Category: HelpSystems Blog

Tripwire’s January 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe. First on the patch priority list this month are patches for Microsoft Visio and Microsoft Office that resolve 6 vulnerabilities, including remote code execution and…

Read more →

The Tripwire Vulnerability Exposure and Research Team (VERT) keeps its finger on the cybersecurity pulse. Check out some of the stories that stood out for us recently: Compromised Linux Endpoints can be isolated with Microsoft Defender Microsoft Defender for Endpoint…

Read more →

Industrial control systems are fundamental to all industrial processes, from power generation to water treatment and manufacturing. ICS refers to the collection of devices that govern a process to ensure its safe and effective execution. These devices include Supervisory Control…

Read more →

It’s another new year and hence another occasion to predict how the cybersecurity landscape will evolve in 2023. Once again, it will be challenging, as most every year is, and could wind up being an unusually difficult 12 months because…

Read more →

UK banking group TSB is calling on social networks and dating apps to better protect their users from fake profiles, following an alarming spike in romance fraud. Examining data from December 2020 – January 2022, TSB determined that romance fraud…

Read more →

Extortion, and especially “sextortion” emails, are becoming more frequent, and they can be extremely alarming when received. Such emails work by using threats to extort money, evoking intense fear. This type of correspondence comes in many guises and features various…

Read more →

The cybersecurity landscape has become something of a battle royale: companies and cyber criminals are continually trying to outsmart one another in an effort to be the last one standing. Thankfully, many businesses are seeking a proactive approach, aiming to…

Read more →

The distribution systems of the U.S. energy grid — the portions of the grid that carry electricity to consumers — are growing more susceptible to cyber-attacks, in part due to the advent of monitoring and control technology and their reliance…

Read more →

2022 saw privacy truly take hold in the U.S., while Europe buttressed its position as the global leader and other regions worked to get up-to-speed with new or amended laws. U.S. Privacy in 2022 Laws passed in 2021 and 2022…

Read more →

The political and economic uncertainty throughout the world today is growing. The danger of malicious hacking is increasing as more and more parts of daily life simultaneously transition to the digital realm. An attack on another country or region by…

Read more →

UK banking group TSB is calling on social networks and dating apps to better protect their users from fake profiles, following an alarming spike in romance fraud. Examining data from December 2020 – January 2022, TSB determined that romance fraud…

Read more →

Extortion, and especially “sextortion” emails, are becoming more frequent, and they can be extremely alarming when received. Such emails work by using threats to extort money, evoking intense fear. This type of correspondence comes in many guises and features various…

Read more →

The distribution systems of the U.S. energy grid — the portions of the grid that carry electricity to consumers — are growing more susceptible to cyber-attacks, in part due to the advent of monitoring and control technology and their reliance…

Read more →

The cybersecurity landscape has become something of a battle royale: companies and cyber criminals are continually trying to outsmart one another in an effort to be the last one standing. Thankfully, many businesses are seeking a proactive approach, aiming to…

Read more →

The political and economic uncertainty throughout the world today is growing. The danger of malicious hacking is increasing as more and more parts of daily life simultaneously transition to the digital realm. An attack on another country or region by…

Read more →

It’s a rare treat when you get the opportunity to speak with someone who has worked as an ethical hacker, has also worked in top secret military settings, and then transferred to the private sector, rising to the highest cybersecurity…

Read more →

What Is Network Security? Network security is a broad field, encompassing various processes, policies, rules, standards, frameworks, software, and hardware solutions. Its primary goal is to protect a network and its data from various threats, including intrusions and breaches. A…

Read more →

For most people, January 28th is the 28th day of the year. For me, January 28th is more commonly known as “the day before my wife’s birthday.” For those who pay attention to history, they may know it as the…

Read more →

With so many companies currently reducing their workforce, job scams have become a serious and widespread problem for those who are looking for work. Stories from people who came across these scams on LinkedIn talk about scammers asking for their…

Read more →

For the past several years we’ve all been sold the benefits of moving to Zero Trust, and it’s worked. We’re sold. But what now? At this point, companies have decided to embark on a long and committed journey – Zero…

Read more →

A 22-year-old suspected of being “Seyzo”, a member of the ShinyHunters cybercrime gang, has been extradited from Morocco to the United States, where – if convicted – he could face up to 116 years in prison. Sebastien Raoult, a French…

Read more →

The release of ChatGPT last November transformed public awareness, perception, and discourse about Artificial Intelligence (AI). Prior to the release, AI has long existed in now familiar technologies, devices, and processes. Perhaps one of the most common uses of AI…

Read more →

In today’s hyper-connected world, most of us now take care of our daily tasks with the help of digital tools, which includes online banking. Whether we’re reviewing our account balances, transferring money, applying for payment cards, or simply paying our…

Read more →

With so many companies currently reducing their workforce, jobs scams have become a serious and widespread problem for those who are looking for work. Stories from people who came across these scams on LinkedIn talk about scammers asking for their…

Read more →

For the past several years we’ve all been sold the benefits of moving to Zero Trust, and it’s worked. We’re sold. But what now? At this point, companies have decided to embark on a long and committed journey – Zero…

Read more →

The Tripwire Vulnerability Exposure and Research Team (VERT) are constantly looking out for exciting stories and developments in the cybersecurity world. Here’s what news stood out to us, including some comments on these stories. Vulnerabilities discovered in Netcomm and TP-Link…

Read more →

In the world of cybersecurity, the spotlight often shines on protecting applications, networks, and individual accounts. Application programming interfaces (APIs), on the other hand, present their own set of challenges to secure. APIs account for a significant portion of internet…

Read more →

I keep hearing about LockBit ransomware attacks. What’s going on? It’s no surprise if you have heard about LockBit. It is the world’s most active ransomware group – responsible for an estimated 40% of all ransomware infections worldwide. I guess…

Read more →

Penetration testing is a vital part of cybersecurity strategy development, evaluating the strength of an organization’s infrastructure. To prevent attackers from exploiting security flaws in your software or networks, you want to discover them as soon as possible. Penetration testing…

Read more →

The massive increase in cyberattacks and the rapid evolution of advanced criminal techniques requires every single business in any sector to take protective measures to strengthen its cyber perimeter and minimize risk. To deal with this peril, businesses must incorporate…

Read more →

It’s old news, but data is – and will remain for the foreseeable future – king. It has to be dealt with and handled responsibly, assigned to the right boxes, and stored properly. Why? Because everyone wants it, and there…

Read more →

The annual Department of Defense Intelligence Information System (DoDIIS) Worldwide Conference took place on December 12 – 15 in San Antonio, Texas. If you are unfamiliar with the DoDIIS, it is presented by the Defense Intelligence Agency (DIA), and it…

Read more →

Recent headlines have indicated that some major companies were affected by Remote Code Execution (RCE) vulnerabilities, just in the month of October. RCE flaws are largely exploited in the wild, and organizations are continually releasing patches to mitigate the problem.…

Read more →

Going into 2023, phishing is still as large a concern as ever. “If it ain’t broke, don’t fix it,” seems to hold in this tried-and-true attack method. The 2022 Verizon Data Breach Investigations Report states that 75% of last year’s…

Read more →

Tripwire’s Energy and NERC Compliance Working Group virtual event offered some enlightening information, not only from industry experts but also some candid thoughts from current Tripwire customers. Even the most cogent summary of the keynote, as well as two of…

Read more →

It’s time for you and your colleagues to become more skeptical about what you read. That’s a takeaway from a series of experiments undertaken using GPT-3 AI text-generating interfaces to create malicious messages designed to spear-phish, scam, harrass, and spread…

Read more →

Mobile device use is pervasive, and has eclipsed traditional computing. We often hear how various malicious mobile apps are released into circulation. For these reasons, mobile app development needs to focus on cybersecurity just as much as it does on…

Read more →

The healthcare sector has become a popular target for cybercriminals and is one of the most targeted industries by cyber criminals. In 2022, 324 attacks were reported in the first half of the year. As bad actors continue to target…

Read more →

Every person in an organisation has the potential to enhance security. Physical office barriers were removed during the pandemic, exposing companies to countless vulnerabilities as attack avenues have multiplied. However, this does not mean that all was lost. What it…

Read more →

Today’s VERT Alert addresses Microsoft’s January 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1037 on Wednesday, January 11th. In-The-Wild & Disclosed CVEs CVE-2023-21549 A vulnerability in the SMB Witness Service was…

Read more →

As the cyber threat evolves, adversaries are increasingly targeting non-publicly disclosed vulnerabilities in the software supply chain. Attackers are able to stealthily travel between networks because to a vulnerability in the supply chain. To combat this risk, the cybersecurity community…

Read more →

Have you ever picked up a book, thinking that you’ll put everything else aside and dive in, but a month later, the book is still sitting unread on your shelf? That’s what happened to me this year. Back in June,…

Read more →

The world of cybersecurity is extremely diligent. In a terrain that is ever-evolving, security experts need to combat a growing population of threat actors by deploying increasingly cultivated tools and techniques. Today, with enterprises functioning in an atmosphere that is…

Read more →

Cybersecurity professionals are always looking to keep up with new and changing threats, as well as developing new tactics and technologies to guard against cyberattacks. Traditional approaches to security are focused on defensive or reactive measures, generally blocking attacks from…

Read more →

We often interview seasoned veterans of security to hear their insights about cybersecurity. However, even new members of Fortra’s Tripwire team have a lot to offer about the state of security. We recently had the opportunity to speak with Faisal…

Read more →

Do ransomware gangs actually have a heart? Perhaps… Just days before Christmas, on the night of Sunday 18 December 2022, Canada’s Hospital for Sick Children (better known as SickKids) was hit by a ransomware attack. The Toronto-based teaching and research…

Read more →

Tripwire’s December 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Edge, which resolve over 25 issues including use-after-free, type confusion, insufficient data validation, insufficient policy…

Read more →

We often interview seasoned veterans of security to hear their insights about cybersecurity. However, even new members of Fortra’s Tripwire team have a lot to offer about the state of security. We recently had the opportunity to speak with Faisal…

Read more →

Tripwire recently announced the release of Tripwire Enterprise (TE), version 9.0, Axon Agent 3.27, and TE Agent 9.0.0. While the full list of features may be viewed on our web site, as a product manager, I wanted to take some…

Read more →

CISOs – the senior level executives responsible for developing and implementing cybersecurity programs for corporations and other organizations – are not happy campers these days. And it’s not just because they are chronically understaffed and under constant pressure. As it…

Read more →

In the language of technology, a sandbox is a safe testing environment that is isolated from the rest of your network or system. Developers use sandboxes to test their code before deployment. In cybersecurity, suspicious and potentially unsafe programs, software,…

Read more →

CISOs – the senior level executives responsible for developing and implementing cybersecurity programs for corporations and other organizations – are not happy campers these days. And it’s not just because they are chronically understaffed and under constant pressure. As it…

Read more →