The digital threat landscape is always changing. This year is an excellent (albeit extreme) example. With the help of Dimensional Research, Tripwire found out that 58% of IT security professionals were more concerned about the security of their employees’ home networks than they were before the outbreak of coronavirus 2019 (COVID-19). Slightly fewer...

On May 1st President Trump signed an Executive Order on “Securing the United States Bulk-Power System.” The order cites foreign adversaries and their increased creation and usage of vulnerabilities against the power grid as the primary driver. In my opinion, perhaps more interesting is the inherent ties to the NERC standards, namely CIP-010 R4 and...

Newly-discovered zero-day vulnerabilities may generate the biggest headlines in the security press, but that doesn't mean that they're necessarily the thing that will get your company hacked. This week, US-CERT has published its list of what it describes as the "Top 10 Routinely Exploited Vulnerabilities" for the last three years. The list is...

The UK’s designated national agency responsible for providing information and expert guidance on qualifications (UK NARIC) recently announced that the Certified Information Systems Security Professional (CISSP) credential offered by (ISC)2 is rated RQF Level 7, thereby placing it equal to a particular level of a Master’s Degree. This declaration is...

Today’s VERT Alert addresses Microsoft’s May 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-884 on Wednesday, May 13th. In-The-Wild & Disclosed CVEs None of the vulnerabilities resolved this month have been publicly disclosed or exploited according to Microsoft. CVE Breakdown by Tag ...

For most practical uses today, a combination of hardening and vulnerability detection is required to secure even the most basic digital environment. In each area it is important to see the progress you’re making in these competencies so that you can improve and build on the work you and your team have done over time. But with so many assets in your...

Tripwire's April 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft, Oracle, and VMware. Up first on the patch priority list this month is a patch for VMware vCenter Server. This patch resolves an information disclosure vulnerability. This patch has highest priority as proof-of-concept code to exploit the...

British security firm Sophos determined that malicious actors had abused a zero-day vulnerability to achieve remote code execution (RCE) on some of its firewall products. According to Sophos, the attack chain began when digital attackers exploited a zero-day SQL injection vulnerability to achieve RCE on some firewall products. They abused this...

We find ourselves in strange times. In response to the ongoing coronavirus epidemic, organizations have swiftly closed their offices and mandated that all employees begin working from home. This development has created security challenges with which many organizations are still grappling. That’s not the only impact COVID-19 has had on security. Social...

What's this Maze thing I keep hearing about? Maze is a particularly sophisticated strain of Windows ransomware that has hit companies and organizations around the world and demanded that a cryptocurrency payment be made in exchange for the safe recovery of encrypted data. There's been plenty of ransomware before. What makes Maze so special? Like...

Just a couple of weeks back I posted to The State of Security an article titled “Finally Some Good News: NERC Proposes Deferment of 3 CIP standards,” and, as suspected, the Federal Energy Regulatory Commission (FERC) approved the extension officially on April, 17th with this order. Having approved NERC’s petition submitted on April 6th, FERC...

Scams leveraging coronavirus 2019 (COVID-19) as a lure have stolen tens of millions of dollars from their victims. As of April 16, 2020, the Federal Trade Commission (FTC) had received 20,334 consumer reports of fraud attempts pertaining to the coronavirus since the beginning of the year. Those attacks that proved successful had caused their victims...

Millions of people have moved onto the Zoom video-conferencing platform as the coronavirus pandemic has forced them to work from their homes. According to Zoom's own statistics, its daily usage has soared from approximately 10 million daily users in December to over 200 million today. And although Zoom must be pleased to see so many more people...

Anyone who has had any experience on the offensive side of security has had fun with privilege escalation. There’s something exciting about exploiting a system to the point of getting root-level access. Since I have spent most of my time on the defensive side of the fence, the magic of escalating privileges rested in Exploiting for Privilege...

Today’s VERT Alert addresses Microsoft’s April 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-880 on Wednesday, April 15th. In-The-Wild & Disclosed CVEs CVE-2020-0935 A vulnerability in the OneDrive for Windows desktop application could allow an attacker to overwrite a targeted file...

Why is cybersecurity important to Education? Acknowledging recent reports of ransomware targeting educational institutions, it is no wonder that there have also been articles that attempt to lure in readers with “free” tools. What is disappointing is that these “free” tools are little more than marketing pieces that direct you to click on readily...

When I first started researching ATT&CK last year, Persistence was the tactic which made me fall in love. Even though I have been in the industry for some time, I learned more from digging into the various techniques here than any other tactic. While I knew about fun tricks like replacing sethc.exe with cmd.exe and hitting the shift key a bunch of...

Tripwire's March 2020 Patch Priority Index (PPI) brings together important vulnerabilities from Microsoft and Adobe. Up first on the patch priority list this month are patches for Microsoft Browsers and Scripting Engine. These patches resolve information disclosure, remote code execution, and memory corruption vulnerabilities. Next on the list are...

Why leveraging live environment simulations and putting ICS tools to the test is the best way to evaluate their fitness. Track and field was one of my favorite sports growing up. I didn’t begin competitively participating until I was a teenager, but I was instantly hooked once I started. Why? Because the clock didn’t lie. The tape measure didn’t lie....