Author: Admin

The World Wide Web, invented in 1989 by Tim Berners-Lee, has undoubtedly made our lives more convenient in so many ways.  For example, family road trips looked a lot different than they do today. Preteens were designated backseat navigators, with huge atlases spread across their laps, yelling “Turn left here! No wait, right!” Then, when you finally arrived at your destination, what was there to do? Time to poll the hotel concierge, gas station attendants,…

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of July 25, 2022. I’ve also included some comments on these stories. SonicWall fixed critical SQLi in Analytics and GMS products Security company SonicWall addressed a critical SQL injection (SQLi) vulnerability, tracked as CVE-2022-22280 (CVSS score 9.4), in Analytics On-Prem…

The Austrian government said on Friday it was investigating a company based within the nation’s territory for allegedly developing spyware targeting law firms, banks, and consultancies across at least three countries. The news comes days after Microsoft’s Threat Intelligence Center (MSTIC) said it found malware called Subzero (CVE-2022-22047) deployed in 2021 and 2022. According to the tech giant, Subzero was developed by Vienna-based company DSIRF (tracked by Microsoft under the codename KNOTWEED), and deployed through a…

By Cary Wright, VP of Product Management, Endace In a threat landscape that is now changing more rapidly than ever before, why aren’t more companies capitalizing on the benefits of packet capture? Well, historically, packet analysis has been a manual function with very real accessibility issues. It’s not unheard of for security teams to struggle to pull several weeks’ worth of packets, running searches for hours or days across massive files to find the evidence…

Security researchers are warning of a new phishing campaign which tries to hurry users into making poor decisions by presenting them with a countdown clock. Cofense recently spotted the credential harvesting campaign, which arrives in the form of an alert email about a non-existent ‘suspicious login’ to their account. Purporting to come from a fake security company called ‘DNS Online Security,’ the message requests that the user verify their email or risk being locked out/deactivated….

An Australian man has been accused of developing a notorious remote access Trojan (RAT) used to spy on victims around the globe when he was just a teenager. The 24-year-old resident of Melbourne faces six charges for his alleged role in “creating, selling and administering” the RAT between 2013 and 2019, a statement from the Australian Federal Police (AFP) explained. Identified in news reports as Jacob Wayne John Keen and currently living in the Melbourne suburb…

With more than 30,000 employees spread across more than 60 affiliate locations and 14 manufacturing sites around the world, pharmaceutical company Eli Lilly operates at a truly global scale. Operating at that scale comes with issues, not the least of which is sharing accurate and timely information internally and externally. “From internal training materials to formal, technical communications to regulatory agencies, Lilly is translating information often,” says Timothy F. Coleman, vice president and information officer…