US-CERT published an advisory today regarding the Dridex banking Trojan following a massive resurgence of the malware over the past few weeks as part of a large phishing campaign. Dridex is an evolution of an increasingly sophisticated family of malware focused on stealing banking credentials. This particular strain of bank credential-stealing malware was first seen one year ago and has quickly...

Getting root is fun, and with IoT gadgets, getting root is generally easy. This is why the IoT Hack Lab @ SecTor will be so much fun! If you still reminisce about (or look forward to) the first time you got root on a device, and you will be in Toronto on October 20-21, visit us at the convention centre where we’ll be setup in the expo hall. Expo passes are free with pre-registration using the code...

This week marks Week 3 of National Cyber Security Awareness Month ( NCSAM ). A program sponsored by the Department of Homeland Security (DHS) in cooperation with the National Cyber Security Alliance and the Multi-State Information Sharing and Analysis Center, NCSAM emphasizes our shared responsibility in strengthening the cyber security posture of our workplaces, homes, and digital lives. The...

Today’s VERT Alert addresses 6 new Microsoft Security Bulletins. VERT is actively working on coverage for these bulletins in order to meet our 24-hour SLA and expects to ship ASPL-638 on Wednesday, October 14th. Ease of Use (published exploits) to Risk Table Automated Exploit Easy Moderate Difficult Extremely Difficult No Known Exploit MS15-107 MS15-106 MS15-108 MS15-109 MS15-110 MS15-111 Exposure...

On Tuesday, a new law came into effect that will now require large Australian telecommunication companies to store customers' metadata for two years. Malcolm Turnbull, the current prime minister of Australia, first introduced the bill to the Australian parliament while he was communications minister in an effort to assist the government with national security issues , including investigations into...

In continuing our VERT Vuln School series on SQL Injection vulnerabilities , we’re going to take a look at how attackers can leverage this vulnerability to steal and exfilitrate data. Once we views bob ’s account balance page, we notice that there’s another input-field that might be of interest, the GET variable “cc”. A common way to test for SQL injection vulnerabilities is to insert a single...

I was reading an article in one of my favorite security magazines, and the author mentioned a phrase and included the parenthetical thought “(Google that)”. At first, this seemed comical but a short paragraph later, the author repeated the technique, advising the reader to “Google that” with respect to another thought. This phrase doesn't just pop up in magazine articles, either. About a week ago...

A new report reveals that cyber insurance premiums are on the rise in response to a growing number of high-profile hacks and breaches. According to Timetric's Insight Report: The Future of Cyber Risk Insurance , insurers are raising the deductibles on existing companies' information security policies, whereas others are limiting the amount of coverage they provide. Together, these restraints could...

If you are reading this article, you are probably aware that Security Incident and Event Management solutions, or SIEMs, are powerful systems that allow IT professionals to gather and analyze activity in a company’s infrastructure through the collection and correlation of logs. Though SIEM solutions have a significant amount of built-in content in the form of alerts, rules, reports and dashboards...

In December 1890, Samuel Warren and Louis Brandeis, concerned about privacy implications of the new “instantaneous camera,” penned The Right to Privacy , where they argue for protecting “all persons, whatsoever their position or station, from having matters which they may properly prefer to keep private, made public against their will.” 125 years later, our private information has become currency...

As a regular reader of Tripwire, you are aware that October is National Cyber Security Awareness Month . If you are a business owner, you are aware that every month is Cyber Security Awareness Month. To stretch the point one step further, as an employee, did you know that you are a valuable member of your organization’s Cyber Security Awareness team? A problem with many office environments is that...

The internet is a little bit safer today, and that is something we should all be grateful for. The reason? Security researchers have taken on organised criminal gangs who have been using the notorious Angler Exploit Kit in malware campaigns stealing up to $3 million each month through ransomware attacks. The Angler Exploit Kit is a prime weapon in the arsenal of online criminals, helping them to...

Chinese networking telecommunications equipment and services company Huawei has patched a vulnerability in its MBB (Mobile Broadband) product E3272s that if exploited could lead to denial-of-service attacks and remote arbitrary code execution. According to a security bulletin released by the company, "An attacker could send a malicious packet to the Common Gateway Interface (CGI) of target device...

Cyber security is now a board-level risk across the entire spread of industry. However, it is a broad subject with a large number of unknowns, and some might say there's no real way to ever discover or quantify those unknowns. Unfortunately, this can result in cyber security being poorly understood and boards vulnerable to being misled by ‘snake-oil’ solutions. Cyber security is a complex...

This October marks another iteration of National Cyber Security Awareness Month (NCSAM) , a program designed to engage both the public and private sectors on good security practices via activities that encourage awareness and resiliency in the event of a national cyber incident. Sponsored by the Department of Homeland Security ( DHS ) in cooperation with the National Cyber Security Alliance and...

On Tuesday, the European Court of Justice ruled the 'safe harbor' data transfer agreement between the United States and the European Union invalid. According to BBC News , the United States and the EU adopted the 'safe harbor' framework back in 2000 in order to provide a "streamlined and cost-effective" means of transferring data from Europe to U.S.-based firms. Under European data protection laws...

In today's world, our notion of endpoints has evolved from something with a user and a keyboard to something with exploitable vulnerabilities. This conceptualization therefore covers network connections beyond laptops, personal computers and mobile devices. Indeed, vulnerabilities arising from Internet of Things (IoT) appliances; automobiles, such as security holes that ultimately resulted in a...

SQL injection is arguably the most severe problem web applications face. OWASP, an online community devoted to web application security, consistently classifies injection vulnerabilities as number one on their OWASP Top 10 Project . SQL injection vulnerabilities are a favorite amongst a number of “hactivist” groups whose aim is to cause disruption in the corporate community because they are...

A new report reveals that civilian nuclear facilities are not paying adequate attention to developing "cyber security readiness". According to the executive summary of "Cyber Security at Civil Nuclear Facilities: Understanding the Risks", the Royal Institute of International Affairs at well known think tank Chatham House conducted in-depth interviews with 30 industry practitioners, policy-makers...

Businesses have some serious problems on their hands when it comes to security. Major breaches seem to be occurring at an alarming pace – every other week seems to bring headlines of another large company suffering a security breach, and that doesn’t even begin to touch the thousands of breaches that don’t get media attention. With cyber attacks happening with far more regularly than ever before...