Threat Insights

The State of Security

• Integrating the Risk Management Framework (RMF) with DevOps August 14, 2020
  Information security should be at the heart of every system launched. In accordance with the Federal Information Security Management Act (FISMA), an information technology system is granted an Authority to Operate (ATO) after passing a risk-based cybersecurity assessment. The ATO Problem However, the ATO process can pose several challenges to the modern DevOps processes, as […]
• CISA Warns of Phishing Emails Leading to Spoofed COVID-19 Relief Page August 13, 2020
  The Cybersecurity & Infrastructure Security Agency (CISA) warned that phishing emails are redirecting recipients to spoofed COVID-19 loan relief pages. On August 12, CISA announced its discovery of the attack campaign in Alert (AA20-225A): The Cybersecurity and Infrastructure Security Agency (CISA) is currently tracking an unknown malicious cyber actor who is spoofing the Small Business […]
• Cybercriminals Are Infiltrating Netgear Routers with Ancient Attack Methods August 13, 2020
  It would be heartening to think that cybersecurity has advanced since the 1990s, but some things never change. Vulnerabilities that some of us first saw in 1996 are still with us. If you don’t believe me, just take a look at the news. Last month, Virginia-based cybersecurity firm GRIMM announced that they had found a […]
• Google App Engine, Azure App Service Abused in Phishing Campaign August 12, 2020
  A phishing campaign abused both the Google App Engine and the Azure App Service to steal victims’ Microsoft Outlook credentials. Netskope observed that the attack campaign started with a shortened link “https://bitly[.]com/33nMLkZ” distributed by a phishing email. This link redirected a recipient of the email to a Google App Engine domain “https://o365apps[.]oa.r.appspot.com.” A Google Cloud […]
• Survey: 76% of IT Pros Say It’s Difficult to Maintain Security Configs in the Cloud August 12, 2020
  Cloud misconfigurations are no laughing matter. In its “2020 Cloud Misconfigurations Report,” DivvyCloud revealed that 196 separate data breaches involving cloud misconfigurations had cost companies a combined total of approximately $5 trillion between January 1, 2018 and December 31, 2019. The problem is that those costs could be even higher; as reported by ZDNet, 99% […]
• Managing Information Security Skepticism by Changing Workplace Culture August 12, 2020
  Imagine a workplace in which all of the staff support the function of information security. Employees report suspicious events, are committed to data privacy and see the value in completing the regularly scheduled compliance trainings. How much easier life would be for security professionals! Naturally, it’s hard for people to get behind something that feels […]
• VERT Threat Alert: August 2020 Patch Tuesday Analysis August 11, 2020
  Today’s VERT Alert addresses Microsoft’s August 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-899 on Wednesday, August 12th. In-The-Wild & Disclosed CVEs CVE-2020-1464 A vulnerability exists in the way that Windows validates file signatures. An attacker could load improperly signed files by bypassing security features that […]
• New Agent Tesla Variants Capable of Stealing Data from VPNs, Browsers August 11, 2020
  Some new variants of the Agent Tesla infostealer family are capable of stealing data from multiple VPN clients and web browsers. SentinelOne observed that attackers continue to deploy Agent Tesla across various stages of their operations, as this malware enables criminals with even low levels of technical expertise to manipulate and manage their victims’ infected […]
• The Importance of Content for Security Tools like Tripwire August 11, 2020
  Have you ever stood in the airport security line when the agents bring the dog out to inspect everyone’s luggage? I’m always so fascinated watching the dog go down the line and do her work. Wow she’s so smart! How does she know what to look for? My own dog has talents of her own, […]
• Phishers Send Out Fake cPanel Security Vulnerabilities Advisory August 10, 2020
  Fraudsters launched a new phishing attack in which they sent out a fake cPanel advisory warning recipients about fabricated security vulnerabilities. On August 5, cPanel and WebHost Manager (WHM) users began reporting of having received a fake advisory that appeared to have originated from the company. The fake advisory informed recipients that cPanel had released […]