Category: Blog RSS Feed

Cyber resilience is a constant topic of concern in technology and cybersecurity, as it approaches security from the standpoint of assuming that attacks are inevitable rather than solely attempting to prevent them. Layered cybersecurity is crucial to ensure comprehensive defense…

Read more →

Technological advances usually lead to a brighter future. While that may be true, these developments could also be used to refine and increase cybersecurity scams. Attackers do not care about who they target as long as they get people’s and…

Read more →

When I was younger, I played a variety of team sports and enjoyed competing against opponents with my teammates. Winning was always a matter of applying sound tactics and strategy, attacking and defending well and using a blend of skill,…

Read more →

The UK’s National Crime Agency (NCA) has revealed details of Operation Destabilise, a years-long international law enforcement investigation into a giant Russian money laundering enterprise that handled billions of dollars for drug traffickers and ransomware gangs worldwide. The multi-billion dollar…

Read more →

The issue of diversity in the cybersecurity sector has been present since the early days of IT companies. The public perception of a cybersecurity professional carries with it a specific image of the kind of person who works in IT…

Read more →

Vulnerability management (VM) has always been a complex area of concern that requires continuous and active effort to work properly. This can make it challenging for organizations to maintain their VM strategies and solutions over time, as there are many…

Read more →

With the continuing rise of ransomware, malware defenses are more critical than ever before with regard to securing the enterprise. Anti-Malware technologies have become an afterthought in many organizations, a technology that they’ve always had, always used, and never really…

Read more →

Tripwire’s November 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google Chromium. First on the list are patches for Microsoft Edge, Excel, and Word that resolve remote code execution and security feature bypass vulnerabilities. Next are…

Read more →

It’s not a new technique, but that doesn’t mean that cybercriminals cannot make rich rewards from SEO poisoning. SEO poisoning is the dark art of manipulating search engines to ensure that malware-laced adverts and dangerous websites appear high on users’…

Read more →

What is ShrinkLocker? ShrinkLocker is a family of ransomware that encrypts an organisation’s data and demands a ransom payment in order to restore access to their files. It was first identified by security researchers in May 2024, after attacks were…

Read more →

In an era where innovative technologies are emerging left, right, and center, two of the most influential in recent years are experiencing exponential growth. Virtual Reality (VR) and Augmented Reality (AR) are immersive technologies that have now firmly integrated into…

Read more →

Data shows that financial motivation is a huge incentive for threat actors, which explains the rising prevalence of ransomware and other extortion breaches in the corporate world. In 2023 alone, business email compromise (BEC) complaints received by the FBI amounted…

Read more →

Networks form a critical core for our modern-day society and businesses. People, processes, and technologies should be in place for monitoring, detecting, logging, and preventing malicious activities that occur when an enterprise experiences an attack within or against their networks.…

Read more →

Today’s VERT Alert addresses Microsoft’s November 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1132 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-43451 A vulnerability that allows for NTLMv2…

Read more →

When tasked with the IT security of an organization, it can be easy to get bogged down in particulars and definitions and lose heart before you’ve even begun. With a plethora of terms to learn, details to secure, and moving…

Read more →

Scammers have leapt at the opportunity to exploit vulnerable UK residents by sending bogus messages telling them they need to take action to receive help with their winter heating bills. In July, the UK’s new Labour Government announced that it…

Read more →

In today’s cybersecurity landscape, controlling access to USB drives is critical, particularly for organizations looking to maintain compliance with regulations like NERC CIP and bolster their security posture. Unauthorized USB usage poses significant risks, from data exfiltration to malware injection.…

Read more →

Understanding the threats we face is crucial to protecting against them. Industry research and reports are invaluable to this understanding, providing insights to inform mitigation efforts. Few cybersecurity reports are as valuable or comprehensive as the annual ENISA Threat Landscape…

Read more →

Users who do not have the appropriate security awareness training are considered a weak link in the security of an enterprise. These untrained users are easier to exploit than finding a flaw or vulnerability in the equipment that an enterprise…

Read more →

File Integrity Monitoring ( FIM) is a key intelligence and audit tool in an advanced security portfolio. While it is a logical component to integrate into your Security Orchestration, Automation, and Response ( SOAR) tooling, it’s important to consider your…

Read more →