Tag: Blog RSS Feed

In a co-ordinated international effort, the law enforcement agencies of 15 countries have made the holiday season a little less stressful for companies and consumers – by seizing control of some of the internet’s most popular DDoS-for-hire services. Operation PowerOFF…

Read more →

Web browsers and email clients are used to interact with external and internal assets. Both applications can be used as a point of entry within an organization. Users of these applications can be manipulated using social engineering attacks. A successful…

Read more →

Today’s VERT Alert addresses Microsoft’s December 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1136 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-49138 The only vulnerability that has been…

Read more →

What is 3AM? 3AM (also known as ThreeAM) is a ransomware group that first emerged in late 2023. Like other ransomware threats, 3AM exfiltrates victims’ data (threatening to release it publicly unless a ransom is paid) and encrypts the copies…

Read more →

In today’s data-driven world, collecting information is just the beginning. The real value lies in transforming raw data into actionable insights that drive decisions. For enterprise security, this means making data not only accessible but also organized, relevant, and easy…

Read more →

Cyber resilience is a constant topic of concern in technology and cybersecurity, as it approaches security from the standpoint of assuming that attacks are inevitable rather than solely attempting to prevent them. Layered cybersecurity is crucial to ensure comprehensive defense…

Read more →

Technological advances usually lead to a brighter future. While that may be true, these developments could also be used to refine and increase cybersecurity scams. Attackers do not care about who they target as long as they get people’s and…

Read more →

When I was younger, I played a variety of team sports and enjoyed competing against opponents with my teammates. Winning was always a matter of applying sound tactics and strategy, attacking and defending well and using a blend of skill,…

Read more →

The UK’s National Crime Agency (NCA) has revealed details of Operation Destabilise, a years-long international law enforcement investigation into a giant Russian money laundering enterprise that handled billions of dollars for drug traffickers and ransomware gangs worldwide. The multi-billion dollar…

Read more →

The issue of diversity in the cybersecurity sector has been present since the early days of IT companies. The public perception of a cybersecurity professional carries with it a specific image of the kind of person who works in IT…

Read more →

Vulnerability management (VM) has always been a complex area of concern that requires continuous and active effort to work properly. This can make it challenging for organizations to maintain their VM strategies and solutions over time, as there are many…

Read more →

With the continuing rise of ransomware, malware defenses are more critical than ever before with regard to securing the enterprise. Anti-Malware technologies have become an afterthought in many organizations, a technology that they’ve always had, always used, and never really…

Read more →

Tripwire’s November 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google Chromium. First on the list are patches for Microsoft Edge, Excel, and Word that resolve remote code execution and security feature bypass vulnerabilities. Next are…

Read more →

It’s not a new technique, but that doesn’t mean that cybercriminals cannot make rich rewards from SEO poisoning. SEO poisoning is the dark art of manipulating search engines to ensure that malware-laced adverts and dangerous websites appear high on users’…

Read more →

What is ShrinkLocker? ShrinkLocker is a family of ransomware that encrypts an organisation’s data and demands a ransom payment in order to restore access to their files. It was first identified by security researchers in May 2024, after attacks were…

Read more →

In an era where innovative technologies are emerging left, right, and center, two of the most influential in recent years are experiencing exponential growth. Virtual Reality (VR) and Augmented Reality (AR) are immersive technologies that have now firmly integrated into…

Read more →

Data shows that financial motivation is a huge incentive for threat actors, which explains the rising prevalence of ransomware and other extortion breaches in the corporate world. In 2023 alone, business email compromise (BEC) complaints received by the FBI amounted…

Read more →

Networks form a critical core for our modern-day society and businesses. People, processes, and technologies should be in place for monitoring, detecting, logging, and preventing malicious activities that occur when an enterprise experiences an attack within or against their networks.…

Read more →

Today’s VERT Alert addresses Microsoft’s November 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1132 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-43451 A vulnerability that allows for NTLMv2…

Read more →

When tasked with the IT security of an organization, it can be easy to get bogged down in particulars and definitions and lose heart before you’ve even begun. With a plethora of terms to learn, details to secure, and moving…

Read more →