Tag: Blog RSS Feed

IT infrastructure management is a complex task. Over the years, various methods have been used to better manage corporate environments. Whether it is network monitoring, asset control, application monitoring, or any of the other infrastructure management obligations, different solutions have…

Read more →

What Is Authentication? Authentication is the process of verifying the identity of a user or system. It is a critical component of security, ensuring that only authorized individuals or entities can access sensitive information or systems. There are several methods…

Read more →

It has been only one year and nine months since OpenAI made ChatGPT available to the public, and it has already had a massive impact on our lives. While AI will undoubtedly reshape our world, the exact nature of this…

Read more →

NIST SP 800-53 is a framework developed by the National Institute of Standards and Technology (NIST) that provides guidelines and best practices for securing federal information systems and protecting the privacy of individuals whose information these systems handle. The Special…

Read more →

An investigation dating back almost ten years has seen the extradition this week to the United States of a man suspected to be the head of one the world’s most prolific Russian-speaking cybercriminal gangs. The UK’s National Crime Agency (NCA)…

Read more →

The NIST Cybersecurity Framework (CSF), published by the US National Institute of Standards and Technology (NIST), is a widely used set of guidelines for mitigating organizational cybersecurity risks. It contains recommendations and standards to help organizations identify and detect cyberattacks…

Read more →

Today’s VERT Alert addresses Microsoft’s August 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1119 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-38178 CVE-2024-38178 describes a vulnerability in the…

Read more →

Social engineering is a dangerous weapon many cybercriminals use to achieve their nefarious goals. It leverages psychological manipulation to deceive individuals into divulging confidential or personal information. Unlike traditional hacking, which relies on exploiting software vulnerabilities, social engineering targets human…

Read more →

We recently presented the webcast “Find Your Best Fit, Solving the Cybersecurity Framework Puzzle.” Tyler Reguly, who is a senior manager of research and development at Fortra and a former professor at his alma mater, Fanshawe College, served as the…

Read more →

Many people don’t realize that scams are complicated events orchestrated by scammers, which often include myriad persuasive techniques and take advantage of our individual characteristics and circumstances. While each scam varies in complexity, they typically progress through three broad stages,…

Read more →

According to the FBI, billions of dollars have been lost through Business Email Compromise (BEC) attacks in recent years, so you may well think that there is little in the way of good news. However, it has been revealed this…

Read more →

If you’ve been keeping up with the Payment Card Industry Data Security Standard (PCI DSS), you’ll know it has a new specification that revolves around network security controls. Let’s dig into the details. A Little Back Story It helps to…

Read more →

When performing a security assessment, many folks will focus on asset management. This is an important first step, as it often reveals assets in the environment that were previously unknown. The next step in determining how to best secure the…

Read more →

Tripwire’s July 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the list are patches for Microsoft Office and Outlook that resolve remote code execution and spoofing vulnerabilities. Next are patches that affect components of the…

Read more →

Cybercriminals are notorious for their opportunism. No situation is off limits: whether they exploit conflict and human suffering, blackmail vulnerable individuals by threatening to leak therapy notes, or even bring healthcare organizations to their knees, cybercriminals will stop at nothing…

Read more →

Bot attacks constitute a major danger to businesses and individuals. For five consecutive years, the percentage of global web traffic connected to bad bots has increased, reaching 32% in 2023, a 1.8% increase from 30.2% in 2022, while human traffic…

Read more →

The Sarbanes-Oxley Act of 2002 (SOX) was enacted to restore public confidence in the wake of major corporate and accounting scandals. The legislation aims to protect investors by improving the accuracy and reliability of corporate disclosures made pursuant to the…

Read more →

The staggering sum of US $75 million has reportedly been paid to a ransomware gang in what is believed to be the largest known ransom payment made by a cyber attack victim since records began. Researchers at Zscaler claim in…

Read more →

In our continuing series of book reviews, the Fortra team read How AI Works: From Sorcery to Science by Ronald T. Kneusel. The book is advertised as unraveling “the mysteries of artificial intelligence, without the complex math and unnecessary jargon.”…

Read more →

Burnout happens when job demands such as workload, time pressure, and difficult clients are high, as well as when job resources, including quality leadership, autonomy and decision authority, recognition, and strong relationships, are lacking. The field of cybersecurity is particularly…

Read more →