|Researchers Release Decryptor that Works against GandCrab Version 5.2|
|Tue, 18 Jun 2019 11:00:37 +0000|
Security researchers have released a decryptor that works against the latest variants of GandCrab ransomware, including version 5.2. On 17 June, Bitdefender announced that users can download the tool from the No More Ransom Project’s website. They can then use the utility to freely decrypt any and all files which samples of GandCrab through version […]… Read More
The post Researchers Release Decryptor that Works against GandCrab Version 5.2 appeared first on The State of Security.
|To Air-Gap or Not Air-Gap Industrial Control Networks|
|Tue, 18 Jun 2019 03:00:12 +0000|
What is air-gapping, and why do we air-gap networks? What camp are you in? In the camp that believes in air-gaps, or the other set that says they truly do not exist? Air-gap networks are networks that are physically and logically isolated from other networks where communication between these networks is not physically or logically […]… Read More
The post To Air-Gap or Not Air-Gap Industrial Control Networks appeared first on The State of Security.
|Oregon State University (OSU) Discloses Data Breach|
|Mon, 17 Jun 2019 10:53:58 +0000|
Oregon State University (OSU) has disclosed a security incident that potentially affected the personally identifiable information of some students and their families. On 14 June, OSU announced that the security incident occurred back in May when external actors hacked a university employee’s email account. At the time of compromise, the email account contained the personal […]… Read More
The post Oregon State University (OSU) Discloses Data Breach appeared first on The State of Security.
|Climbing the Vulnerability Management Mountain|
|Mon, 17 Jun 2019 03:00:52 +0000|
The purpose of this series of blogs is to guide you on your journey up the Vulnerability Management Mountain (VMM). Like climbing a mountain, there is a lot of planning and work required, but when you get to the top, the view is amazing and well worth the journey. Your progress will depend on your […]… Read More
|Adding to the Toolkit – Some Useful Tools for Cloud Security|
|Mon, 17 Jun 2019 03:00:24 +0000|
With more business applications moving to the cloud, the ability to assess network behavior has changed from a primarily systems administration function to a daily security operations concern. And whilst sec-ops teams are already familiar with firewall and network device log tools, these can be of limited use in a “cloud first” business where much […]… Read More
The post Adding to the Toolkit – Some Useful Tools for Cloud Security appeared first on The State of Security.
|French Ministry of Interior Releases Decryptor for PyLocky Versions 1 & 2|
|Fri, 14 Jun 2019 11:31:17 +0000|
The French Ministry of Interior has released a decryption utility for versions 1 and 2 of PyLocky ransomware to the public. On 11 June, the ministry of the French government unveiled the tool as the product of collaboration between its various agencies, including the Brigade d’enquêtes sur les fraudes aux technologies de l’information (BEFTI) of […]… Read More
The post French Ministry of Interior Releases Decryptor for PyLocky Versions 1 & 2 appeared first on The State of Security.
|DDoS attack that knocked Telegram secure messaging service offline linked to Hong Kong protests|
|Thu, 13 Jun 2019 11:36:37 +0000|
An attack which targeted users of the Telegram app on Wednesday might be linked to protests in Hong Kong that turned violent.
The post DDoS attack that knocked Telegram secure messaging service offline linked to Hong Kong protests appeared first on The State of Security.
|Aircraft Parts Manufacturer Halts Operations After Ransomware Attack|
|Thu, 13 Jun 2019 11:25:27 +0000|
Aircraft parts manufacturer ASCO has temporarily suspended operations worldwide after falling victim to a ransomware attack. As reported by Data News, ASCO decided that it would shut down its headquarters in Zaventem, a Belgian municipality situated within the province of Flemish Brabant, as a result of the attack. This suspension is expected to place approximately […]… Read More
The post Aircraft Parts Manufacturer Halts Operations After Ransomware Attack appeared first on The State of Security.
|What Public Sector CISOs Should Take Away from Verizon’s 2019 DBIR|
|Thu, 13 Jun 2019 03:00:49 +0000|
It’s been a few weeks since Verizon released the 12th edition of its Data Breach Investigations Report (DBIR). For this publication, Verizon’s researchers studied 41,686 security incidents in which a response was necessary. These analysts found that 2,013 of those incidents were data breaches in that some sort of information was actually compromised. Out of […]… Read More
The post What Public Sector CISOs Should Take Away from Verizon’s 2019 DBIR appeared first on The State of Security.
|The Tax Paying Hacker: A Modern Phenomenon|
|Thu, 13 Jun 2019 03:00:24 +0000|
In a dark room lit only by the light from four computer monitors sits a hacker named Hector (not his real name). You can hear the faint pulse of an EDM track coming from his headphones as Hector taps away on his computer’s keyboard. The above description could serve as the setting for a hacker […]… Read More
|Lake City Reveals It Suffered a ‘Triple Threat’ Ransomware Attack|
|Wed, 12 Jun 2019 11:33:46 +0000|
The City of Lake City has confirmed that a “Triple Threat” ransomware attack affected the functionality of several of its computer systems. According to its Facebook statement, the Floridian municipality became the target of a ransomware program known as “Triple Threat” on 10 June 2019. This malware allegedly combined three different attack vectors to target […]… Read More
The post Lake City Reveals It Suffered a ‘Triple Threat’ Ransomware Attack appeared first on The State of Security.
|YouTube Attacks to Watch Out For in 2019|
|Wed, 12 Jun 2019 03:00:27 +0000|
YouTube, the world’s top provider of streaming multimedia content, keeps reaching new heights in terms of its popularity. Nearly two billion monthly users and five billion videos watched every single day – these impressive statistics speak for themselves, and the numbers are steadily growing year over year. Everybody loves YouTube and so do cybercriminals, only […]… Read More
|VERT Threat Alert: June 2019 Patch Tuesday Analysis|
|Tue, 11 Jun 2019 20:42:45 +0000|
Today’s VERT Alert addresses Microsoft’s June 2019 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-835 on Wednesday, June 12th. In-The-Wild & Disclosed CVEs CVE-2019-1053 An issue where Windows Shell fails to properly validate folder shortcuts could lead to sandbox escape. The attacker would require the ability to […]… Read More
The post VERT Threat Alert: June 2019 Patch Tuesday Analysis appeared first on The State of Security.
|Food Bank Needs Help Recovering from Ransomware Attack|
|Tue, 11 Jun 2019 11:07:04 +0000|
A King County food bank said it will need help recovering from a ransomware infection that affected its computer network. At around 02:00 on 5 June, bad actors targeted the severs of Auburn Food Bank with ransomware. The crypto-malware, which according to Bleeping Computer was a variant of GlobeImposter 2.0, affected all of the food […]… Read More
The post Food Bank Needs Help Recovering from Ransomware Attack appeared first on The State of Security.
|Steps for Successful Vulnerability Management: Lessons from the Pitch|
|Tue, 11 Jun 2019 03:00:46 +0000|
When I was younger, I played a variety of team sports and enjoyed competing against opponents with my teammates. Winning was always a matter of applying sound tactics and strategy, attacking and defending well and using a blend of skill, talent and luck. Now that I’m older, I watch more than I play, and I’m […]… Read More
The post Steps for Successful Vulnerability Management: Lessons from the Pitch appeared first on The State of Security.
|What Is FIM (File Integrity Monitoring)?|
|Mon, 10 Jun 2019 11:30:57 +0000|
File integrity monitoring (FIM) exists because change is prolific in organizations’ IT environments. Hardware assets change. Software programs change. Configuration states change. Some of these modifications are authorized insofar as they occur during a patch cycle; some cause concern by their unexpected nature. Organizations commonly respond to such dynamism by investing in asset discovery and […]… Read More
|Microsoft Warns of Malspam Campaign Abusing Office Vulnerability to Distribute Backdoor|
|Mon, 10 Jun 2019 10:51:02 +0000|
Microsoft is warning users to be on the lookout for a malspam campaign that’s abusing an Office vulnerability in order to distribute a backdoor. On 7 June, Microsoft Security Intelligence took to Twitter to raise awareness of the operation. The campaign, which remains active as of this writing, begins when users receive a malspam email […]… Read More
The post Microsoft Warns of Malspam Campaign Abusing Office Vulnerability to Distribute Backdoor appeared first on The State of Security.
|Fortune 500 Company Addresses Weakness Behind 264GB Data Leak|
|Fri, 07 Jun 2019 13:10:34 +0000|
A Fortune 500 company has addressed a security weakness responsible for a data leak that exposed 264GB worth of information. On 2 June, vpnMentor security researchers Noam Rotem and Ran Locar discovered that a log management server owned by global technology distributor Tech Data Corporation did not require any authentication. This made it possible for […]… Read More
The post Fortune 500 Company Addresses Weakness Behind 264GB Data Leak appeared first on The State of Security.
|How to Advance ICS Cybersecurity: Implement Continuous Monitoring|
|Fri, 07 Jun 2019 12:18:01 +0000|
Industrial Control Systems (ICS) include Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS) and other control system configurations such as Programmable Logic Controllers (PLC). They are typically used in industries such as electric, water, oil and natural gas, transportation, chemical, pharmaceutical and manufacturing (e.g., automotive, aerospace). These control systems are vital to […]… Read More
The post How to Advance ICS Cybersecurity: Implement Continuous Monitoring appeared first on The State of Security.
|Cryptocurrency wallet GateHub hacked, nearly $10 million worth of Ripple (XRP) stolen|
|Fri, 07 Jun 2019 12:16:26 +0000|
Cryptocurrency wallet service GateHub has warned that over 100 customers have had their ledger wallets hacked and funds stolen.
The post Cryptocurrency wallet GateHub hacked, nearly $10 million worth of Ripple (XRP) stolen appeared first on The State of Security.