Today’s VERT Alert addresses Microsoft’s January 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1088 as soon as coverage is completed. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed…
Category: Blog RSS Feed
Non-repudiation: Your Virtual Shield in Cybersecurity
In the digital world, where countless users communicate, share data, and engage in diverse activities, determining the origin and actions behind these interactions can be quite challenging. This is where non-repudiation steps in. Coupling other security factors, such as delivery…
The Evolution of Anomaly Detection and the Importance of Configuration Monitoring in Cybersecurity
Back in 1992, when I was more concerned about my acne breakouts and being selected for the Junior cricket team, a freshman at Purdue University was studying the impact of the 1988 Morris Worm event and how it brought about…
Know Thyself and Thy Network
The shifting sands of IT make the adage “you never know it all” ever more true as time goes by. I recall days when it felt like you could click through every major directory of Yahoo and know a little…
How Does PCI DSS 4.0 Affect Web Application Firewalls?
The payment industry is bracing for the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0 , heralding significant changes in cybersecurity practices. As we approach the implementation of this revised standard, a critical focal point emerges: the…
How to Reduce Your Attack Surface
What is an Attack Surface? An attack surface is the total number of channels, pathways, or areas that threat actors can utilize to gain unauthorized access to networks. The result is that they can obtain private information or carry out…
Cryptocurrency wallet CEO loses $125,000 in wallet-draining scam
Anyone can get scammed . If you think you’re somehow immune to being scammed, then, in my opinion, you’re a prime target for being scammed. No one is too big, too clever, too security-savvy to avoid being duped because it’s…
Is Cybercrime Only Going to Get Worse?
At the turn of the millennium, few people were worried about cybercrime. The Good Friday Agreement had just come into effect, the US expelled a Russian diplomat for spying, and the threat of the Y2K bug loomed. ILOVEYOU , the…
CI/CD Security: Advanced Best Practices to Secure Your Pipelines
Continuous Integration and Continuous Delivery (CI/CD) security has become crucial to modern software development practices. As the speed of software development increases with DevOps and Agile methodologies, there is a growing need to ensure the integrity of software across the…
What Is the Future and Technology of Zero Trust?
What Is the Future and Technology of Zero Trust? In the dynamic realm of cybersecurity, the future of Zero Trust unfolds with promises and challenges. In the second part of the Zero Trust series, we explore the insights from industry…
Getting the Board on Board: Explaining Cybersecurity ROI
Despite increasing data breaches, ransomware attacks, and assorted cyber threats, convincing the Board of Directors to invest in robust cybersecurity isn’t always easy for many businesses. The challenge originates mainly from the need to demonstrate a quantifiable Return On Investment…
Cloud Security Optimization: A Process for Continuous Improvement
Cloud optimization is the process of correctly selecting and assigning the right resources to a workload or application with the ultimate goal of minimizing costs while improving performance and efficiency. These resources can range from computational power, memory, and storage…
2023 Business Impact Report: Small Businesses and Cyberattacks
We live in a highly digitized world, and small businesses and solopreneurs have become prime targets for cybercriminals. The 2023 Business Impact Report , conducted by the Identity Theft Resource Center (ITRC), sheds light on a concerning trend: a sharp…
What Role Does Cybersecurity Awareness Play in Education?
Cybersecurity is an essential consideration for any organization that deals in the digital sphere on any level, and the education sector is no exception. In recent years, the global pandemic and technological advances have led to a massive shift toward…
AI’s Emerging Role in the Fight Against Intellectual Property Theft
In an era where knowledge and creativity are the cornerstones of progress, intellectual property ( IP ) is not just a legal asset but the very lifeblood that sustains business innovation, competitiveness, and growth. However, as we march deeper into…
Tips, Tricks and Updates for Tripwire’s State Analyzer
At the recent Tripwire Energy and NERC Compliance Working Group, we held a session to demonstrate some tips and tricks to make the latest Tripwire State Analyzer (TSA) work better for your organization. The newest State Analyzer version is 1.5.2,…
The Current Challenges of Adopting Zero Trust and What You Can Do About Them
In the fast-evolving world of cybersecurity, the transition to remote work, the challenges of Zero Trust adoption, and the technology that supports it have taken center stage. Join me as we explore the insights of cybersecurity professionals and uncover the…
The History of Patch Tuesday: Looking back at the first 20 years
One of the most critical aspects of cybersecurity is ensuring that all software is kept up to date with the latest patches. This is necessary to cover any vulnerabilities that cybercriminals could take advantage of in order to infiltrate an…
#TripwireBookClub – The Rust Programming Language
Most of the team that I work with on a daily basis is heavily invested in Python . As such, it was difficult to find people interested in reading The Rust Programming Language, 2nd Edition . In the end, two…
Guide to Creating a Robust Website Security Incident Response Plan
Earlier this year, the SEC proposed a new set of rules on cybersecurity governance , which would require public companies to make appropriate disclosures of cyber risks and management procedures. Although the amendments target the financial sector, it is one…