


Tim Erlin
VP of Product Management and Strategy feature_status*/ ?>
Tripwire
Comments Dotted :
33
December 04, 2020
It’s important to keep in mind that other types of attacks are still out there, if not as readily recognizable.
Every organization should be prepared to respond to ransomware, including the potential operational disruptions that come with that response.
While we tend to focus on the response to ransomware, prevention is still the best way to deal with the threat. Ransomware doesn’t magically appear on systems, and the methods by which it’s introduced into an environment are generally well understood: phishing, vulnerability exploits, and misconfigurations. Identifying and addressing the weak points.....Read More

September 26, 2020
The more these apps are integrated into business and daily life, the more critical they become.
We might think of social media apps as frivolous, but the more these apps are integrated into business and daily life, the more critical they become. Social media, including Instagram, are conduits for news and information. They’re also conduits to personal information stored on mobile devices.
Targeted takeover of high profile accounts is one possibility, but in this age of disinformation campaigns, there’s clear value in taking over the average consumer’s account for the purposes of.....Read More

September 18, 2020
Delays in treatment, regardless of the cause, can be life-threatening.
When cyberattacks impact critical systems, there can be real-world consequences. We’re not used to thinking of cyberattacks in terms of life and death, but that was the case here. Delays in treatment, regardless of the cause, can be life-threatening.
Ransomware doesn’t just suddenly appear on systems. It has to get there through exploited vulnerabilities, phishing, or other means. While we tend to focus on the ransomware itself, the best way to avoid becoming a victim is to prevent the.....Read More

September 16, 2020
Breach response, especially for public entities, has to include appropriate transparency and analysis.
Health information is certainly sensitive and needs to be protected. Unfortunately, technical controls aren’t always perfect, and aren’t always enough. In some cases, human error is the root cause of a breach. Breach response, especially for public entities, has to include appropriate transparency and analysis. Although human error might cause a breach, technical controls can certainly be part of the response. Using a technical control to prevent a human from making an error can be very.....Read More

May 19, 2020
The industry analysis provided by the DBIR is invaluable.
We often think of ransomware as a breach, but the DBIR categorizes most ransomware activity as an incident because while you may have lost access to the data, the attacker hasn’t actually stolen it. While that may give you some comfort, it doesn’t mean that a ransomware incident is materially less impactful to the security folks who have to deal with it.
The fact that “misconfiguration” is in the top five action varieties for breaches is an important acknowledgment that not all.....Read More

May 13, 2020
Ransomware makes headlines, in part, because it’s always detected.
The overwhelming tendency is to focus on the ransomware itself in these types of cases, but ransomware doesn’t magically appear on a system. Organizations that are concerned about ransomware should assess how well they’ve deployed basic controls like vulnerability management, secure configurations and email protections. The first line of defense against ransomware is to prevent it from getting inside in the first place.
Ransomware makes headlines, in part, because it’s always detected......Read More

May 08, 2020
It’s vitally important that these organizations have a good handle on their vulnerabilities.
Pandemic or not, cyberattacks continue.
It’s vitally important that these organizations have a good handle on their vulnerabilities. It may not be possible to fix every single vulnerability, but you have to know you have them before you can effectively prioritize remediation activities.
Nation-state attacks can be harder to understand because the motivation isn’t always financial in nature.

April 22, 2020
It’s difficult for an affected party to really understand what the impact will be.
Initial disclosures of these kinds of breaches are often filled with qualifiers like “may” and “might have included.” It’s difficult for an affected party to really understand what the impact will be.
Government developed and deployed systems are subject to the same risks, and perhaps more, than commercial enterprises. While any breach is unfortunate, it’s especially painful when the government exposes the personal data of citizens.
There is likely plenty of blame to go around.....Read More

April 16, 2020
This type of attack represents a different kind of privilege escalation.
This type of attack represents a different kind of privilege escalation. Masquerading as an authoritative identity in order to feed false information into someone’s feed could be used for all kinds of malicious intents.
We often ask that users be diligent about evaluating the sources of information they receive from social media, but diligence isn’t helpful when an attacker can simply impersonate an authoritative source.

April 02, 2020
A misconfiguration can be like doing the attacker’s work for them.
A misconfiguration can be like doing the attacker’s work for them. No one has to break in, if the front door is left open.
Organizations are often very aware of security vulnerabilities, but continuously scanning for misconfigurations is just as important. Environments change, and change can result in data being mistakenly exposed. If you’re scanning for vulnerabilities, but not addressing the changes in your environment, you’re only doing half the job.
