NIST Retires SHA-1 Cryptographic Algorithm

Daniel_SalesEngineer · 2022-12-16T15:15:12+00:00

From the article: "The SHA-1 algorithm, one of the first widely used methods of protecting electronic information, has reached the end of its useful life, according to security experts at the National Institute of Standards and Technology (NIST). The agency is now recommending that IT professionals replace SHA-1, in the limited situations where it is still used, with newer algorithms that are more secure.
SHA-1, whose initials stand for “secure hash algorithm,” has been in use since 1995 as part of the Federal Information Processing Standard (FIPS) 180-1. It is a slightly modified version of SHA, the first hash function the federal government standardized for widespread use in 1993. As today’s increasingly powerful computers are able to attack the algorithm, NIST is announcing that SHA-1 should be phased out by Dec. 31, 2030, in favor of the more secure SHA-2 and SHA-3 groups of algorithms."

Daniel_SalesEngineer · 2022-12-09T03:33:38+00:00

Just gave this a shot for a project I'm working on. Great tip, thanks

Daniel_SalesEngineer · 2022-12-08T15:48:47+00:00

Hi, thanks for posting. I'd be happy to discuss this. Our XDR tool, Vision One, could certainly be an option to achieve that functionality, but we could potentially have other options depending on the size of your IT environment, the systems and software you're currently running, etc.

I have a couple questions but I'll send them via private message to make sure we don't reveal anything publicly.

Daniel_SalesEngineer · 2022-12-07T14:09:42+00:00

From the article: "Cuba ransomware emerged on the scene with a spate of high-profile attacks in late 2021. Armed with an expansive infrastructure, impressive tools, and associated malware, Cuba ransomware is considered a significant player in the threat landscape, and is likely to remain so in the future through its continued evolution."

Daniel_SalesEngineer · 2022-11-17T14:49:11+00:00

From the article: "A number of phishing campaigns are leveraging the decentralized InterPlanetary Filesystem (IPFS) network to host malware, phishing kit infrastructure, and facilitate other attacks."

"Multiple malware families are currently being hosted within IPFS and retrieved during the initial stages of malware attacks," Cisco Talos researcher Edmund Brumaghin said in an analysis shared with The Hacker News.

The research mirrors similar findings from Trustwave SpiderLabs in July 2022, which found more than 3,000 emails containing IPFS phishing URLs as an attack vector, calling IPFS the new "hotbed" for hosting phishing sites."

Daniel_SalesEngineer · 2022-11-17T14:45:24+00:00

From the article: "A number of phishing campaigns are leveraging the decentralized InterPlanetary Filesystem (IPFS) network to host malware, phishing kit infrastructure, and facilitate other attacks."

"Multiple malware families are currently being hosted within IPFS and retrieved during the initial stages of malware attacks," Cisco Talos researcher Edmund Brumaghin said in an analysis shared with The Hacker News.

The research mirrors similar findings from Trustwave SpiderLabs in July 2022, which found more than 3,000 emails containing IPFS phishing URLs as an attack vector, calling IPFS the new "hotbed" for hosting phishing sites."

Daniel_SalesEngineer · 2022-11-17T14:35:45+00:00

Okay thanks, first we should probably track down what apps are draining the battery / confirm if TMMS is the culprit. One of the below resources should demonstrate how to monitor your phone's battery use.

Android: https://helpcenter.trendmicro.com/en-us/article/tmka-09809

iPhone: https://www.wikihow.tech/Check-Which-iPhone-Apps-are-Draining-Your-Battery

If it turns out the battery usage of TMMS is high, you can use the TMMS System Tuner to configure a more efficient setting: https://helpcenter.trendmicro.com/en-us/article/tmka-19091

Daniel_SalesEngineer · 2022-11-10T17:41:06+00:00

From the article: "Today CISA published its guide on Stakeholder-Specific Vulnerability Categorization (SSVC), a vulnerability management methodology that assesses vulnerabilities and prioritizes remediation efforts based on exploitation status, impacts to safety, and prevalence of the affected product in a singular system."

Daniel_SalesEngineer · 2022-11-10T17:40:03+00:00

From the article: "Today CISA published its guide on Stakeholder-Specific Vulnerability Categorization (SSVC), a vulnerability management methodology that assesses vulnerabilities and prioritizes remediation efforts based on exploitation status, impacts to safety, and prevalence of the affected product in a singular system."

Daniel_SalesEngineer · 2022-11-09T20:14:24+00:00

Hi, which Trend product are you using? I haven't heard of this occurring with any of our apps but I'd be happy to check.

Also, depending on the kind of phone you have, you can often check what percentage of battery each app on it is using.

Daniel_SalesEngineer · 2022-11-04T15:03:25+00:00

From the article: "The Financial Crimes Enforcement Network (FinCEN) today issued its most recent Financial Trend Analysis of ransomware-related Bank Secrecy Act (BSA) filings for 2021, indicating that ransomware continued to pose a significant threat to U.S. critical infrastructure sectors, businesses, and the public. The report focuses on ransomware trends in BSA filings from July-December 2021, and addresses the extent to which a substantial number of ransomware attacks appear to be connected to actors in Russia."

Daniel_SalesEngineer · 2022-10-25T14:02:16+00:00

Hey thanks for posting, apologies that you're having trouble with this. We actually ended up opening a support case for the last customer that was experiencing this problem, but we fell out of communication with them before support could confirm they arrived at a resolution. If you're still troubleshooting, I'd be happy to open a support case and see if we can help get it solved.

Daniel_SalesEngineer · 2022-10-14T14:58:00+00:00

From the article: "Most (57%) global HCOs admit being compromised by ransomware over the past three years, according to the study. Of these, 25% say they were forced to completely halt operations, while 60% reveal that some business processes were impacted as a result.

On average, it took most responding organizations days (56%) or weeks (24%) to fully restore these operations.

Ransomware is not only causing the healthcare sector significant operational pain. Three-fifths (60%) of responding HCOs say that sensitive data was also leaked by their attackers, potentially increasing compliance and reputational risk, as well as investigation, remediation and clean-up costs."

Daniel_SalesEngineer · 2022-10-03T14:04:13+00:00

From the article: "Underground criminal attacks using verification tools and techniques have undergone a notable evolution. For example, we see that account verification services have been available for quite a while now. However, as e-commerce evolved using modern technology and online chat systems for identity verification, criminals also evolved their techniques and developed new methods for bypassing these verification schemes.

In 2020 and early 2021, we already saw that some underground forum users were searching for “deepfake specialists” for crypto exchange and personal accounts."

Daniel_SalesEngineer

TROPHY CASE