Tag: Blog RSS Feed

Individual users are often referred to as the weakest link in cybersecurity, as human error is a major contributor to security incidents of all kinds. However, employees can also be a significant asset when adequately trained in cybersecurity hygiene and…

Read more →

A WordPress plugin used on over 300,000 websites has been found to contain vulnerabilities that could allow hackers to seize control. Security researchers at Wordfence found two critical flaws in the POST SMTP Mailer plugin. The first flaw made it…

Read more →

At Tripwire’s recent Energy and NERC Compliance Working Group, we had the opportunity to speak with the Manager of Gas Measurement, Controls, & Cybersecurity at a large energy company. More specifically, we focused on SCADA and field assets of gas…

Read more →

Cloud providers are becoming a core part of IT infrastructure. Amazon Web Services (AWS), the world’s biggest cloud provider, is used by millions of organizations worldwide and is commonly used to run sensitive and mission-critical workloads. This makes it critical…

Read more →

Tripwire’s December 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Google. First on the patch priority are patches for Google Chrome and Microsoft Edge (Chromium-based) that resolve elevation of privilege, remote code execution, and information disclosure…

Read more →

Today’s VERT Alert addresses Microsoft’s January 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1088 as soon as coverage is completed. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed…

Read more →

In the digital world, where countless users communicate, share data, and engage in diverse activities, determining the origin and actions behind these interactions can be quite challenging. This is where non-repudiation steps in. Coupling other security factors, such as delivery…

Read more →

Back in 1992, when I was more concerned about my acne breakouts and being selected for the Junior cricket team, a freshman at Purdue University was studying the impact of the 1988 Morris Worm event and how it brought about…

Read more →

The shifting sands of IT make the adage “you never know it all” ever more true as time goes by. I recall days when it felt like you could click through every major directory of Yahoo and know a little…

Read more →

The payment industry is bracing for the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0 , heralding significant changes in cybersecurity practices. As we approach the implementation of this revised standard, a critical focal point emerges: the…

Read more →

What is an Attack Surface? An attack surface is the total number of channels, pathways, or areas that threat actors can utilize to gain unauthorized access to networks. The result is that they can obtain private information or carry out…

Read more →

Anyone can get scammed . If you think you’re somehow immune to being scammed, then, in my opinion, you’re a prime target for being scammed. No one is too big, too clever, too security-savvy to avoid being duped because it’s…

Read more →

At the turn of the millennium, few people were worried about cybercrime. The Good Friday Agreement had just come into effect, the US expelled a Russian diplomat for spying, and the threat of the Y2K bug loomed. ILOVEYOU , the…

Read more →

Continuous Integration and Continuous Delivery (CI/CD) security has become crucial to modern software development practices. As the speed of software development increases with DevOps and Agile methodologies, there is a growing need to ensure the integrity of software across the…

Read more →

What Is the Future and Technology of Zero Trust? In the dynamic realm of cybersecurity, the future of Zero Trust unfolds with promises and challenges. In the second part of the Zero Trust series, we explore the insights from industry…

Read more →

Despite increasing data breaches, ransomware attacks, and assorted cyber threats, convincing the Board of Directors to invest in robust cybersecurity isn’t always easy for many businesses. The challenge originates mainly from the need to demonstrate a quantifiable Return On Investment…

Read more →

Cloud optimization is the process of correctly selecting and assigning the right resources to a workload or application with the ultimate goal of minimizing costs while improving performance and efficiency. These resources can range from computational power, memory, and storage…

Read more →

We live in a highly digitized world, and small businesses and solopreneurs have become prime targets for cybercriminals. The 2023 Business Impact Report , conducted by the Identity Theft Resource Center (ITRC), sheds light on a concerning trend: a sharp…

Read more →

Cybersecurity is an essential consideration for any organization that deals in the digital sphere on any level, and the education sector is no exception. In recent years, the global pandemic and technological advances have led to a massive shift toward…

Read more →

In an era where knowledge and creativity are the cornerstones of progress, intellectual property ( IP ) is not just a legal asset but the very lifeblood that sustains business innovation, competitiveness, and growth. However, as we march deeper into…

Read more →