Today’s VERT Alert addresses Microsoft’s August 2021 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-959 on Wednesday, August 11th. In-The-Wild & Disclosed CVEs CVE-2021-36948 This privilege escalation vulnerability that affects the Windows Update Medic Service (WaasMedic) has been actively exploited. Medic Service is a feature of modern...

Often, the most critical threats come from within an organization itself. This is true for all sectors, but it is especially true for industrial control systems (ICS). Technicians in these environments already have access to plant controls and may have the deep knowledge of industrial processes needed to achieve specific goals. The damage caused by an insider may range from mild disruption to...

Faced with rows of empty gas pumps , many Americans on the East Coast may be wondering why this happened , whether it will happen again, or if there is anything we can do to avoid future catastrophe. The unpleasant truth of the matter is that this will certainly not be the last time society is disrupted due to attackers targeting critical industrial control systems (ICS). The impact of such an...

Today’s VERT Alert addresses Microsoft’s July 2021 Security Upd ates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-954 on Wednesday, July 14th. In-The-Wild & Disclosed CVEs CVE-2021-34527 The vulnerability dubbed PrintNightmare was patched prior to the Tuesday patch drop, but it is still worth including here. This vulnerability also generated a bit of...

Today’s VERT Alert addresses Microsoft’s June 2021 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-947 on Wednesday, June 9th. In-The-Wild & Disclosed CVEs CVE-2021-31955 This is one of two vulnerabilities fixed in today’s patch drop which were reported by Kaspersky Lab after detecting exploitation by threat actor PuzzleMaker. This Windows...

Today’s VERT Alert addresses Microsoft’s May 2021 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-943 on Wednesday, May 12th. In-The-Wild & Disclosed CVEs CVE-2021-31204 Up first in the list this month, we have a vulnerability that impacts .NET and Visual Studio and could allow a successful attacker to elevate their permissions. We see...

Over the weekend, the Alpharetta-based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of the business to prevent further exposure. Colonial Pipeline is...

Lane Thames, PhD and principal security researcher at Tripwire explains the challenges you might not have considered in IT/OT convergence. https://open.spotify.com/episode/2w3lsuN3V1ZOiLVGqxw58v?si=5lVBp46tTiK7tfzmCnpeuA Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnm Stitcher: https://www.stitcher.com/podcast/the-tripwire-cybersecurity-podcast RSS: https://tripwire.libsyn.com/rss...

Today’s VERT Alert addresses Microsoft’s April 2021 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-939 on Wednesday, April 14th. In-The-Wild & Disclosed CVEs CVE-2021-28310 Borin Larin of Kaspersky Lab discovered this vulnerability being actively used for exploitation and suspects that it is tied to the BITTER APT group. Larin and co...

When it comes to cybersecurity, industrial IT —consisting mainly of operational technology (OT) and industrial control systems (ICS)—has failed to keep up with development in the enterprise IT world. That’s mostly because industries’ adoption of internet technology has been slower when compared with enterprises. It would take some time to close the gap, but concerted efforts have already been made...

The latest Honeywell USB Threat Report 2020 indicates that the number of threats specifically targeting Operational Technology systems has nearly doubled from 16% to 28%, while the number of threats capable of disrupting those systems rose from 26% to 59% over the same period. Let’s face it. Critical infrastructure operators in manufacturing, aerospace, energy, shipping, chemical, oil and gas...

The trucking sector is essential to countless other industries. Without reliable transportation, supply chains would crumble, and companies and consumers would face shortages. With so much riding on it, it’s no wonder why the industry has fully embraced technology like telematics in recent years. Telematics refers to the suite of technologies fleets use to share data between vehicles and command...

Today’s VERT Alert addresses Microsoft’s March 2021 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-933 on Wednesday, March 10th. In-The-Wild & Disclosed CVEs CVE-2021-26855 CVE-2021-26857 CVE-2021-26858 CVE-2021-27065 These CVEs are part of the bundle of Exchange vulnerabilities that were patched last week, more specifically, these are...

Through the lens of the Florida water supply hack, Dale Peterson teaches how events like these remind us to take the necessary steps to maintain our cybersecurity. Founder and chair of S4 Events, Dale has been helping security professionals effectively and efficiently manage risk to their critical assets for over 15 years. https://open.spotify.com/episode/65nUedFSHvdRSPUHgYH2Qn?si=vd7cA3T7Q4CCh...

While I was teaching, one of my students asked if I had seen Cybergeddon , a film distributed by Yahoo! in 2012. I had not, so I decided it would be fun for VERT to watch the film and review it, since my hobby is writing film reviews for RotundReviews . Cybergeddon is not talked about as much as it should be given some of the background around it. It should be noted that while we’ll reference it...

Today’s VERT Alert addresses Microsoft’s February 2021 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-928 on Wednesday, February 10th. In-The-Wild & Disclosed CVEs CVE-2021-1732 A vulnerability in Win32k that allows for privilege escalation has been exploited in the wild. The Cybersecurity and Infrastructure Security Agency (CISA)...

Today’s VERT Alert addresses Microsoft’s January 2021 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-922 on Wednesday, January 13th. In-The-Wild & Disclosed CVEs CVE-2021-1647 A vulnerability in the Microsoft Malware Protection Engine (MMPE) is currently seeing active exploitation. Since the MMPE is updated regularly with malware...

Vulnerability Description The United States Cybersecurity & Infrastructure Security Agency (CISA) has advised that an advanced persistent threat (APT) actor was able to insert sophisticated malware into officially signed and released updates to the SolarWinds network management software . The attacks have been ongoing since at least March 2020 and CISA has warned that many high-value targets...

Today’s VERT Threat Alert addresses Microsoft’s December 2020 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-918 on Wednesday, December 9th. In-The-Wild & Disclosed CVEs There are no In-The-Wild or Disclosed CVEs patched this month. CVE Breakdown by Tag While historical Microsoft Security Bulletin groupings are gone, Microsoft...

Today’s VERT Alert addresses Microsoft’s November 2020 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-915 on Wednesday, November 11th. Note: Microsoft has changed their advisory format and no longer provides basic vulnerability descriptions. In-The-Wild & Disclosed CVEs CVE-2020-17087 This CVE describes a local elevation of privilege...