Earlier this month, an explosion at a power station in Maryland caused outages at the White House, the Capital, and the State Department. The service interruption, which affected between 10,000 and 30,000 people, was caused by a 230-kilovolt transmission conductor that broke free from its support structure, according to NBC News. As a result, the...

Network Forensics is a branch of Digital Forensics that deals with the capture, storage and analysis of network traffic. Incident handlers working on computer incident response and security operations teams around the world engage in this type of analysis in order to answer the “Five Ws” in relation to incidents: [W]ho did it? [W]hat happened? ...

Verizon’s annual Data Breach Investigations Report (DBIR), published since 2008, has become one of the most anticipated information security industry reports. Think of it as the Data Breach Bible, as it dissects thousands of confirmed data breaches and security incidents from around the globe into emergent and shifting trends, providing us with...

Detecting and preventing malicious software from executing on critical systems has received a lot of attention in the information security industry lately. Being able to detect new applications, drivers and files is what Tripwire Enterprise excels at. However, there are quite a few options for a motivated attacker to take advantage of built in...

The evil twin is not just a schlocky plot device for TV crime shows and absurd soap operas, it's also a threat to your company's data. It's relatively easy for a criminal to set up an evil twin rogue wireless access point that mimics one that your users and visitors connect to, whether on your premises or in a public place, with the intention of...

If you've recently found your web browsing plagued by pornographic pop-ups and irritating adverts, there might be a simple - but dangerous - explanation. Maybe hackers have hijacked your internet router? Security researchers at Ara Labs have warned of an active campaign which has seen attackers changing DNS settings on routers, causing unauthorised...

Over the past decade, the role of the Internet has moved beyond just email and websites viewable from a small window on a heavy desktop to something we now carry with us in our bags, pockets and strapped to our wrists. It is now a driving force of the world economy and is creeping its way into every aspect of our lives. For better or worse, we are...

The printf() family of functions (printf(), fprintf(), sprintf(), etc.) are surprisingly powerful and, if not properly used, can expose a class of vulnerabilities called format string attacks. These attacks can be very bad because with a well-crafted format string, an attacker could write an arbitrary value into an arbitrary memory location. This...

Sarah Clarke and a few others were running a discussion on Twitter trying to hash out if security policies have any value. The discussion was started by a person critically stating that as far as he was concerned, they have no value at all. As Twitter isn't a good medium for summarizing the potential values that were identified, Sarah and I...

…that was the question. How many people actually find your security policies useful? Go on, guess. I’m willing to bet it’s only audit, risk, compliance management and the third-parties that assess you. Here’s the tweet from Phil Huggins (@oracuk) that kicked off a lively enough debate to make me want to write this. Phil’s core and continuing...

There's bad news for any Windows users who were thinking that the recently-announced FREAK vulnerability wasn't something they had to particularly worry about. When first announced, it was thought that the newly-discovered flaw in SSL/TLS was limited to Apple's Safari and Google's Android web browsers, opening the possibility of hackers and...

An interesting dialogue came up in my security circles that I believe outlines a fundamental disconnect within organizations developing software products. We have all heard that communication is key, but are the conversations happening at the proper levels to expose a product’s security requirements? The conversation went something like this:(Sales...

Companies like mine, and consultants like me, have long been instructed and expected to pass on the mantra that the solution to security is compliance with standards and that being in compliance means you are secure. Having worked in the industry for more than a decade, I know that this is demonstrably not true. My hypothesis is that compliance and...

Attackers altered the domain name system (DNS) records for Lenovo.com on Wednesday, allowing them to spoof the computer manufacturer’s website and gain access to the company’s MX mail server records. Following the attack, users who visited Lenovo’s company page saw a teenager’s slideshow, with the song “Breaking Free” from Disney’s High School...

Updated Tuesday, Feb. 24, 2015, 2:11 PM: Added content for Tripwire Enterprise customers to find Samba in their environment. A major vulnerability (CVE-2015-0240) has been discovered in Samba, which is a widely used and distributed SMB/CIFS Linux/Unix application for interoperability with Microsoft Windows. Samba provides integration of Linux...

Known as one of the largest bank heists ever, cybercriminals successfully exfiltrated nearly $1 billion dollars from dozens of banks and financial institutions around the world. After an extensive investigation, the verdict of these ongoing sophisticated attacks was traced to Carbanak malware. According to security firm Kaspersky Labs, Carbanak...

Canada's largest Bitcoin exchange Cavirtex announced it will soon be shutting down its operations after a suspected security breach. In a statement made earlier this week, the Calgary-based company said it believed the compromise occurred on an older version of its database on February 15, which...

In his 1983 Turing Award acceptance speech, "Reflections on Trusting Trust”, Ken Thompson popularized the concept of a compiler backdoor where the compiler not only inserts a backdoor during compilation of a program but also compiles in the code that inserts the backdoor when compiling itself. The core idea of his speech is that we can only trust...

We now appreciate the revelation that went public in February 2015 that international hackers circumvented what was supposed to be robust systems and defences, and managed to get away with an estimated $1 billion from a spectrum of around 100 banks located in 30 countries in what has been described as systemic cybercrime. With orchestration, the...

I’ve been a finance professional for more than 25 years and spent the last 15 years in senior finance roles, mostly as a CFO of both public and private companies. Like many of you, I am often invited by business groups and professional service providers to attend thinly veiled networking events to get the attention of “C” suite officers of both...