Today’s VERT Alert addresses Microsoft’s October 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1025 on Wednesday, October 12th. In-The-Wild & Disclosed CVEs CVE-2022-41033 A vulnerability in the Windows COM+ Event System…
Category: The State of Security
VERT Threat Alert: October 2022 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s October 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1025 on Wednesday, October 12th. In-The-Wild & Disclosed CVEs CVE-2022-41033 A vulnerability in the Windows COM+ Event System…
The State of Security: Poland
Poland is getting ready for the upcoming Presidential elections in August 2023 amidst a turbulent geopolitical and economic environment. The war in Ukraine has placed the country in the epicenter of the events, becoming home to more than 3.5 million…
Turning a Pico into a Human Interface Device (HID)
I just walked out of room 716 at SecTor here in Toronto, where I shared details on my Raspberry Pi Pico project. I’m happy that I was finally able to share this and even happier to announce that the GitHub repo is…
4 tips to achieve Data Compliance
Data compliance is a crucial and essential factor in organizations that should be carefully followed for data management. Data compliance is more than maintaining relevant standards and regulations and ensuring that the data is secured. The substantial amount of data…
Complying with the Egypt Financial Cybersecurity Framework: What you Should Know
Which cybersecurity framework is the best one to use for an organization? This is one of the most frequently asked questions when embarking on the cybersecurity journey. Often, the answer falls quite unsatisfyingly along the explanatory lines about how there…
What to Know about APIs, the “On-Ramps to the Digital World”
An application programming interface, or API, is a defined process that allows data to be shared between applications or programs. Each API consists of a set of rules that dictates how communication occurs between a client and a server or…
CISA orders federal agencies to catalog their networks, and scan for bugs
You always want to know what is attached to your network. And whether it could be vulnerable or not. In any organisation it’s normal for different devices, on- or off-prem, wired or wireless, to be constantly added or removed –…
Turning a Pico into a Human Interface Device (HID)
I just walked out of room 716 at SecTor here in Toronto, where I shared details on my Raspberry Pi Pico project. I’m happy that I was finally able to share this and even happier to announce that the GitHub repo is…
The State of Security: Poland
Poland is getting ready for the upcoming Presidential elections in August 2023 amidst a turbulent geopolitical and economic environment. The war in Ukraine has placed the country in the epicenter of the events, becoming home to more than 3.5 million…
4 tips to achieve Data Compliance
Data compliance is a crucial and essential factor in organizations that should be carefully followed for data management. Data compliance is more than maintaining relevant standards and regulations and ensuring that the data is secured. The substantial amount of data…
See Yourself in Cyber: 4 Steps to Stay Safe
As threats to technology and private information become more frequent, the President of the United States and Congress have proclaimed October to be Cybersecurity Awareness Month. This initiative aims to assist people in protecting themselves online. Government and business are…
Complying with the Egypt Financial Cybersecurity Framework: What you Should Know
Which cybersecurity framework is the best one to use for an organization? This is one of the most frequently asked questions when embarking on the cybersecurity journey. Often, the answer falls quite unsatisfyingly along the explanatory lines about how there…
What to Know about APIs, the “On-Ramps to the Digital World”
An application programming interface, or API, is a defined process that allows data to be shared between applications or programs. Each API consists of a set of rules that dictates how communication occurs between a client and a server or…
CISA orders federal agencies to catalog their networks, and scan for bugs
You always want to know what is attached to your network. And whether it could be vulnerable or not. In any organisation it’s normal for different devices, on- or off-prem, wired or wireless, to be constantly added or removed –…
Foundational Activities for Secure Software Development
Follies The Broadway Tower in Worcestershire, England is a famous structure. It’s inspiring, beautiful, and at 62 feet high, like other similar buildings, it’s a folly. While it looks grand inside and out, it serves no purpose than to be…
UK Construction: Cybersecurity Experts Defend Joint Ventures
After years of falling behind, the construction industry has realised the importance of its data. Construction-related businesses invested a remarkable 188% more in cybersecurity in 2018–19. Data leaks and cyberattacks have jolted sectors worldwide, affecting everyone. 55% of UK businesses…
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 26, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of September 26th, 2022. I’ve…
See Yourself in Cyber: 4 Steps to Stay Safe
As threats to technology and private information become more frequent, the President of the United States and Congress have proclaimed October to be Cybersecurity Awareness Month. This initiative aims to assist people in protecting themselves online. Government and business are…
IT admin admits sabotaging ex-employer’s network in bid for higher salary
A 40-year-old man could face up to 10 years in prison, after admitting in a US District Court to sabotaging his former employer’s computer systems. Casey K Umetsu, of Honolulu, Hawaii, has pleaded guilty to charges that he deliberately misdirected…
Neither Pointless Nor Boring: Pop It and Lock It Down with CIS Controls
I’m delighted to share that I will be speaking for the first time at SecTor this year. The talk will be in Theatre 1 at 1:15pm on October 5th. In the session Neither Pointless Nor Boring: Pop It And Lock…
The UK Smart Grid: How It Started & How It’s Going
It’s no secret that if nations want to meet the Net Zero emission targets set by international organizations by 2050, there’s a lot of work to be done. In the UK, one of the key initiatives aimed at reducing emissions…
How Can Cybersecurity Professionals Account for Vulnerabilities in Fleet Data?
Fleet operations today revolve around data. Telematics systems, connected cars, and similar IoT systems provide fleet managers with a wealth of information, but this connectivity also raises security concerns. As data breach costs reach their highest point in decades, accounting…
Your Guide to the Latest Email Fraud and Identity Deception Trends
There’s a high chance that you or someone you know has been impacted by email fraud or identity theft. At the very least, you’ve likely received a variety of spam emails and text messages asking to provide a payment or…
IT admin admits sabotaging ex-employer’s network in bid for higher salary
A 40-year-old man could face up to 10 years in prison, after admitting in a US District Court to sabotaging his former employer’s computer systems. Casey K Umetsu, of Honolulu, Hawaii, has pleaded guilty to charges that he deliberately misdirected…
Neither Pointless Nor Boring: Pop It and Lock It Down with CIS Controls
I’m delighted to share that I will be speaking for the first time at SecTor this year. The talk will be in Theatre 1 at 1:15pm on October 5th. In the session Neither Pointless Nor Boring: Pop It And Lock…
The UK Smart Grid: How It Started & How It’s Going
It’s no secret that if nations want to meet the Net Zero emission targets set by international organizations by 2050, there’s a lot of work to be done. In the UK, one of the key initiatives aimed at reducing emissions…
How Can Cybersecurity Professionals Account for Vulnerabilities in Fleet Data?
Fleet operations today revolve around data. Telematics systems, connected cars, and similar IoT systems provide fleet managers with a wealth of information, but this connectivity also raises security concerns. As data breach costs reach their highest point in decades, accounting…
Quantifying the Social Impact of Ransomware and ESG Disclosure Implication
2022 began with successful ransomware attacks against global IT and digital transformation providers, no thanks to the notorious LAPSUS$ ransomware gang. Often, any discussion about ransomware impact has mostly centered on affected organizations. Rightly so, as victimized organizations usually suffer…
How to Leverage NIST Cybersecurity Framework for Data Integrity
Together with the National Cybersecurity Center of Excellence (NCCoE), the National Institute of Standards and Technology (NIST) has released a series of practice guides that focuses on data integrity. Data integrity is the property that records have not been altered…
Major Database Security Threats & How You Can Prevent Them
Organizations and businesses must use a range of measures, protocols, and tools to protect their databases from cybercriminals. If breached, malicious actors can gain access to sensitive information that they can use for financial gain. Security teams must adapt and…
The State of Cybersecurity has improved but is hardly flawless
For the record, it should be acknowledged from the start that there is no question that the cybersecurity landscape has improved over time, mostly courtesy of persistent increases in cyber spending year after year. Gartner estimates that the U.S. and the…
Your Guide to the Latest Email Fraud and Identity Deception Trends
There’s a high chance that you or someone you know has been impacted by email fraud or identity theft. At the very least, you’ve likely received a variety of spam emails and text messages asking to provide a payment or…
Quantifying the Social Impact of Ransomware and ESG Disclosure Implication
2022 began with successful ransomware attacks against global IT and digital transformation providers, no thanks to the notorious LAPSUS$ ransomware gang. Often, any discussion about ransomware impact has mostly centered on affected organizations. Rightly so, as victimized organizations usually suffer…
How to Leverage NIST Cybersecurity Framework for Data Integrity
Together with the National Cybersecurity Center of Excellence (NCCoE), the National Institute of Standards and Technology (NIST) has released a series of practice guides that focuses on data integrity. Data integrity is the property that records have not been altered…
The State of Cybersecurity has improved but is hardly flawless
For the record, it should be acknowledged from the start that there is no question that the cybersecurity landscape has improved over time, mostly courtesy of persistent increases in cyber spending year after year. Gartner estimates that the U.S. and the…
Major Database Security Threats & How You Can Prevent Them
Organizations and businesses must use a range of measures, protocols, and tools to protect their databases from cybercriminals. If breached, malicious actors can gain access to sensitive information that they can use for financial gain. Security teams must adapt and…
SecTor 2022: The IoT Hack Lab is Back!
Last year, it was great to be back at SecTor after everything was canceled in 2020. The capacity was reduced, but the Hack Lab was still plenty busy and we loved having everyone come by and visit our table and…
Overheard at the SANS Security Awareness Summit 2022
People have become the primary attack vector for cyber attackers around the world. As the Verizon Data Breach Investigations Report 2022 indicates, it is humans rather than technology that now represent the greatest risk to organizations. According to the SANS…
Tripwire Patch Priority Index for August 2022
Tripwire’s August 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Office, Outlook, and Excel that resolve 4 vulnerabilities, including denial of service, remote code execution,…
What Are Privacy-Enhancing Technologies (PETs)? A Comprehensive Guide
Modern enterprises will have to work with customer data in one way or another. The COVID-19 pandemic proved that the only businesses that would survive the future were those willing to embrace technology. While technologies such as the Internet of…
Defense in Depth: 4 Essential Layers of ICS Security
It is always said that security is never a one-size-fits-all solution. This is true not only because of the apparent infinite varieties of equipment in each individual organization, but also, and perhaps more importantly, the different ways that every organization…
SecTor 2022: The IoT Hack Lab is Back!
Last year, it was great to be back at SecTor after everything was canceled in 2020. The capacity was reduced, but the Hack Lab was still plenty busy and we loved having everyone come by and visit our table and…
Top Phishing and Social Media Threats: Key Findings from the Quarterly Threat Trends & Intelligence Report
In today’s online landscape, it is crucial for organizations to stay on top of the threats that put their enterprises at risk. Agari and PhishLabs have put together their Quarterly Threat Trends & Intelligence Report detailing their analysis of phishing…
A Traveller’s Guide to Staying Cyber safe
With the massive increase in mobile device sales worldwide, it is easy to imagine that the number of people using the internet while travelling has also increased significantly in recent years. With this growth in online activity comes a greater…
SecTor 2022: The Power of the Pico
I’m excited to share that I will be speaking at SecTor this year in the tools track. While the SecTor schedule is not yet finalized, I’m currently listed as speaking at 10:15am on October 6th. The talk, The Power of…
Tripwire Patch Priority Index for August 2022
Tripwire’s August 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Office, Outlook, and Excel that resolve 4 vulnerabilities, including denial of service, remote code execution,…
What Are Privacy-Enhancing Technologies (PETs)? A Comprehensive Guide
Modern enterprises will have to work with customer data in one way or another. The COVID-19 pandemic proved that the only businesses that would survive the future were those willing to embrace technology. While technologies such as the Internet of…
Defense in Depth: 4 Essential Layers of ICS Security
It is always said that security is never a one-size-fits-all solution. This is true not only because of the apparent infinite varieties of equipment in each individual organization, but also, and perhaps more importantly, the different ways that every organization…
A Traveller’s Guide to Staying Cyber safe
With the massive increase in mobile device sales worldwide, it is easy to imagine that the number of people using the internet while travelling has also increased significantly in recent years. With this growth in online activity comes a greater…
SecTor 2022: The Power of the Pico
I’m excited to share that I will be speaking at SecTor this year in the tools track. While the SecTor schedule is not yet finalized, I’m currently listed as speaking at 10:15am on October 6th. The talk, The Power of…
Top Phishing and Social Media Threats: Key Findings from the Quarterly Threat Trends & Intelligence Report
In today’s online landscape, it is crucial for organizations to stay on top of the threats that put their enterprises at risk. Agari and PhishLabs have put together their Quarterly Threat Trends & Intelligence Report detailing their analysis of phishing…
FBI warns of criminals attacking healthcare payment processors
Millions of dollars have been stolen from healthcare companies after fraudsters gained access to customer accounts and redirected payments. In a newly-published advisory directed at the healthcare payment industry, the FBI warns that cybercriminals are using a cocktail of publicly-available…
Strong Authentication Considerations for Digital, Cloud-First Businesses
Authentication as a baseline security control is essential for organizations to know who and what is accessing corporate resources and assets. The Cybersecurity and Infrastructure Security Agency (CISA) states that authentication is the process of verifying that a user’s identity…
Cybersecurity Threats to the US Water Industry
In an increasingly digital world, cybersecurity is a significant – and relevant – threat to individuals and companies alike. Cybercriminals are constantly devising new ways to steal information for personal gain through exploitation or ransom demands. It’s become unfortunately commonplace…
VERT Threat Alert: September 2022 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s September 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1021 on Wednesday, September 14th. In-The-Wild & Disclosed CVEs CVE-2022-23960 The first disclosed vulnerability this month is Spectre-BHB…
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 5, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of September 5th, 2022. I’ve…
Common Criteria Certification: What Is It, and What Does It Mean for Tripwire Enterprise?
Common Criteria for Information Technology Security Evaluation (CC) is an international agreement that provides a set of standards, testing processes, and documentation standards that is widely recognized as the leading standard for defined software security standards. The Canadian Centre for…
The ClubCISO report reveals a fundamental shift in security culture
With business and technology becoming increasingly intertwined, organizations are being forced to rethink how they look at digital security. Once overlooked or viewed as a mere afterthought, today it has become a business-critical necessity. As a result, organizations across industry…
How to Correctly Classify Your Data in 2022
Data classification can feel like an overwhelming task, especially for organizations without a strong practice in place. As with any security approach, data classification is both crucial and tempting to avoid. Regardless of whether the value is recognized, there’s a…
Warning issued about Vice Society ransomware gang after attacks on schools
A ransomware gang that has been increasingly disproportionately targeting the education sector is the subject of a joint warning issued by the FBI, CISA, and MS-ISAC. The Vice Society ransomware group has been breaking into schools and colleges, exfiltrating sensitive…
Working Abroad as a Cybersecurity Professional: What You Need to Know
The world is becoming a smaller place. The prospect of working in another country becomes increasingly realistic and even promising as businesses migrate toward the cloud and collaborate more closely with international partners. Amid this shift, cybersecurity professionals may wonder…
How Penetration Testing can help prevent Ransomware Attacks
It is hard to believe, but ransomware is more than three decades old. While many would think that the ransomware mayhem started with the WannaCry attack of 2017, that is simply the most publicized example. Since then, dozens of ransomware…
CISO Interview Series: The thinking of a CISO at the front end of the cyber threat landscape.
What are the most important areas for a CISO to focus on? When speaking to Aman Sood, it becomes clear that the job of a CISO encompasses every aspect of a business. Aman is the Head of Cyber Security with…
Dispelling 5 Myths and Misconceptions Surrounding File Integrity Monitoring (FIM)
File integrity monitoring (FIM) started back in 1997 when Gene Kim launched Tripwire and its “Change Audit” solution. Just a few years later, Change Audit became FIM; this rebranded tool worked with the 12 security controls identified in Visa’s Cardholder Information Security Program…
WhatsApp Scams in 2022: What to Look out for
WhatsApp is ranked as the most popular mobile messenger app in the world. In fact, there are two billion active users on the app. This is an incredibly large audience. Unfortunately, it is also a huge number of potential victims…
What Is the ISA/IEC 62443 Framework?
Cybersecurity threats to manufacturing and process plants are coming from a wide range of attack vectors, including supply chain, logistics, enterprise computing, remote connections, operator stations, programmable logic controllers, distributed control systems (DCSs), smart sensors, and new smart devices. Internet…
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 29, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 29th, 2022. I’ve…
10 Things Your Workforce Can Do To Support Your Company’s Security Health
The biggest cyber security threat that businesses have to tackle is much closer than you’d think. Verizon’s 2022 Data Breach Investigations report – found human error to be a key driver in 82% of breaches, which is why it is…
FBI issues warning after crypto-crooks steal $1.3 billion in just three months
Amid a wave of hacks that have cost investors billions of dollars worth of cryptocurrency, the FBI is calling on decentralised finance (DeFi) platforms to improve their security. In a warning posted on its website, the FBI said that cybercriminals…
Defense and Development: Key points from The Complete Guide to Application Security for PCI-DSS
The increasing popularity of online payment systems results from the world’s gradual transition to a cashless and contactless digital economy — an economy, projected in a recent Huawei white paper, to be worth $23 trillion by 2025. With digital commerce…
Everything You Need to Know About CI/CD and Security
CI/CD is a recommended technique for DevOps teams and a best practice in agile methodology. CI/CD is a method for consistently delivering apps to clients by automating the app development phases. Continuous integration, continuous delivery, and continuous deployment are the…
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 22, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 22nd, 2022, including…
Key Points from the IBM Cost of a Data Breach Report 2022
The volume and impact of data breaches have accelerated largely in 2022, which has contributed to many adverse effects for businesses. Tc highlights several updated factors that have generated great costs across 17 countries and regions, and 17 industries. The…
How to Prevent High Risk Authentication Coercion Vulnerabilities
Most of us already know the basic principle of authentication, which, in its simplest form, helps us to identify and verify a user, process, or account. In an Active Directory environment, this is commonly done through the use of an…
LastPass attackers steal source code, no evidence users’ passwords compromised
LastPass, the popular password manager used by millions of people around the world, has announced that it suffered a security breach two weeks ago that saw attackers break into its systems and steal information. But don’t panic just yet –…
Top tips for securing board-level buy-in for cybersecurity awareness campaigns
With Cyber Security Awareness month fast approaching, information security professionals and data protection managers will be looking at how to secure board-level buy-in for company-wide cybersecurity awareness campaigns. Often, this is the biggest hurdle for any cyber awareness campaign as…
Why Does Medical Imaging Equipment Need Better Cybersecurity?
Medical imaging cybersecurity needs to evolve to meet today’s security threats. Cyberthreats specifically targeting health care institutions have increased over recent years. More data is also at risk since patients have begun widely using telemedicine services. In addition to the…
5 Things We Learned from The Definitive Guide to Data Loss Prevention (DLP)
In the context of hybrid work, the threat of data loss is rampant. Cybersecurity systems that were once designed to operate within the confines of a network perimeter have become obsolete, with employees using various devices, networks, and applications to…
Privacy in Q2 2022: US, Canada, and the UK
The second quarter of 2022 offered plenty of positing on privacy, both in the U.S. and internationally. In the U.S., we saw the addition of another state privacy law, and a spark of hope in privacy professionals’ eyes with the…
Black Hat USA 2022: Key Highlights
Arriving at the keynote hall for Black Hat 2022, I was immediately struck by the size of the crowd – after the seemingly endless pandemic hiatus, the cyber industry had come out in force. The mood was one of enthusiasm,…
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 15, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 15th, 2022. I’ve…
Email and cybersecurity: Fraudsters are knocking
Can you remember your first email? Either sending one, or receiving it? I certainly remember explaining to people what email was, and I also remember someone telling me they could live without their email server for “about a month before…
The State of Security: SIEM in 2022
The world of enterprise cybersecurity is exceedingly dynamic. In a landscape that is ever-changing, security professionals need to combat a class of evolving threat actors by deploying increasingly sophisticated tools and techniques. Today with enterprises operating in an environment that…
What is Configuration Drift?
In a previous post my colleague spoke about how ensuring devices on your network is a great way to minimize the attack surface of your infrastructure. Organizations like the Center for Internet Security (CIS) provide guidelines on how to best…
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 8, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 8st, 2022. I’ve…
Interpreting the Key Points of The 2022 IBM i Marketplace Survey Results
This year marks the eighth edition of the popular IBM i Marketplace Survey Results. Each year, HelpSystems collects data about how companies utilize the IBM i platform and the IT enterprises it helps. Year after year, the survey has started…
A 5 Step Checklist for Complying with PCI DSS 4.0
In March 2022, the Payment Card Industry Data Security Standard (PCI DSS) was updated with a number of new and modified requirements. Since their last update in 2018, there has been a rapid increase in the use of cloud technologies,…
5 tips for spotting and avoiding Pig butchering scams
A new type of scam, called “pig butchering” is gaining momentum. Pig butchering is a unique scam which uses a romance scam script, but with an investment spin on it, where victims are groomed to invest large sums of money,…
Ransomware attack blamed for closure of all 7-Eleven stores in Denmark
Ransomware is to blame for the closure of all 175 7-Eleven stores in Denmark on Monday. The retailer closed all of its stores in Denmark after its cash registers and payment systems were brought down in the attack. Initially, 7-Eleven’s…
Supply Chain Cybersecurity – the importance of everyone
This week, I spoke with a new client who told me all about how they are looking forward to addressing a number of internal issues surrounding their IT systems. They explained that over the last 12 months, they repeatedly had…
Convergence and adoption of AI and ML countering the cyber threat
During the last few years, we have witnessed an increase in advanced cyber attacks. Cybercriminals utilize advanced technology to breach the digital boundary and exploit enterprises’ security vulnerabilities. No industry feels secure; security professionals do their utmost to close security…
3 Types of Network Attacks to Watch Out For
Cybersecurity is becoming more of a common term in today’s industry. It is being passed around executive meetings along with financial information and projected marketing strategies. Within the cybersecurity lexicon, there are some attack methods that are repeated enough to…
Cyber Threats – The New Norm in Data Security
“Data: We have never had so much of it, and it has never been so challenging to protect.” These are some of the opening words in the new survey published by ISMG and HelpSystems in the ‘Data Security Survey 2022’.…
VERT Threat Alert: August 2022 Patch Tuesday Analysis
Today’s Patch Tuesday VERT Alert addresses Microsoft’s August 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1015 on Wednesday, August 10th. In-The-Wild & Disclosed CVEs CVE-2022-34713 According to Microsoft, CVE-2022-34713 is a…
Application Security Report 2022: Key Trends and Challenges
At a time when the state of cybersecurity is constantly changing, with new and increasing threats arising each day, it is vital for all organizations to keep it near the top of their list of priorities. Business applications are increasingly…
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 1, 2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 1st, 2022. I’ve…
Weak Cybersecurity is taking a toll on Small Businesses
Life among America’s nearly 32 million small businesses has never been easy. According to the Small Business Administration, about 20% of small business startups fail in their first year and half succumb to failure within five years. Bigger businesses have…
Top trends in Application Security in 2022
The rising number of cyber attacks against software applications has emphasized how security must serve as an important factor in software development. More than the traditional Software Development Lifecycle (SDLC) procedures, now security-integrated development lifecycles are being widely adapted. These…
Aviation Safety and Cybersecurity: Learning from Incidents
The aviation safety sector is the study and practice of managing aviation risks. It is a solid concentration of regulations, legal documents, investigations of accidents and near-miss aviation incidents. On top of them lie lessons learned and shared knowledge; reports,…