 2019, researchers at ClearSky uncovered an attack operation that they dubbed the “Fox Kitten Campaign.” Iranian actors used this offensive to gain persistent access into the networks of dozens of companies operating in Israel and around the world across the IT, telecommunication, oil and gas, aviation, government and security...
Blog

VERT Threat Alert: October 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s October 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-909 on Wednesday, October 14th. In-The-Wild & Disclosed CVEs (October 2020 Patch Tuesday Analysis) CVE-2020-16938 This CVE describes an information disclosure in the Windows kernel that...
Blog

VERT Threat Alert: September 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s September 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-903 on Wednesday, September 9th. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs included in this month’s security guidance. CVE Breakdown by Tag While...
Blog

VERT Threat Alert: August 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s August 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-899 on Wednesday, August 12th. In-The-Wild & Disclosed CVEs CVE-2020-1464 A vulnerability exists in the way that Windows validates file signatures. An attacker could load improperly signed...
Blog

VERT Threat Alert: July 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s July 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-895 on Wednesday, July 15th. In-The-Wild & Disclosed CVEs CVE-2020-1463 A vulnerability in the SharedStream Library could allow a locally authenticated attacker to run a malicious...
Blog

Design & Implementation of OEM ICS Cybersecurity Frameworks: The Good, The Bad, and The Ugly

The cyber threat landscape today continues to pose a myriad of unique challenges. This is especially the case for industrial organizations due to factors such as aging equipment, poor design or implementation, skills gaps and a lack of visibility. These shortcomings are exacerbated by the mean time to breach detection, which continues to hover above...
Blog

Prioritizing Changes: File Integrity Monitoring Tools & Best Practices

What does file integrity mean? There’s not enough time in the day to investigate every system change, which means you need laser-sharp focus to quickly find the greatest risks to your business. However, the ever-evolving capabilities of cyber adversaries—coupled with the dynamic nature of corporate networks—makes security prioritization increasingly difficult. To combat enterprise cyberthreats...
Blog

VERT Threat Alert: June 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s June 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-888 on Wednesday, June 10th. In-The-Wild & Disclosed CVEs None of the vulnerabilities resolved this month have been publicly disclosed or exploited according to Microsoft. CVE Breakdown by...
Blog

Attacks Targeting ICS & OT Assets Grew 2000% Since 2018, Report Reveals

The digital threat landscape is always changing. This year is an excellent (albeit extreme) example. With the help of Dimensional Research, Tripwire found out that 58% of IT security professionals were more concerned about the security of their employees’ home networks than they were before the outbreak of coronavirus 2019 (COVID-19). Slightly fewer...
Blog

VERT Threat Alert: May 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s May 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-884 on Wednesday, May 13th. In-The-Wild & Disclosed CVEs None of the vulnerabilities resolved this month have been publicly disclosed or exploited according to Microsoft. CVE Breakdown by Tag ...
Blog

VERT Threat Alert: April 2020 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s April 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-880 on Wednesday, April 15th. In-The-Wild & Disclosed CVEs CVE-2020-0935 A vulnerability in the OneDrive for Windows desktop application could allow an attacker to overwrite a targeted file...
Blog

Results Speak Louder Than Words: A Guide to Evaluating ICS Security Tools

Why leveraging live environment simulations and putting ICS tools to the test is the best way to evaluate their fitness. Track and field was one of my favorite sports growing up. I didn’t begin competitively participating until I was a teenager, but I was instantly hooked once I started. Why? Because the clock didn’t lie. The tape measure didn’t lie...
Blog

Quick Guide to Modern Security Configuration Management

Security configuration management is the cybersecurity process of ensuring systems are properly configured to meet security and compliance standards, reducing cyber risk in the process. The practice of detecting and remediating misconfigurations combines elements of integrity monitoring, configuration validation, vulnerability assessment, and system remediation. "The reliability of (Tripwire...
Blog

Navigating ICS Security: Having your Action Plan Ready

Trust, respect, understanding. These are all two-way relationships that must be earned over time. Whilst someone being hired in a senior position will likely already have a certain level of each, part of your job is to continuously cultivate all three of these elements with colleagues no matter your grade. When working within a cybersecurity...
Blog

Navigating ICS Security: Best Practices for ICS Decision-Makers

As a security consultant, I’m not going into an environment to design and build an organization’s network from the ground up in most situations. For the majority of the time, I’m working with legacy environments where some old technologies might be phasing out and newer ones joining the mix of solutions. In the case of one environment I went to, for...