Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

October 2020

5 Essential Steps to Improve Cybersecurity Maturity

From small- and medium-sized organizations to large enterprises, every business is under continuous threat of security risk in today’s digital world. With the growing digital footprint and cloud adoption, organizations continue to experience sophisticated cyberthreats that hold the potential to disrupt business continuity. A vast majority of these threats can go undetected, or they can be detected too late for an organization to avoid the exposure and the associated risks.

How Containers Support the IT-OT Convergence

The worlds of information technology (IT) and operational technology (OT) are colliding. In July 2019, Automation.com cited a survey finding where 82% of respondents told Forrester and Nozomi Networks that their organizations were in the early stages of an IT-OT convergence. Some said their organizations were embracing this meeting more fully. This finding begs several questions. Why are IT and OT converging?

4 Considerations for a Secure Cloud Environment

Digital attackers are increasingly turning their attention to the cloud. According to the 2020 Trustwave Global Security Report, the volume of attacks targeting cloud services more than doubled 7% in 2018 to 20% a year later. This growth made cloud services the third most-targeted environment after corporate and e-commerce at 54% and 22%, respectively. These trends highlight the need for organizations to secure their cloud environments.

How to Best Secure the Industrial Network for EMEA Organizations

You don’t have to search very far in the news to see stories of websites being hacked and customer details being stolen. Stories about incidents involving industrial control systems (ICSes) and operational technology (OT) environments aren’t so common. But they are prevalent. Just the other week, for example, an airline company sent out an email letting me know that their database had been hacked and that my travel details might have been taken.

Australia Proposes Security Law to Protect Critical Infrastructure Against Cyber Attacks

The Australian Government is committed to protecting the essential services all Australians rely on by uplifting the security and resilience of critical infrastructure. Increasingly interconnected and interdependent critical infrastructure is delivering efficiencies and economic benefits to operations.

Over one million WordPress sites receive forced update to security plugin after severe vulnerability discovered

Loginizer, a popular plugin for protecting WordPress blogs from brute force attacks, has been found to contain its own severe vulnerabilities that could be exploited by hackers. The flaw, discovered by vulnerability researcher Slavco Mihajloski, opened up opportunities for cybercriminals to completely compromise WordPress sites. The flaw can be exploited if a user attempts to log into a Loginizer-protected website with a carefully-crafted username.

More Effective Security Awareness: 3 Tips for NCSAM

It’s often said that humans are the weakest link in cybersecurity. Indeed, I’d have a hard time arguing that a computer that was sealed in a box, untouched by human hand, poses much of a security risk. But a computer that is unused has no purpose. It behooves security practitioners to get smarter about how we teach people to use those machines so that both humans and computers can work together to safely accomplish greater things.

A Closer Look at the Attempted Ransomware Attack on Tesla

Cybersecurity is in the news again with the disclosure that Tesla, working in conjunction with the FBI, prevented a ransomware attack from being launched at its Gigafactory in Nevada. The cybercriminals targeted Tesla through one of its employees, whom they allegedly promised to pay $1 million in order to help them infect the company’s system with malware.

IoT Devices: Privacy and Security in Abusive Relationships

A few weeks, ago, technology news site The Verge reported on a new Ring security camera that is in fact a drone that flies around inside your house. Available beginning next year, the ‘Always Home Cam’ is supposed to give its owners a total view of their home without the need for multiple cameras. Those worried about break-ins or other kinds of suspicious activities may like the idea of being a fly on the wall in any room inside the house, even when they’re away from home.

3 Zones that Require Network Security for Industrial Remote Access

By now, we have a good understanding of what secure remote access (SRA) is and why organizations might choose to enable it for their OT environments. We also know that securing IT-OT collaboration, leveraging guidance from best practice frameworks and using an automated solution can help organizations to implement this type of access. Even so, we still don’t have a detailed view of how to implement industrial remote access in practice.

Barnes & Noble warns customers it has been hacked, customer data may have been accessed

American bookselling giant Barnes & Noble is contacting customers via email, warning them that its network was breached by hackers, and that sensitive information about shoppers may have been accessed. In the email to customers, Barnes & Noble says that it became aware that it had fallen victim to a cybersecurity attack on Saturday October 10th.

UAE's Information Assurance Regulation - How to Achieve Compliance

For years, the United Arab Emirates (UAE) has committed itself to adopting information technology (IT) and electronic communication. The UAE’s Telecommunications Regulatory Authority (TRA) noted that this policy has made the state’s government agencies and organizations more efficient as well as has improved the ability for individuals to collaborate around the world.

Shared Responsibility and Configuration Management in the Cloud: SecTor 2020

A number of high-profile data breaches have resulted directly from misconfigured permissions or unpatched vulnerabilities. For instance, the 2017 Equifax breach was the result of exploiting an unpatched flaw in Apache Struts allowing remote code execution. More recently, the Capital One breach last year stemmed from a misconfigured web application firewall. Verizon’s 2020 DBIR reported that only hacking was more prevalent than misconfiguration errors as the culprit of data breaches.

Deepfake Voice Technology Iterates on Old Phishing Strategies

As the world of AI and deepfake technology grows more complex, the risk that deepfakes pose to firms and individuals grows increasingly potent. This growing sophistication of the latest software and algorithms has allowed malicious hackers, scammers and cyber criminals who work tirelessly behind the scenes to stay one step ahead of the authorities, making the threat of attacks increasingly difficult to both prepare for and defend against.

How Cybersecurity Leaders Can Understand the Value of Their Organization's Security Solutions

Information Security leaders have to demonstrate the value and purpose for each solution that’s purchased and prove the solution that was chosen is doing the job it was procured to do. Executives are therefore requiring Information Security leaders to prove the value of the solutions in ways they understand. They need to see the value not in security metrics but in dollars and cents.

How Tripwire Custom Workflow Automation Can Enhance Your Network Visibility

Tripwire Enterprise is a powerful tool. It provides customers insight into nearly every aspect of their systems and devices. From change management to configuration and compliance, Tripwire can provide “eyes on” across the network. Gathering that vast amount of data for analysis does not come without challenges. Customers have asked for better integration with their processes and third-party tools.

Achieving Compliance with Qatar's National Information Assurance Policy

Qatar is one of the wealthiest countries in the world. Finances Online, Global Finance Magazine and others consider it to be the wealthiest nation. This is because the country has a small population of under 3 million but relies on oil for the majority of its exports and Gross Domestic Product (GDP). These two factors helped to push the country’s GDP measured at purchasing power parity (PPP) to over 132,886, per Global Finance Magazine’s findings in August 2020.

Securing Cloud Environments: Staying on top of cloud configurations to prevent data leaks.

Securing Cloud Environments: Staying on top of cloud configurations to prevent data leaks with PJ Norris, Senior Systems Engineer. Shares new research Shows common mistakes Offers solutions that help with hardening and compliance in the cloud

Zerologon: Tripwire Industrial Visibility Threat Definition Update Released

Today, we released a Threat Definition Update bundle for our Tripwire Industrial Visibility solution to aid in the detection of Zerologon. Otherwise known as CVE-2020-1472, Zerologon made news in the summer of 2020 when it received a CVSSv3 score of 10—the most critical rating of severity. Zerologon is a vulnerability that affects the cryptographic authentication mechanism used by the Microsoft Windows Netlogon Remote Protocol (MS-NRPC), a core authentication component of Active Directory.

File Integrity Monitoring (FIM): Your Friendly Network Detective Control

Lateral movement is one of the most consequential types of network activity for which organizations need to be on the lookout. After arriving at the network, the attacker keeps ongoing access by essentially stirring through the compromised environment and obtaining increased privileges (known as “escalation of privileges”) using various tools and techniques. Attackers then use those privileges to move deeper into a network in search of treasured data and other value-based assets.

Zero Trust Architecture: What is NIST SP 800-207 all about?

“Doubt is an unpleasant condition, but certainty is an absurd one.” Whilst I claim no particular knowledge of the eighteenth-century philosopher Voltaire, the quote above (which I admit to randomly stumbling upon in a completely unrelated book) stuck in my mind as a fitting way to consider the shift from traditional, perimeter-focused ’network security’ thinking to that of ‘ZTA’ (Zero Trust Architecture.)

Ransom Payments Could Result in Civil Penalties for Ransomware Victims

Victims of ransomware attacks could potentially receive civil penalties for making ransom payments to a growing list of threat actors. On October 1, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) revealed that it could choose to impose civil penalties on ransomware victims who make ransom payments to malicious actors whom it has designated under its cyber-related sanctions program.

What to do first when your company suffers a ransomware attack

For many companies it would be a nightmare to discover that they are the latest unwitting victim of a ransomware attack, capable of crippling computer systems and locking up data if a payment isn’t made to cybercriminals. There’s no magic wand that can make a ransomware attack simply disappear with no impact at all on an organisation, but you can lessen the problem by carefully following tried-and-trusted steps in the immediate aftermath of an attack.