Last Thursday, the GPS and smartwatch firm Garmin suffered what was allegedly a massive, system-wide ransomware attack, forcing them to take down all of their services ranging from their apps to their support call centers. While Garmin has been tight-lipped as to the cause of the outage, multiple publications have reported that the company was targeted by WastedLocker, a … [Read more...]
NCSC and CISA Alert on APTs Targeting Healthcare
The UK National Cyber Security Centre (NCSC) and US Cybersecurity and Infrastructure Security Agency (CISA) released a joint advisory today(pdf), highlighting ongoing activity by Advanced Persistent Threat (APT) groups against healthcare and essential services. The six-page advisory states that unnamed hacking groups are targeting organizations “in order to collect bulk … [Read more...]
Maritimes Security Posture
Pen Test Partners (PTP), a penetration testing and security services business, wrote a security blog detailing their findings after penetration testing several different shipping vessels; a Moss Maritime CS55 deep water exploration drilling rig, a seabed survey vessel, and a new cruise ship are some examples. This research stuck out to me and got me thinking: what are the … [Read more...]
HSTS – A Trivial Response to sslstrip
Intro HTTP Strict Transport Security (HSTS) is an HTTP security mechanism that allows web sites to declare themselves as accessible only via secure connections and for users to direct user agents (UAs), or your browser, to interact with web sites only over a secure connection. A "secure connection" in this case means an SSL/TLS encrypted HTTP connection, or HTTPS. This … [Read more...]
5 Security Tips for Spring Cleaning Season
Spring is well underway and summer is just around the corner. If you haven’t gotten around to giving your network a good spring cleaning yet, now is the perfect time to step back and sweep out the cobwebs to improve your security posture. In his latest guest article for Help Net Security, WatchGuard’s Sr. Security Researcher, Marc Laliberte, suggests a few key tips you can use … [Read more...]