Tag: Blog RSS Feed

The North American Electric Reliability Corporation Critical Infrastructure Protection (NERC CIP) regulations often make exacting demands of Fortra Tripwire’s customers, requiring them to update or create new change processes and document those processes in order to comply. In any NERC…

Read more →

The successful implementation of new tools and processes hinges not just on the technology itself but on meticulous project management. From ensuring secure access to the underlying infrastructure, a new tool will be implemented upon defining clear goals and understanding…

Read more →

Tripwire’s June 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe. First on the list this month is a patch for Microsoft Windows Error Reporting (CVE-2024-26169). This CVE is listed in the CISA Known Exploited Vulnerabilities…

Read more →

As summer approaches, many of us are eagerly planning our much-awaited vacations. Whether you’re jetting off to exotic destinations or embarking on a road trip closer to home, it’s important to remember that cybersecurity should be a part of your…

Read more →

Integrity is a vital component of any cybersecurity policy, making up one-third of the CIA Triad. However, until recently, the industry has had a limited understanding of the term, using it primarily in the context of data security. Integrity means…

Read more →

Security-Enhanced Linux (SELinux), initially known for its perceived complexity in configuration and maintenance, has evolved into an indispensable security architecture across most Linux distributions. It empowers administrators to finely control the actions permitted to individual users, processes, and system daemons,…

Read more →

With 86% of UK adults using a form of online or remote banking and high street banks closing in record numbers, banking websites have become an integral part of our daily lives. They have changed how we manage our money,…

Read more →

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that scammers are impersonating its employees in an attempt to commit fraud. In an alert posted on the CISA website, the organisation warned that so-called impersonation scams are on the…

Read more →

Many companies strive to achieve the best security possible. Along the path to improved security, many companies are also required to meet various compliance standards. In some cases, compliance is also a regulatory requirement. This crossroad between security and compliance…

Read more →

The Verizon 2024 Data Breach Investigations Report noted a 180% increase in exploited vulnerabilities over the previous year’s figures. The importance of keeping an up-to-date vulnerability management policy for remediating and controlling security vulnerabilities cannot be understated. 1. Overview: Summary…

Read more →

Today’s VERT Alert addresses Microsoft’s June 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1110 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2023-50868 The only disclosed vulnerability we…

Read more →

Exploring the intricate relationship between people and cybersecurity opens up a dynamic landscape where individuals’ decisions, habits, and intentions significantly impact the safety and integrity of digital systems. Cybercriminals are savvy opportunists, and like pickpockets, they go where the crowds…

Read more →

Did your company fall victim to the LockBit ransomware? Have cybercriminals left gigabytes of your data encrypted, with no easy route for recovery that doesn’t involve paying a ransom? Well, don’t fear. The FBI announced this week that it had…

Read more →

The ISF (Information Security Forum) Standard of Good Practice (SoGP) is a comprehensive set of best practices designed to help organizations effectively manage their information security risks. Covering various topics, including governance, risk management, compliance, incident management, and technical security…

Read more →

Threats to sensitive data are everywhere. From sophisticated cybercriminal syndicates to accidental exposure to nation-state-backed advanced persistent threat (APT) groups and everything in between, it’s never been more critical for organizations to have the correct data protection tools. When designing…

Read more →

Anyone remotely wired into technology newsfeeds – or any newsfeeds for that matter – will know that AI (artificial intelligence) is the topic of the moment. In the past 18 months alone, we’ve borne witness to the world’s first AI…

Read more →

When you speak with many of the seasoned veterans of cybersecurity, it is not unusual to learn of the twisted path in technology that eventually landed them in the security profession. However, the newest cybersecurity professionals are digital natives. They…

Read more →

Have you ever wondered how Artificial Intelligence (AI) could mimic consciousness and autonomously control various tasks? It sounds rather daunting. However, it may not be as intimidating as it seems under the right conditions. Moreover, Would AI perform tasks independently…

Read more →

Vulnerability management and patch management are often confused. However, it’s crucial to recognize that, while complementary, they are distinct processes. Understanding the differences between vulnerability management and patch management is essential for a solid security posture. Let’s delve into the…

Read more →

An insider threat is someone inside an organization – including current and former employees, partners, and contractors – who, intentionally or otherwise, put their organization at risk. They typically abuse their access to private information and privileged accounts to steal…

Read more →