Cybersecurity has always been a complex field. Its adversarial nature means the margins between failure and success are much finer than in other sectors. As technology evolves, those margins get even finer, with attackers and defenders scrambling to exploit them…
Category: Blog RSS Feed
Casting a Cybersecurity Net to Secure Generative AI in Manufacturing
Generative AI has exploded in popularity across many industries. While this technology has many benefits, it also raises some unique cybersecurity concerns. Securing AI must be a top priority for organizations as they rush to implement these tools. The use…
SCM and NERC: What You Need to Know
Security configurations are an often ignored but essential factor in any organization’s security posture: any tool, program, or solution can be vulnerable to cyberattacks or other security incidents if the settings are not configured correctly. Staying on top of all…
ITRC’s 2023 Data Breach Report Is a Mixed Bag
In the first quarter of every year, organizations around the world release reports summing up data breach trends from the previous twelve months. And every year, these reports say broadly the same thing: data breach numbers have gone up again.…
What Is an Axon Agent, and Why Do You Need One?
The number of endpoints in an organization often exceeds the number of employees. Managing these often disparate entities is more than a full-time job. Moreover, keeping them secure is equally difficult, yet securing all of your endpoints against cyber threats…
DragonForce Ransomware – What You Need To Know
What’s going on? A relatively new strain of ransomware called DragonForce has making the headlines after a series of high-profile attacks. Like many other ransomware groups, DragonForce attempts to extort money from its victims in two ways – locking companies…
Embracing Two-Factor Authentication for Enhanced Account Protection
Let’s start the second quarter of the year with boosting our security posture by adopting two-factor authentication methods on our accounts to make them more secure. Two-factor authentication (2FA) is an identity and access management security method that requires two…
Life in Cybersecurity: From Nursing to Threat Analyst
As digital threats increase, we see more professionals transition into cybersecurity. Some come from previous technical roles, and some do not. However, because cybersecurity is primarily a problem-solving industry, those who switch from other high-pressure, high-performance positions are often best…
VERT Threat Alert: April 2024 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s April 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1101 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-26234 This CVE describes a Proxy…
Cybersecurity Compliance Around the Globe: India’s DPDP
In an era where data breaches and privacy concerns are increasingly shaping global discourse, India’s proactive stance on data protection is noteworthy. Introducing the Digital Personal Data Protection (DPDP) Act 2023 marks a significant milestone in India’s legislative landscape. This…
AI/ML Digital Everest: Dodging System Failure Summit Fever
Summit Fever Syndrome, a cause of many extreme altitude climbers’ deaths, is due to a lack of oxygen and mission blindness, which leads to impaired judgment where climbers take needless risks, disregard safety precautions, and make deadly errors. Deploying AI/ML…
Gone Phishing 2023: Here Are the Results!
Phishing is one of the most pertinent cybersecurity dangers for organizations to be concerned about in today’s digital landscape. Threat trends come and go, but phishing is a tried-and-true method that cybercriminals can adjust and adapt to all different manners…
Exploring Advanced Tripwire Enterprise Capabilities
In today’s digital landscape, it is important for organizations to depend upon the tools they use for cybersecurity. Large businesses can employ many security solutions, practices, and policies that must combine to create a robust and layered security strategy. While…
Google Patches Pixel Phone Zero-days After Exploitation by
Google has issued a security advisory to owners of its Android Pixel smartphones, warning that it has discovered someone has been targeting some devices to bypass their built-in security . What makes the reported attacks particularly interesting is that traditional…
Google Patches Pixel Phone Zero-days After Exploitation by “Forensic Companies”
Google has issued a security advisory to owners of its Android Pixel smartphones, warning that it has discovered someone has been targeting some devices to bypass their built-in security . What makes the reported attacks particularly interesting is that traditional…
Security vs. Compliance: What’s the Difference?
Security and compliance – a phrase often uttered in the same breath as if they are two sides of the same coin, two members of the same team, or two great tastes that go great together. As much as I…
Exploring Access Control Models: Building Secure Systems in Cybersecurity
In any organization, unrestricted access to systems and resources poses significant security risks. Recent cybersecurity events have shown that attackers will target any organization of any size. The most common attack vector is through unauthorized access to a legitimate account,…
Tripwire Patch Priority Index for March 2024
Tripwire’s March 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, Google, and Apple. First on the patch priority list are patches for Windows Kernel and Multiple Apple products. These CVEs (CVE-2024-21338, CVE-2024-23296, CVE-2024-23225) have been added to…
What’s New in NIST’s Cybersecurity Framework 2.0?
The National Institute of Standards and Technology Cybersecurity Framework (NIST CSF) was published in 2014 for the purpose of providing cybersecurity guidance for organizations in critical infrastructure. In the intervening years, much has changed about the threat landscape, the kinds…
Oops, Malware! Now What? Dealing with Accidental Malware Execution
On an ordinary day, you’re casually surfing the web and downloading some PDF files. The document icons seem pretty legitimate, so you click without a second thought. But, to your surprise, nothing happens. A closer look reveals that what you…