Category: Blog RSS Feed

Security-Enhanced Linux (SELinux), initially known for its perceived complexity in configuration and maintenance, has evolved into an indispensable security architecture across most Linux distributions. It empowers administrators to finely control the actions permitted to individual users, processes, and system daemons,…

Read more →

With 86% of UK adults using a form of online or remote banking and high street banks closing in record numbers, banking websites have become an integral part of our daily lives. They have changed how we manage our money,…

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that scammers are impersonating its employees in an attempt to commit fraud. In an alert posted on the CISA website, the organisation warned that so-called impersonation scams are on the…

Read more →

Many companies strive to achieve the best security possible. Along the path to improved security, many companies are also required to meet various compliance standards. In some cases, compliance is also a regulatory requirement. This crossroad between security and compliance…

Read more →

The Verizon 2024 Data Breach Investigations Report noted a 180% increase in exploited vulnerabilities over the previous year’s figures. The importance of keeping an up-to-date vulnerability management policy for remediating and controlling security vulnerabilities cannot be understated. 1. Overview: Summary…

Read more →

Today’s VERT Alert addresses Microsoft’s June 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1110 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2023-50868 The only disclosed vulnerability we…

Read more →

Exploring the intricate relationship between people and cybersecurity opens up a dynamic landscape where individuals’ decisions, habits, and intentions significantly impact the safety and integrity of digital systems. Cybercriminals are savvy opportunists, and like pickpockets, they go where the crowds…

Read more →

Did your company fall victim to the LockBit ransomware? Have cybercriminals left gigabytes of your data encrypted, with no easy route for recovery that doesn’t involve paying a ransom? Well, don’t fear. The FBI announced this week that it had…

Read more →

The ISF (Information Security Forum) Standard of Good Practice (SoGP) is a comprehensive set of best practices designed to help organizations effectively manage their information security risks. Covering various topics, including governance, risk management, compliance, incident management, and technical security…

Read more →

Threats to sensitive data are everywhere. From sophisticated cybercriminal syndicates to accidental exposure to nation-state-backed advanced persistent threat (APT) groups and everything in between, it’s never been more critical for organizations to have the correct data protection tools. When designing…

Read more →

Anyone remotely wired into technology newsfeeds – or any newsfeeds for that matter – will know that AI (artificial intelligence) is the topic of the moment. In the past 18 months alone, we’ve borne witness to the world’s first AI…

Read more →

When you speak with many of the seasoned veterans of cybersecurity, it is not unusual to learn of the twisted path in technology that eventually landed them in the security profession. However, the newest cybersecurity professionals are digital natives. They…

Read more →

Have you ever wondered how Artificial Intelligence (AI) could mimic consciousness and autonomously control various tasks? It sounds rather daunting. However, it may not be as intimidating as it seems under the right conditions. Moreover, Would AI perform tasks independently…

Read more →

Vulnerability management and patch management are often confused. However, it’s crucial to recognize that, while complementary, they are distinct processes. Understanding the differences between vulnerability management and patch management is essential for a solid security posture. Let’s delve into the…

Read more →

An insider threat is someone inside an organization – including current and former employees, partners, and contractors – who, intentionally or otherwise, put their organization at risk. They typically abuse their access to private information and privileged accounts to steal…

Read more →

A vast network of millions of compromised computers, being used to facilitate a wide range of cybercrime, has been disrupted by a multinational law enforcement operation. The 911 S5 botnet, described as “likely the world’s largest botnet ever” by FBI…

Read more →

Data is the lifeblood of modern organizations, and while watertight data protection policies are undeniably crucial, the need for robust data destruction methods has never been more pressing. Ultimately, all parties and vendors in your supply chain trust you to…

Read more →

The energy sector is having a tumultuous decade. During the COVID pandemic, the price of oil plummeted. In 2021, a ransomware attack forced one of the US’s most significant oil pipelines to cease operations for five days, causing a state…

Read more →

Cloud computing offers indisputable benefits, but with the caveat that it can quickly become a disorganized jumble unless adequately managed. It’s common for the average organization to use dozens of cloud instances, solutions, and resources scattered across multiple platforms. Such…

Read more →

A security incident can be the result of a single unauthorised change. A few may say, ‘one change is inconsequential, don’t sweat the small stuff.’ But when it comes to infrastructure security, the detail is of paramount importance! Just a…

Read more →