Recently, Tripwire published a study on the use of the term “cyber” in the United States’ National Security Strategy (NSS) documents. This analysis reveals that each NSS report has used the word “cyber” more frequently than its immediate predecessor. It also demonstrates how the meaning of “cyber” has diversified and evolved over time. I will now utilize this study, particularly those insights...

As someone who spends way too much time in Internet land, especially around the data protection and hacking crowd that I come across running a VPN review site, I wind up talking about hacker movies often. With Blackhat , starring Chris Hemsworth, stirring up interest in hacking movies again, we had a bit of a debate around the office. Not all hacker movies are created equal—some feature evil...

According to a recent report, companies are failing to properly patch and update their systems despite the disclosure of threatening vulnerabilities. The 2015 Cyber Risk Report (PDF) produced by HP analyzing last year’s threat landscape found that as many as 44 percent of breaches were the result of attackers leveraging a patched two- to four-year-old vulnerability. “Attackers continue to leverage...

Updated Tuesday, Feb. 24, 2015, 2:11 PM: Added content for Tripwire Enterprise customers to find Samba in their environment. A major vulnerability (CVE-2015-0240) has been discovered in Samba, which is a widely used and distributed SMB/CIFS Linux/Unix application for interoperability with Microsoft Windows. Samba provides integration of Linux systems in Windows environments for file and print...

Vulnerability Description All versions of Samba from 3.5.0 to 4.2.0rc4 are vulnerable to an unexpected code execution vulnerability in the smbd file server daemon. Exposure & Impact A malicious client could send packets that may set up the stack in such a way that the freeing of memory in a subsequent anonymous netlogon packet could allow execution of arbitrary code. This code would execute with...

Known as one of the largest bank heists ever, cybercriminals successfully exfiltrated nearly $1 billion dollars from dozens of banks and financial institutions around the world. After an extensive investigation, the verdict of these ongoing sophisticated attacks was traced to Carbanak malware. According to security firm Kaspersky Labs , Carbanak malware, which infected networks through simple...

This report was prepared by The Institute for National Security Studies (INSS) and The Cyber Security Forum Initiative (CSFI) to create better cyber situational awareness (Cyber SA) of the nature and scope of threats and hazards to national security worldwide in the domains of cyberspace and open source intelligence. It is provided to Federal, State, Local, Tribal, Territorial and private sector...

Last week, a Lenovo customer filed a class-action lawsuit against the Chinese technology manufacturing company and its Superfish adware, charging both with having invaded customers’ privacy and made money off of analyzing their web browsing habits. In her lawsuit, plaintiff Jessica N. Bennet of California states that she traced a number of spam advertisements posted on a client’s website to the...

Last week, we investigated the story of Dmitry Olegovich Zubakha, a Russian hacker who breached Boeing’s computer networks and launched a series of distributed denial of service (DDoS) attacks against Amazon, eBay and Priceline. Tripwire now continues its series on some of the most notorious cyber criminals brought to justice with Roman Valerevich Seleznev, a Russian hacker who broke into several...

Have you ever had your identity stolen? Or perhaps an identity crisis? I hope for your sake the answer is "no." However, if it's yes, you are in good company. Computing devices, which I'll loosely refer to as "assets," often change their identity, and at times even have it stolen (as a side note, NIST has a much broader definition of asset more akin to the dictionary definition of the word "asset...

Canada's largest Bitcoin exchange Cavirtex announced it will soon be shutting down its operations after a suspected security breach. In a statement made earlier this week, the Calgary-based company said it believed the compromise occurred on an older version of its database on February 15, which included two-factor authentication secrets, as well as hashed passwords. Although it assured...

Facebook is all about sharing. Users can share thoughts, photos and videos but now, Facebook is trying their hand at a new type of sharing: security threats. Last week , Facebook announced a new platform, called ThreatExchange , for organizations and security professionals to easily exchange cybersecurity threat information. The platform is currently in beta with Bitly, Dropbox, Facebook...

In his 1983 Turing Award acceptance speech, "Reflections on Trusting Trust”, Ken Thompson popularized the concept of a compiler backdoor where the compiler not only inserts a backdoor during compilation of a program but also compiles in the code that inserts the backdoor when compiling itself. The core idea of his speech is that we can only trust a machine to be secure if we trust every layer of...

What's happened? An almighty furore has kicked off after it was discovered that for months Lenovo has been shipping PCs and laptops with software pre-installed that could compromise your security and privacy. What software? It's called Superfish, and it inserts adverts into webpages such as Google search results. In January, a Lenovo forum administrator responded to customer complaints about...

We now appreciate the revelation that went public in February 2015 that international hackers circumvented what was supposed to be robust systems and defences, and managed to get away with an estimated $1 billion from a spectrum of around 100 banks located in 30 countries in what has been described as systemic cybercrime. With orchestration, the situation could impact the global economy in a very...

Last summer, security researchers Karsten Nohl and Jakob Lell developed a malware program, dubbed ‘BadUSB,’ to prove the insecure development of USB devices. The pair of security researchers revealed how they managed to reprogram the firmware on removable USB drives to include malicious code, giving potential attackers the ability to take over PCs, redirect Internet traffic and more . Recently...

Last month, Michal Nemcok blogged about the lack of security in the Progressive Insurance diagnostic monitoring dongle . By hacking the monitoring device, someone may be able to gain access to and change the behavior of the car, itself. Now, this is serious stuff – vulnerabilities that might impact the operation of the thing that carries your body around town at 65 miles per hour every day. Your...

In early February, the White House released its 2015 National Security Strategy (NSS). Each NSS report is symbolic to the extent that it reveals the security issues the acting U.S. president intends to focus on for the coming months and years. While not constituting “hard,” actionable strategies, these documents help to articulate the future security foci of the United States. Cyber security has...

A security firm has released a report in which it discusses how an advanced threat actor has been lodging malicious software into foreign target computers’ firmware for more than a decade. According to the report published by Kaspersky Labs, the threat actor, known as “The Equation Group,” uses multiple malware platforms on par with Regin, Stuxnet, Flame, and other high-profile cyber espionage...

I’ve been a finance professional for more than 25 years and spent the last 15 years in senior finance roles, mostly as a CFO of both public and private companies. Like many of you, I am often invited by business groups and professional service providers to attend thinly veiled networking events to get the attention of “C” suite officers of both large and smaller companies. Normally, the bait used...