A malvertising campaign is distributing code that mines different cryptocurrencies inside an unsuspecting user's web browser. For the operation, computer criminals are targeting mainly visitors to video streaming and in-browser gaming sites based in Russia and Ukraine. They abuse an online advertising network to display ads containing custom...

UPDATED 19/9/17 to correct the fact that US Info Search never sold any data to Ngo Equifax made headlines on September 7, 2017, when it announced its discovery of a data breach earlier in the year. In the security incident, computer criminals leveraged a "U.S. website application vulnerability" to view some of the consumer credit reporting agency's...

A new remote access trojan (RAT) known as Kedi phones home and transmits a victim's stolen data to attackers using Gmail. The malware relies on spear-phishing, one of the most common types of phishing attacks, for distribution. These attack emails spread a 32-bit Mono/.Net Windows executable, written in C#, that masquerades as a Citrix tool. It then...

Researchers have uncovered several zero-day flaws affecting billions of Bluetooth-enabled devices, including smartphones, TVs, laptops, watches, smart TVs and more. Dubbed “BlueBorne,” the attack vector enables malicious actors to leverage the short-range wireless protocol to take full control over targeted devices, access data and spread malware to...

Today’s VERT Alert addresses the Microsoft September 2017 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-742 on Wednesday, September 13th. In-The-Wild & Disclosed CVEs CVE-2017-8759 This vulnerability, discovered by researchers at FireEye, has been exploited as part of the spread of the...

Threat actors victimized more than 1.5 million computer users with cryptocurrency mining software in the first eight months of 2017. It's perfect legal for users to install software on their computers that mines cryptocurrency. But miners are unique in that many of them come with the ability to achieve persistence on a system, to automatically...

My interviews with women and non-males in cybersecurity here on The State of Security have been very popular. Last month, when I looked for subjects for the third "Women in Information Security" series, I got an overwhelming response! The first person I interviewed for this next wave of interviews was security engineer Keirsten Brager. We had an...

Social networking platform Taringa! has confirmed a data breach that exposed nearly every record in its 28 million registered user base. On 4 September, data breach notification LeakBase disclosed a hack where attackers allegedly stole the records for 28,722,877 registered users of Taringa!, a popular Latin American social media site. The Hacker...

Although the ransomware industry has resumed growth after July’s decline, nothing game-changing happened in the online extortion ecosystem last month. There was an influx of new GlobeImposter ransomware variants and real-life spinoffs of the Hidden Tear proof-of-concept. The Locky strain geared up for another rise with its Lukitus persona. And a...

Keeping up with advances in technology is like being a hamster on a wheel: the race never ends. But that drive is ultimately what yields innovative advances in IT – for both hackers and cyber professionals alike. We need to understand that we cannot control this evolution – neither its speed nor progress – but we can implement standards and best...

Over the past few months, the security industry has witnessed several major cloud data breaches. The Deep Root Analytics leak sent shockwaves across the cybersecurity community in June, as sensitive information on 197 million American voters was exposed. A few weeks later, data on six million Verizon users was exposed by Nice systems, a third-party...

In 2015, The State of Security published a list of 11 essential bug bounty frameworks. Numerous organizations and even some government entities have launched their own vulnerability reward programs (VRPs) since then. With that in mind, I think it's time for an updated list. Here are 10 essential bug bounty programs for 2017. 1. Apple Website:...

Responsible disclosure is the gold standard for fixing security vulnerabilities. But as we all know, sometimes at least one stakeholder doesn't hold up their end of the agreement. Parties violate a responsible disclosure timeline for many reasons. Take the Zero Day Initiative, for instance. One of its security researchers discovered a vulnerability...

“Cyber” is not an appropriate category of risk. Often cited in 10-K reports, discussed by board directors and C-suite executives, and referenced by Enterprise Risk Management (ERM) or Governance, Risk and Compliance (GRC) professionals, the category merely perpetuates ambiguity and lack of understanding related to all things “cyber.” Because of this ...

Recently, an incident commonly referred to as “stackoverflowin” swept social media. On February 4, 2017, a 17-year-old hacker from the UK using the alias ‘stackoverflowin’ decided on a whim to do some printing. He printed quite a bit. In fact, he printed so much that it started to trend on Twitter. That’s because he printed to every open printer on...

Bad actors commonly abuse LinkedIn to launch digital attacks. With over 500 million members spread across 200 countries, the professional networking site contains crucial information that nefarious individuals can use to attack nearly any organization and its corporate data. They just need to establish an initial foothold in the company. Most of the...

Friday, August 18th was Bad Poetry Day. To celebrate, Tripwire decided to ask some of it's employees and friends in the community to share some of their security poems with us. Some folks tweeted theirs out using the hashtag #tripwirebadpoetryday. Others sent them in. Here are some of our favorites: Roses are red, Violets are blue Tripwire is...

The WannaCry and NotPetya attacks caused disruption on a global scale in the spring and early summer of June 2017. Following those malware campaigns, businesses around the world should have heard the alarms and responded by tightening their security systems in an effort to mitigate against similar attacks in the future. But reality doesn't always...

Containers can be traced back to 1979 with chroot but the advent of Docker has exponentially increased the popularity and usefulness of this technology. Any technology that becomes popular and useful also becomes a target for attacks. Containers are designed to provide isolated environments rather than full virtual machines, but they make great...

I have had the pleasure of working on the latest curriculum for Tripwire University. In that capacity, I've noticed more and more interest around securing cloud environments as our customers and the market continue to move towards cloud technologies. Whether it be customers who are 100% committed to the cloud and moving all of their assets up into...