A security firm has identified a new method of attack in which hackers encrypt the data stored on website servers and demand a ransom payment for the decryption key. In an article posted on its blog , High-Tech Bridge explains how its security experts first detected the attack back in December of 2014. According to the firm’s research, the attackers were able to successfully compromise a web...

Last month, we interviewed Thom Langford , the Director of Sapient’s Global Security Office. Among other things, he explained to us how critical people are to an organization’s cyber security success, not to mention how the CISO is instrumental in framing security issues so that different target audiences can understand them. As part of our ongoing “The Voice of the CISO” series, we now interview...

Tripwire Enterprise isn’t just a change detection and compliance tool. The core ability to execute commands on agent boxes and network devices, capture the results and run the results through a series of tests can be applied to other use cases, as well. These use cases are limited only by the imagination of the user. One such use case is certificate management. A couple of years back, I was...

Raptr, a popular gaming social network website, has urged all of its users to change their passwords following a recent hack . In a security update message posted on Raptr’s site, Founder and CEO Dennis Fong disclosed the incident to the Raptr community: “Maintaining the highest level of security around your Raptr account information is of the utmost importance to us, so we're very sorry to inform...

The premise of a January 27, 2015, article by CNBC is that there is good evidence that a cyber attack against nearly any country’s critical infrastructure could be imminent . T his kind of reporting has become so commonplace, but this doesn’t seem like just more FUD (fear, uncertainty, and doubt) journalism. According to Eugene Kaspersky, CEO of global IT security firm Kaspersky Labs, the evidence...

You have done your homework and have identified the security needs to protect your business. You put together the business case and presented it to your executives, who approved the spending. Now, it is time to plan the implementation and you have to communicate with your business stakeholders. How can you convince them that the additional protection you are adding to the ecosystem outweighs the...

Researchers at the Georgia Institute of Technology have developed a methodology that uses electromagnetic (EM) side-channel signals to attack a computer, regardless of whether or not it’s been air-gapped. In their research paper , Robert Callan, Alenka Zajic, and Milos Prvulovic discuss that their metric, which they call Signal Available to Attacker (SAVAT), exploits a natural yet not readily...

Gogo has become a household name by keeping consumers connected at 10,000 feet with the popular Gogo Inflight Internet service. Recently, however, Gogo has been receiving attention and, more specifically, criticism, in the wake of a tweet from Google security engineer Adrienne Porter Felt (@__apf__) to Gogo (@Gogo). The tweet referenced a screenshot of an untrusted certificate being served with...

There are five words today that, when coming from any adult relative with minimal technical chops, are the most terrifying you'll ever hear: I clicked on this link... I doubt any one of us at some point in our lives has managed to escape the inevitable cry for help from a technically challenged relative after they've managed to turn their computing device into a festering pit of malware, Trojans...

Last week, the information security community was saddened to learn of Joseph Edwards, a 17-year-old secondary school student who committed suicide after his computer became infected with ransomware . Edwards’ computer was corrupted by Reveton (or Police Ransomware), a common type of malware that locks a victim’s computer, claims that the victim is in trouble with law enforcement authorities for...

The GHOST vulnerability (CVE-2015-0235), which was discovered by researchers in the GNU C Library (glibc), allows local and remote access to the gethostbyname*() functions in certain cases. Although the vulnerability was just recently disclosed, the vulnerability was introduced in glibx-2.2 on November 10, 2000. Fortunately, this was fixed on May 21, 2013 in glibc version 2.18, but as of now, it...

If you’re following threat feeds, you’ve probably heard about GHOST (CVE 2015-0235), the new critical vulnerability that Qualys disclosed yesterday. This vulnerability has been found in glibc, the GNU C library, and it affects all Linux systems dating back to 2000. Redhat listed it on their CVE database as ‘critical’ with a CVSS v2 score of 6.8 . GHOST is a serious vulnerability and Tripwire’s...

There’s a lot of chatter going on right now related to the GHOST vulnerability that was announced yesterday . Lots of folks are talking about the vulnerability, particularly focused on the threat advisory published by Qualys . However, I thought I would spend a little time looking at the history of this vulnerability and how its underlying bug was originally discovered. HISTORY The flaw underlying...

Researchers have discovered a critical vulnerability (CVE-2015-0235) in the Linux GNU C Library (glibc) that could potentially allow attackers to execute code on servers and gain remote control of Linux machines, without the necessary system credentials. This flaw is found in most versions of Linux, in which a buffer overflow can be exploited by calling the gethostbyname*() function. However...

Last year, a scam using fraudulent wire transfers caused businesses $215 million in losses. According to a public service announcement by the Internet Crime Computer Center (IC3), the scam, which is known as the “Business E-mail Compromise” (BEC), claimed 1,198 unique victims in every U.S. state and 45 other countries between October 2013 and December 2014. Approximately $180 million (around 84%)...

Vulnerability Description A heap-based buffer overflow was found in glibc's __nss_hostname_digits_dots() function, which is used by the gethostbyname() and gethostbyname2() glibc function calls. A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application. Exposure & Impact This...

Banks are required by law to follow government regulations; these subject the banks to specific requirements, restrictions and guidelines. The end goal being, among other things, transparency. What about setting specific requirements for banking website security? Pew Research Center statistics reveal that 51% of U.S. adults bank online and 35% of cell phone owners bank using their mobile phones...

On Wednesday, January 28, the National Cyber Security Alliance ( NCSA ) will launch its eighth annual Data Privacy Day in the United States in an effort to emphasize the importance of “respecting privacy, safeguarding data and enabling trust.” The annual day of awareness aims to encourage consumers to become educated on how to strengthen the privacy of their personal information, as well as urging...

Here's a piece of advice for anyone responsible for securing a corporation's data: If you discover security researcher Randy Westergren is using your app, you had best take a long hard look at whether you are protecting your users' information properly. Because, if you're not, there's a good chance that he might be about to tell you what you're doing wrong. Westergren, who has recently uncovered...

Five cyber criminals down; five to go. Last week, we learned about Lin Mun Poo , a Malaysian hacker who at one time infiltrated a prominent U.S. financial institution as well as a contractor for the Department of Defense. Tripwire now continues its series on some of the most notorious cyber criminals brought to justice with Vladislav Anatolievich Horohorin, a Ukrainian hacker who used online...