The US Government has underlined once again that it continues to strongly discourage organisations hit by ransomware from giving in to extortion demands.In an updated advisory, the Department of Treasury’s Office of Foreign Assets Control (OFAC) has called upon businesses not to pay ransoms, and to focus on cybersecurity measures that can prevent or mi

Today’s VERT Alert addresses Microsoft’s September 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-964 on Wednesday, September 15th.In-The-Wild & Disclosed CVEsCVE-2021-40444This CVE describes a publicly exploited vulnerability in MSHTML that provides user level access upon successful exploit

What are the limits of online privacy and law enforcement? Can we clearly define them, or is this a vague and blurred area of debate?The fact is that as technology advances, the real and the virtual worlds are increasingly converging. Actions (or inactions) in the cyberspace introduce risks and threats for people, especially the most vulnerable ones, i.e. ch

In a security advisory, Microsoft has warned that malicious hackers are exploiting an unpatched vulnerability in Windows to launch targeted attacks against organisations.The security hole, dubbed CVE-2021-40444, is a previously unknown remote code execution vulnerability in MSHTML, a core component of Windows which helps render web-based content.According to

The FBI and CISA (the Cybersecurity and Infrastructure Security Agency) have jointly issued an advisory to organisations, warning about an increase in the number of attacks coinciding with weekends and holidays.With the Labor Day weekend rapidly approaching, the agencies have reminded businesses to be especially vigilant, remain diligent about their network

Threat modeling is increasing in importance as a way to plan security in advance. Instead of merely reacting to threats and incidents, an organization can identify and evaluate its security posture, relevant threats, and gaps in defenses that may allow attacks to succeed.Threat modeling has a two-way relationship with incident response:When an attack happens

Want a job in cybersecurity? There are plenty to go around. Cybersecurity Ventures estimated that there will be 3.5 million job openings in the industry by the end of the year. That makes sense. According to Gartner, global spending on information security and risk management technology is expected to exceed $150 billion in 2021. Organizations are going to n

We’re going to talk about state versus change. For the purposes of our discussion, you need to know that Tripwire Enterprise offers something called TE Commander.Many enterprise applications lack a native command line interface. This can be a challenge if you want to automate and integrate basic operations, which is a necessary function in most enterpr

A new ransomware gang that calls itself BlackMatter has launched itself on the dark web, and is actively attempting to recruit criminal partners and affiliates to attack large organisations in the United States, UK, Canada, and Australia.As experts at Recorded Future describe, the BlackMatter gang is advertising for “initial access brokers” ̵

Jihana Barrett, CEO of Cybrsuite explains the security needs from not just from an enterprise perspective but for day-to-day life. She also tells us about how her organization, Tech Sorority, provides valuable professional support and guidance for women in tech.Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnmStitcher: https://www.stitcher.com/po

Police in Spain have arrested a British man in connection with what many consider the worst hack in Twitter’s history.In July 2020, the Twitter accounts of public figures and well-known organisations were compromised, allowing malicious hackers to post tweets to millions of unsuspecting followers.Compromised accounts included those of then-Presidential

SIEM (pronounced like “sim” from “simulation”), which stands for Security Information and Event Management, was conceived of as primarily a log aggregation device. However, a SIEM’s primary capabilities are to provide threat detection, better enable incident investigation, and speed up your incident response time, while also giving you a unified, holistic vi

In my previous post, I disclosed that SonicWall had quietly released vulnerability fixes over the course of several days before vulnerability advisories were published for CVE-2020-5135.Rather than properly fixing CVE-2020-5135, SonicWall’s fix introduced a new vulnerability in the same code. SonicWall was aware of the new vulnerability but deferred the smal

It amazes me how many people confuse the importance of vulnerability scanning with penetration testing. Vulnerability scanning cannot replace the importance of penetration testing, and penetration testing, on its own, cannot secure the entire network. Both are important at their respective levels, needed in cyber risk analysis, and are required by standards

The corporate network can be a busy place with devices connecting, reconnecting and disconnecting every day. With the ever-growing landscape of today’s corporate networks, the difficulty of knowing and understanding what is on an enterprise network has highlighted the importance of effective asset discovery. So what does asset discovery involve? Asset discov