Category: The State of Security

This article has been indexed from The State of Security It’s not often we can say this, but 2022 is shaping up to be an exciting time in information governance, especially for those interested in compliance and compliance frameworks. We…

Read more →

This article has been indexed from The State of Security We all know that it is a question of when you will be compromised and not if you will be compromised. It is unavoidable. The goal of CIS Control 17…

Read more →

This article has been indexed from The State of Security The Payment Card Industry Data Security Standard (PCI DSS) is a benchmark with tenure in the industry, with the first version being introduced in 2004. The PCI DSS was unique…

Read more →

This article has been indexed from The State of Security Organizations are always concerned with improving efficiencies to make business flow smoother. Some of the biggest inefficiencies in any business revolve around time wasted on operational tasks. Whether it is a stale…

Read more →

This article has been indexed from The State of Security All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out…

Read more →

This article has been indexed from The State of Security For most organizations, Security Operations Center (SOC) teams have long since been their first line of defense. These SOC systems efficiently ensure robust cybersecurity and are designed to detect, analyze,…

Read more →

This article has been indexed from The State of Security Telecommunication is the first, and most robust network ever invented.  This may seem like a brazen and bold statement, but when examined closely, it is not the stuff of fantasy. …

Read more →

This article has been indexed from The State of Security Compliance should be an essential part of business operations, regardless of industry. Taking preventative measures to manage compliance and mitigate risk can feel like a hassle upfront, but it can…

Read more →

This article has been indexed from The State of Security Have you ever been around someone who is just better at something than you are? Like when you were in grade school and there was this person who was effortless…

Read more →

This article has been indexed from The State of Security The way in which we interact with applications has changed dramatically over years. Enterprises use applications in day-to-day operations to manage their most sensitive data and control access to system…

Read more →

This article has been indexed from The State of Security Sometimes referred to as Sodinokibi, the notorious REvil ransomware-as-a-service (RAAS) enterprise was responsible for a series of high profile attacks against the likes of the world’s biggest meat supplier JBS…

Read more →

This article has been indexed from The State of Security In recent years, cyber espionage has been growing in magnitude and complexity. One of the most common targets is Industrial Control Systems (ICS) within critical infrastructure sectors. With many organizations…

Read more →

This article has been indexed from The State of Security Parece que los temas más populares en ciberseguridad durante el último año han sido la confianza “Zero Trust”, así como la convergencia de la tecnología de la información (TI) y…

Read more →

This article has been indexed from The State of Security What does the term “Legacy Systems” mean to you? What image does it conjure up? Well, the word “legacy” can mean “something transmitted by or received from an ancestor or…

Read more →

This article has been indexed from The State of Security All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out…

Read more →

This article has been indexed from The State of Security Environmental sustainability has become a significant concern for businesses today. Yet, many are not seeing the connection between sustainability efforts and cybersecurity.  Despite how different they may seem, these two…

Read more →

This article has been indexed from The State of Security To put the impact of cybercrime into perspective, let’s examine some important, and startling, numbers: Data breach costs increased from $3.86 million to $4.24 million in 2021. Every 39 seconds,…

Read more →

This article has been indexed from The State of Security Como profesionales de la ciberseguridad, siempre insistimos en la importancia de la gestión de parches como una de las mejores formas de proteger los sistemas contra las vulnerabilidades. A veces,…

Read more →

This article has been indexed from The State of Security Last week, I attended the NotSoSecure Advanced Web Hacking training. While there were plenty of interesting topics taught, one that caught my attention was Out-of-Band (OOB) Data Exfiltration using DNS.…

Read more →

This article has been indexed from The State of Security A few months ago, a news popular cybersecurity news organization posted an urgent notice on social media seeking help to recover their data after their blog was deleted.  They announced…

Read more →

This article has been indexed from The State of Security Have you ever confused your acronyms?  Perhaps you have laughed when someone has had to explain some of the acronyms used in text messages.  Business, and especially technology acronyms are…

Read more →

This article has been indexed from The State of Security Originally envisaged as a convenient way to store web data, cookies emerged as a powerful marketing tool in the 2000s. For many years, digital marketers relied on cookies for data…

Read more →

This article has been indexed from The State of Security All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out…

Read more →

This article has been indexed from The State of Security Security isn’t a simple matter of caring or spending time reading manuals or being told what you can or can’t do. Security is understanding how to view the world from…

Read more →

This article has been indexed from The State of Security Many UK business and technology executives aren’t hopeful about their digital security going into 2022. In a survey of 3,600 business and technology executives, of which 257 were from the…

Read more →

This article has been indexed from The State of Security Cloud computing has emerged as the go-to organizational workload choice because of its innate scalability and flexibility. However, cloud computing still comes with some security risks. Examining cloud security is…

Read more →

This article has been indexed from The State of Security El cambio es prolífico en los entornos de TI de las organizaciones. Los activos de hardware cambian. Los programas de software cambian. Los estados de configuración cambian. Algunas de estas…

Read more →

This article has been indexed from The State of Security What is this AvosLocker thing I’ve heard about? AvosLocker is a ransomware-as-a-service (RaaS) gang that first appeared in mid-2021. It has since become notorious for its attacks targeting critical infrastructure…

Read more →

This article has been indexed from The State of Security What is EDoS? Economic Denial of Sustainability (EDoS) is a cybersecurity threat targeting cloud environments. EDoS attacks exploit the elasticity of clouds, particularly auto-scaling capabilities, to inflate the billing of…

Read more →

This article has been indexed from The State of Security What is EDoS? Economic Denial of Sustainability (EDoS) is a cybersecurity threat targeting cloud environments. EDoS attacks exploit the elasticity of clouds, particularly auto-scaling capabilities, to inflate the billing of…

Read more →

This article has been indexed from The State of Security We all know about the attacker who leverages their technical expertise to infiltrate protected computer systems and compromise sensitive data. This type of malicious actor ends up in the news…

Read more →

This article has been indexed from The State of Security Requirements for reporting cybersecurity incidents to some regulatory or government authority are not new, but there has always been a large amount of inconsistency, globally, in exactly what the requirements…

Read more →

This article has been indexed from The State of Security All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out…

Read more →

This article has been indexed from The State of Security Endpoint devices played a big part in malware and ransomware attacks in 2021. According to a study covered by Help Net Security, security researchers detected more malware and ransomware endpoint…

Read more →

This article has been indexed from The State of Security One of the main challenges of OT security is the problem of compatibility. OT components often differ significantly from each other in terms of age and sophistication as well as…

Read more →

This article has been indexed from The State of Security Security researchers have warned that they have seen a number of malicious email campaigns which pose as communications from the Internal Revenue Service (IRS). The post As tax deadlines approach,…

Read more →

This article has been indexed from The State of Security How often have you heard someone say “Cybersecurity is complicated!”? If you’re a practitioner in the cybersecurity industry you’ll have heard these words often, probably along with “…and it’s really…

Read more →

This article has been indexed from The State of Security Many industrial security professionals lack visibility into their organizations’ assets and processes. This includes Industrial Internet of Things (IIoT) devices as well as industrial organizations’ supply chains. Back in March…

Read more →

This article has been indexed from The State of Security El 9 de diciembre de 2021, Apache publicó una vulnerabilidad de “día cero” (CVE-2021-44228) para Apache Log4j que se conoce como “Log4Shell”. Esta vulnerabilidad ha sido clasificada como “Crítica” con…

Read more →

This article has been indexed from The State of Security In this episode, Kai Roer, Chief Research Officer at KnowBe4, explains how human factors will always play a role in how secure our technology is. Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnmStitcher: https://www.stitcher.com/podcast/the-tripwire-cybersecurity-podcastRSS: https://tripwire.libsyn.com/rssYouTube: https://www.youtube.com/playlist?list=PLgTfY3TXF9YKE9pUKp57pGSTaapTLpvC3…

Read more →

This article has been indexed from The State of Security Like many organizations, K-12 schools adapted to COVID-19 by accelerating their digital transformation journeys. And like everyone else who followed this path, they invited unwanted attention from digital criminals in…

Read more →

This article has been indexed from The State of Security The past few years have emphasized just how important cybersecurity is. As cybercrime reached record heights and more companies went digital, industries realized their current security efforts fell short. Healthcare…

Read more →

This article has been indexed from The State of Security What is this Ragnar Locker thing I’ve heard about? Ragnar Locker is a family of ransomware, which first came to prominence in early 2020 when it became notorious for hitting…

Read more →

This article has been indexed from The State of Security There has been a lot of talk about cyber weapons and the cyber dimension of global politics after the NotPetya and WannaCry attacks of 2017 and the Stuxnet worm, first…

Read more →

This article has been indexed from The State of Security Today’s VERT Alert addresses Microsoft’s March 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-989 on Wednesday, March 9th. In-The-Wild & Disclosed…

Read more →

This article has been indexed from The State of Security The benefits of a capable and properly deployed File Integrity Monitoring (FIM) solution are plentiful: If you see unexpected or unexplained file changes, you can investigate immediately and resolve the issue quickly…

Read more →

This article has been indexed from The State of Security Asset inventory is a significant part of a comprehensive security plan for all organizations.  After all, if you do not know what assets you have, then you cannot manage them. …

Read more →

This article has been indexed from The State of Security All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out…

Read more →

This article has been indexed from The State of Security 2021 was the year that marked a major cyber-attack against a critical national infrastructure organization whose impact was felt by millions of Americans on the East Coast. However, the attack…

Read more →

This article has been indexed from The State of Security In November 2018, the Australian Prudential Regulation Authority (APRA) released the Prudential Standard CPS 234 in direct response to the escalating attack landscape in the financial sector. APRA has understood…

Read more →

This article has been indexed from The State of Security The US Senate has passed legislation designed to improve the cybersecurity of the Federal Government. The legislation, which consists of three bills, was unanimously passed by the Senate on Tuesday…

Read more →

This article has been indexed from The State of Security In a previous article, I examined Australia’s proposed Security Legislation Amendment (Critical Infrastructure) Bill 2020. This information security overhaul imposes strict reporting requirements for enterprises as well as affords the…

Read more →

This article has been indexed from The State of Security We all know how important security awareness training is for an organization. Moreover, we try to enhance our efforts by weaving security into the “culture” of the organization. Yet, from the…

Read more →

This article has been indexed from The State of Security Cloud adoption has come a long way from its early days where corporate executives questioned the stewardship of their data. The initial suspicions of “where’s my data” have been laid…

Read more →

This article has been indexed from The State of Security Perhaps Disaster Recovery (DR) isn’t one of the hot terms like the Internet of Things (IoT) or Hybrid Cloud, but I would argue that re-examining your DR plan now might…

Read more →

This article has been indexed from The State of Security As a former systems and network administrator, I understand the demands that are placed on today’s IT professionals. It’s true that skills gap continues to hamper IT and security personnel,…

Read more →

This article has been indexed from The State of Security All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out…

Read more →

This article has been indexed from The State of Security Global supply chains are bearing the brunt of ransomware attacks, according to a new report that finds manufacturing was the most targeted industry during 2021. Knocking financial services and insurance…

Read more →

This article has been indexed from The State of Security Enterprises today rely on partners and vendors to help manage their data. Some companies depend on third-party infrastructure for day-to-day operations, so understanding the regulations and protection standards that a…

Read more →

This article has been indexed from The State of Security Tripwire’s February 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month is a vulnerability for Microsoft Windows LSA (CVE-2021-36942). This…

Read more →

This article has been indexed from The State of Security In the early years of cybersecurity, it was often said that people are the weakest link. This did nothing to encourage support, as it was insulting and demeaning. The new and…

Read more →

This article has been indexed from The State of Security I took note of the recent uptick in discussions about the concept of observation in the IT world and found myself compelled to come back to the topic, which I’ve…

Read more →

This article has been indexed from The State of Security Part of operating an effective security program is the ability to never rest upon any previous success. When guarding against an adversary, yesterday’s success is quickly eclipsed by the dynamic shift…

Read more →

This article has been indexed from The State of Security All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out…

Read more →

This article has been indexed from The State of Security Cybersecurity is never static, and that’s especially true today. After widespread and frequent disruptions in the past few years, the cyber defense landscape is shifting. Favored attack vectors are changing,…

Read more →

This article has been indexed from The State of Security Organizations are under constant threat of cybercrime. While there are many available attack vectors, email is the most obvious path towards a full network compromise. The notion that email security should be…

Read more →

This article has been indexed from The State of Security The Federal Bureau of Investigation (FBI), Department of Homeland Security Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) have joined forces to publish a joint warning that…

Read more →

This article has been indexed from The State of Security No one doubts the importance of cybersecurity in web development — and yet, often in the development cycle, we neglect to prioritize it across each sprint and into the final…

Read more →

This article has been indexed from The State of Security One very predictable part of cybersecurity is that the work is unpredictable.  here are routines that help to create a predictable rhythm, but you don’t necessarily know when the next…

Read more →

This article has been indexed from The State of Security Hosting the Olympics is always a source of national pride for any nation chosen to do so. Whether in winter or summer, the prestige of the world’s eyes being on…

Read more →

This article has been indexed from The State of Security In this episode, Ian Thornton-Trump, CISO at Cyjax, digests nation state’s disinformation campaigns and the cybersecurity landscape. He also discusses the role disinformation on social media plays in cybersecurity. Spotify:…

Read more →

This article has been indexed from The State of Security A surge in “sophisticated, high impact” ransomware attacks has prompted the United States’s Cybersecurity and Infrastructure Security Agency (CISA), the UK’s National Cyber Security Centre (NCSC), and the Australian Cyber…

Read more →

This article has been indexed from The State of Security All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out…

Read more →

This article has been indexed from The State of Security The number of missing security patches in an OT system is typically very large—measured in the thousands, at least. It would be difficult and expensive for an asset owner to…

Read more →

This article has been indexed from The State of Security If you’re a Tripwire® Whitelist Profiler customer, then you know that the software does an excellent job of executing its core functionalities. These include comparing the running state of a…

Read more →

This article has been indexed from The State of Security When was the last time you purchased a product that was in a container? If you are a typical consumer, you probably have done so in the last few days. There…

Read more →

This article has been indexed from The State of Security When was the last time you purchased a product that was in a container? If you are a typical consumer, you probably have done so in the last few days. There…

Read more →

This article has been indexed from The State of Security Today’s VERT Alert addresses Microsoft’s February 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-985 on Wednesday, February 9th. In-The-Wild & Disclosed…

Read more →

This article has been indexed from The State of Security We all want a safer Internet, but we often put a lot of trust and hope in technology to deliver on that promise. The Internet is really made up of…

Read more →

This article has been indexed from The State of Security All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out…

Read more →

This article has been indexed from The State of Security Have you considered how often your phone number has been shared? Most of us give out our cell phone numbers all the time – to friends, acquaintances, colleagues, and even big,…

Read more →

This article has been indexed from The State of Security Tripwire Configuration Manager allows for user created configuration and compliance management content via a new Policy Management capability. Custom user content can be used alongside existing cloud service provider and…

Read more →

This article has been indexed from The State of Security With two new U.S. State privacy laws, new Standard Contractual Clauses out of the EU, more GDPR-style laws passed around the globe, and record data protection fines, 2021 provided plenty…

Read more →

This article has been indexed from The State of Security Each February, the United States, Canada, the United Kingdom and other countries observe Black History Month. It’s a month-long celebration of the generations of black people who have elevated society…

Read more →

This article has been indexed from The State of Security What is this BlackCat thing I’ve heard about? BlackCat (also known as ALPHV) is a relatively new ransomware-as-a-service (RaaS) operation, which has been aggressively recruiting affiliates from other ransomware groups…

Read more →

This article has been indexed from The State of Security As the competitive online gaming and eSports industries gain legitimacy by becoming more popular and attracting mainstream attention, the question of competitive integrity lingers in the back of my mind.…

Read more →

This article has been indexed from The State of Security Tripwire’s January 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Apache, Open Source Policy Kit, Adobe, and Microsoft. First on the patch priority list this month are patches…

Read more →

This article has been indexed from The State of Security Water and wastewater treatment may not be at the top of most people’s list of discussion topics, but the more you think about it, the more clear it becomes that…

Read more →

This article has been indexed from The State of Security All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out…

Read more →

This article has been indexed from The State of Security The Unmanned Aerial Systems (UAS) industry has become a massive technological playground worldwide. Their extensive applications make UAS very popular for the public and the private sector. Armed forces, agricultural…

Read more →

This article has been indexed from The State of Security A Canadian man has been handed a three year prison sentence after being found guilty of buying and selling over 1700 stolen identities on a dark web marketplace. 29-year-old Slava…

Read more →

This article has been indexed from The State of Security Data Privacy Day (DPD) is January 28. Sounds exciting, right? I’m sure you’ve got the pinata stuffed and the presents on the way. What is DPD about? It’s all about…

Read more →

This article has been indexed from The State of Security It looks likely that the UK will join a growing number of nations promoting cybersecurity’s importance for businesses including the introduction of new laws. Amongst the proposals being considered are…

Read more →

This article has been indexed from The State of Security Industrial control systems (ICS) are specific kinds of assets and associated instrumentation that help to oversee industrial processes. According to the National Institute of Standards and Technology, there are three…

Read more →

This article has been indexed from The State of Security The number of U.S. data breaches reported in 2021 increased dramatically over the preceding year. As reported by the Identity Theft Resource Center (ITRC), there were 1,291 data breaches between…

Read more →

This article has been indexed from The State of Security All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out…

Read more →

This article has been indexed from The State of Security It has been a long time coming! The upgrade to the international standard for information security management systems, ISO27001:2013, is here (almost). Hallelujah! If you’re reading this article, then there’s…

Read more →

This article has been indexed from The State of Security Artificial Intelligence (AI) is one of the most high-profile technology developments in recent history. It would appear that there is no end to what AI can do. Fom driverless cars,…

Read more →

This article has been indexed from The State of Security It has been a long time coming! The upgrade to the international standard for information security management systems, ISO27001:2013, is here (almost). Hallelujah! If you’re reading this article, then there’s…

Read more →

This article has been indexed from The State of Security Kubernetes is the popular container orchestration platform developed by Google to manage large-scale containerized applications. Kubernetes manages microservices applications over a distributed cluster of nodes. It is very resilient and…

Read more →