Author: Ken Westin

The IRS cyberattacks may have affected more than 300,000 taxpayer accounts – and more than 600,000 breaches were attempted. Ken Westin, senior security analyst for Tripwire commented on the recent massive cyber attacks. [su_note note_color=”#ffffcc” text_color=”#00000″]Ken Westin, Senior Security Analyst for Tripwire : “This is a perfect example of how unrelated data breaches imperil us all. Cybercriminals have identified ways to correlate and aggregate data compromised in other breaches to increase their profits.  The information that was used such as  Social Security numbers, date of birth, tax filing status (married or not) and street address is the same type of information that…

Ken Westin, senior security analyst for Tripwire has been noting the potential for this “Hammertoss” cyber espionage scenario for some time and was not surprised by the FireEye report that came out. Ken Westin, senior security analyst for Tripwire : “This particular method of attack is pretty clever, as it takes advantage of most enterprise organizations trust and whitelisting of well known social media platforms. By downloading binary images and embedding commands in the images they easily circumvent most detection mechanisms. The additional measure of encrypting the message within the image serves a double purpose to both hide the messages in…

With the latest information from the inspector general that some emails that Hillary Clinton sent from her private server contained classified information but was not identified as classified. Ken Westin, Security Analyst for Tripwire says this issue puts a light on the challenges of Shadow IT in Government. Also explains that without direct access to a systems and data, it is difficult to identify sensitive data that has been exposed. Ken Westin, Security Analyst for Tripwire :  “Regardless of the politics involved, the issue here outlines challenges of “Shadow IT” either in government or the enterprise. When IT administrators do not…

Customers who hired the infamous ID theft-protection firm Lifelock to monitor their identities after their data was stolen in a breach were in for a surprise. It turns out Lifelock failed to properly secure their data. Ken Westin, Senior Security Analyst, at Tripwire commented on the Theft-Protection firm lifelock. Ken Westin, Senior Security Analyst, Tripwire : “All consumer service businesses need to prove that they have taken proper steps to protect their customers through the implementation of best practices for security controls and policies. Failure to continuously apply and update security controls can be a PR disaster for any business,…

Commenting on FTC news that LifeLock violated, a 2010 settlement with the agency and 35 state attorneys general by continuing to make deceptive claims about its identity theft protection services, and by failing to take steps required to protect its users’ data. Ken Westin, a cybersecurity expert with Tripwire, provided the following comments. Ken Westin, Senior Security Analyst for Tripwire (www.tripwire.com): “All consumer service businesses need to prove that they have taken proper steps to protect their customers through the implementation of best practices for security controls and policies. Failure to continuously apply and update security controls can be a PR…

Brian Krebs reported that Adobe Systems Inc. said it plans to issue a patch to fix a zero-day vulnerability in its Flash Player software that is reportedly being exploited in active attacks. The flaw was disclosed publicly over the weekend after hackers broke into and posted online hundreds of gigabytes of data from Hacking Team, a controversial Italian company that’s long been accused of helping repressive regimes spy on dissident groups. For more information visit HERE. Ken Westin, Senior Security Analyst for Tripwire (www.tripwire.com): “The market for zero day vulnerabilities is alive and well and as the Hacking Team breach…

Commenting on reports that there has been a credit card breach at Donald Trump’s hotel properties, Ken Westin, senior security analyst for Tripwire, provided the following: Ken Westin, senior security analyst for Tripwire (www.tripwire.com): “Much like many of the other breaches we have seen targeting the retail and hospitality, this is not an attack that targeted a single hotel or store.  Instead, this was the result of a larger more sophisticated and orchestrated attack. When a larger group of organizations appear to be involved, it usually indicates that the breach took advantage of shared network resources or applications. “Many organizations…

Toshiba is working on an unbreakable encryption solution that would create a one-time encryption key. The key for Toshiba’s quantum-cryptography system will be delivered as photons through a custom-made fiber optic cable not connected to the Internet. Ken Westin Security Analyst for Tripwire commented on the unbreakable encryption. Ken Westin, Security Analyst for Tripwire :  “It is great to see new innovations and researched focused on better methods of encrypting data, however when I hear “unbreakable encryption” or “100% secure” I immediately think of the Titanic. Making such claims in the world of security, particularly when it involves new technology is getting a bit ahead of ourselves,…

The F.B.I. is looking into the whether or not the Front Office for the St. Louis Cardinals hacked into the Houston Astros internal networks containing confidential information about their players. Ken Westin, Security Analyst for Tripwire says hacking isn’t always about stealing credit cards, gaining a competitive advantage is also a reason as well. Comments from Ken Westin, Security Analyst for Tripwire : “Hacking isn’t always about stealing credit cards, but can also be about access to information to provide a competitive edge. We have increasingly seen this behavior in business where hackers steal and sell information to competitors or…

The St. Louis Cardinals are facing an FBI and Justice Department inquiry in the hacking of the Houston Astros’ Network , Ken Westin, senior security analyst at Tripwire, provided the following comments: Ken Westin, senior security analyst at Tripwire (www.tripwire.com): “Hacking isn’t always about stealing credit cards, but can also be about access to information to provide a competitive edge. We have increasingly seen this behavior in business where hackers steal and sell information to competitors or investors to give them an edge. A baseball team hacking another team is a logical extension of this type of attack, as it…