Travis Smith

1251 0

Travis SmithTravis Smith is a Senior Security Research Engineer at Tripwire. He has over 10 years experience in security, holds an MBA with a concentration in information security, and multiple certifications including CISSP, GIAC and GPEN. Travis specializes in integrating various technologies and processes, with a passion for forensics and security analytics with the goal of helping customers identify and mitigate real threats.

Articles by Travis Smith

Latest ATM Malware Is Bank’s Worst Nightmare

It has been reported that Kaspersky Lab security researchers have discovered a new ATM malware that targets only ATMs running on Windows 7 and Windows Vista. Travis Smith, principal security researcher at Tripwire commented below. Travis Smith, Principal Security Researcher at Tripwire: “The ATMii malware is very targeted, not only because it only supports Windows 7, …

implications for cyber security

US Senators Propose IoT Legislation

A new bill has been introduced in Congress which aims to prohibit the production of IoT devices if they can’t be patched or have their password changed.  The bill also calls for federal agencies to have the freedom to purchase non-compliant IoT devices should this legislation pass, if they get approval from the US Office of Management and …

Security problems the IoT will create

Dahua, Hikvision IoT Devices Under Siege

Dahua, the world’s second-largest maker of “Internet of Things” devices like security cameras and digital video recorders (DVRs), has shipped a software update that closes a gaping security hole in a broad swath of its products. The vulnerability allows anyone to bypass the login process for these devices and gain remote, direct control over vulnerable …


Ransomware Attacks Targeted Hundreds Of MySQL Databases

Hundreds of MySQL databases have been hit in ransomware attacks, which were described as “an evolution of the MongoDB ransomware attacks,” according to security vendor GuardiCore. Travis Smith, Senior Security Research Engineer at Tripwire commented below. Travis Smith, Senior Security Research Engineer at Tripwire: “The evolution of database targeted ransomware started with MongoDB and transitioned to Elasticsearch.  These two products could be …


“Merry Christmas” Ransomware Now Steals User Private Data Via DiamondFox Malware

Following the news about the recent variants of the “Merry Christmas” ransomware, also known as Merry X-Mas, are also dropping the DiamondFox malware on infected computers, which is used by the ransomware’s operators to collect data from infected hosts, such as passwords, sensitive files, and others. Travis Smith, Senior Security Research Engineer at Tripwire commented below. …


Evolution of Ransomware

Ransomware is transforming into Doxware, which is a more strategic attack that targets specific victims. With Doxware, not only do hackers hold the computers hostage, but they also secure private conversations, photos and sensitive files to gain even more leverage that ensures that the victim actually pays the ransom. Travis Smith, Senior Security Research Engineer …


MarsJoke Ransomware Wipes Data If Ransom Is Not Paid Within 96 Hours

A new form of ransomware is targeting government agencies and educational institutions in the US, using emails claiming to be from airlines. The MarsJoke ransomware was unearthed by Proofpoint security researchers, who said that a large-scale email campaign distributing the machine-locking malware began on 22 September, with the main targets being state and local government agencies. Travis …


Asymmetric Encryption Increasingly Common With Ransomware Criminals

Ransomware criminals are growing more sophisticated in their use of encryption, as criminals increasingly use asymmetric encryption methods, according to security pros. A report by ESET security researcher Cassius Puodzius published on the WeLiveSecurity blog detailed the use of encryption to secure communication between malware and command and control (C&C) servers. Travis Smith, Senior Security Research Engineer at Tripwire …


Ammyy Admin Site Delivers Drive-By-Download Attacks

In response to the news that security researchers have spotted the Ammyy Admin site being used in drive-by-downloader attacks to install the Lurk trojan and other malware, Travis Smith security researcher at Tripwire commented below. Travis Smith, Security Researcher at Tripwire: “Human nature is to let your guard down when you feel safe.  As users begin to interact …


CuteRansomware Using Google Docs As A Launch Platform

A new strain of malware called cuteRansomware has been uncovered that uses a Google Doc generated by cybercriminals to host the decryption key and command-and-control functionality. Travis Smith, Senior Security Research Engineer at Tripwire commented below. Travis Smith, Senior Security Research Engineer at Tripwire: “What makes cuteRansomware interesting is the usage of a well-known cloud service provider …