Data Breach Reporting Laws Hit Australia with Serious Implications for Businesses
February 12, 2018February 22 marks the date Australia finally rolls out its long-awaited data breach notification laws. After years of back-and-forth, handballed from minister to minister, Australia has reached a poin...
Identifying Systems Affected by Cisco ASA Critical Vulnerability (CVE-2018-0101)
February 6, 2018On January 29, Cisco released an advisory for a critical vulnerability in their Adaptive Security Appliance (ASA) software. The critical flaw, assigned CVE-2018-0101, has a CVSS score of 10.0 and coul...
Ploutus-D ATM Malware Reported in U.S.
February 1, 2018Ploutus-D is malware used for ATM jackpotting. It was discovered in Mexico in 2013, and is now getting reported as reaching the U.S. by Krebs on Security. This attack has been analysed by FireEye in 2...
Three Reasons Why DevOps Is a Game-Changer for Security
January 30, 2018A lot has been written about how the DevOps revolution is making life much more challenging for cybersecurity. A big reason why: Security teams are largely missing from DevOps sprints and scrums today...
Intel AMT Back in the News
January 12, 2018The release of new research from F-Secure spells more trouble for Intel’s Active Management Technology (AMT). AMT is used for remote access monitoring and maintenance in corporate environments. ...
The First Major Security Logos of 2018: Spectre and Meltdown Vulnerabilities
January 4, 2018This post was updated on Jan. 12, 2018 to include additional technical details and supplemental links. The recently disclosed Meltdown and Spectre vulnerabilities started off 2018 with a sombe...
Triton: What You Need to Know
January 2, 2018Correction: An earlier version of this post identified the protocol used as the TSAA protocol. This malware uses the TriStation protocol, which is proprietary and undocumented. Thanks to Jimmy Wylie f...
Auditing Kubernetes for Secure Configurations
December 28, 2017Over the last few years, container technology has gained traction in enterprise environments. And, as a result, use of containerized applications has exploded in the enterprise. Naturally, as its adop...
Petya/NotPetya Ransomware Detection for the Modern Enterprise
June 27, 2017A new version of the Petya malware is spreading globally, including the European Union, Ukraine and Russia. It has already impacted many organizations, both large and small, and has compromised system...