Blog
Enhancing Endpoint Security with Advanced Host-Based Intrusion Detection Capabilities
By Tripwire Guest Authors on Tue, 04/23/2024
In 2023, companies lost about $4.45 million on average because of data breaches. As cyber threats advance, securing endpoints is more important than ever. An advanced Host-based Intrusion Detection System (HIDS) provides a sturdy remedy to improve endpoint security . By monitoring and examining system responses and device status, HIDS identifies and tackles nefarious behaviors that are often...
Blog
University Cybersecurity Clinics Can Now Use the New CISA Resource Guide
By Josh Breaker-Rolfe on Tue, 04/23/2024
Budgetary and resource constraints play a huge role in cyberattacks on smaller organizations. Amidst a strained global economy, many under-resourced organizations like non-profits, local governments, and hospitals struggle to keep their heads above water - they simply don't have the funds to invest in cybersecurity. To make matters worse, cybercriminals see these organizations as easy prey...
Blog
Exploring Cybersecurity Risks in Telemedicine: A New Healthcare Paradigm
By Tripwire Guest Authors on Mon, 04/22/2024
The experience of seeing a doctor has transformed dramatically, thanks in part to the emergence of telemedicine. This digital evolution promises convenience and accessibility but brings with it a host of cybersecurity risks that were unimaginable up until a few years ago. The unique cybersecurity challenges facing telemedicine today underscore the importance of adopting stringent security measures...
Blog
NSA Debuts Top 10 Cloud Security Mitigation Strategies
By Kirsten Doyle on Mon, 04/22/2024
As businesses transition to hybrid and multi-cloud setups, vulnerabilities arising from misconfigurations and security gaps are escalating, attracting attention from bad actors. In response, the US National Security Agency (NSA) issued a set of ten recommended mitigation strategies, published earlier this year (with support from the US Cybersecurity and Infrastructure Security Agency on six of the...
Blog
37 Arrested as Police Smash LabHost International Fraud Network
By Graham Cluley on Thu, 04/18/2024
Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide. A major international operation, led by the UK's Metropolitan Police, has seized control of LabHost , which has been helping cybercriminals create phishing websites since 2021 to steal sensitive information like passwords, email addresses, and bank...
Blog
Supply Chain Cybersecurity – the importance of everyone
By Gary Hibberd on Thu, 04/18/2024
I’m always surprised – and a little disappointed – at how far we have to go before supply chain cybersecurity gets the respect and attention it deserves. I sat down this week with a new client who wanted some help addressing several internal issues surrounding their IT systems. When I asked them about their relationship with the supplier – essentially, how was their supply chain cybersecurity? -...
Blog
Navigating AI and Cybersecurity: Insights from the World Economic Forum (WEF)
By Josh Breaker-Rolfe on Wed, 04/17/2024
Cybersecurity has always been a complex field. Its adversarial nature means the margins between failure and success are much finer than in other sectors. As technology evolves, those margins get even finer, with attackers and defenders scrambling to exploit them and gain a competitive edge. This is especially true for AI. In February, the World Economic Forum (WEF) published an article entitled "...
Blog
SCM and NERC: What You Need to Know
By Michael Betti on Tue, 04/16/2024
Security configurations are an often ignored but essential factor in any organization’s security posture: any tool, program, or solution can be vulnerable to cyberattacks or other security incidents if the settings are not configured correctly. Staying on top of all of these security configurations can be a daunting responsibility for security or IT teams to focus on, which is where security...
Blog
Casting a Cybersecurity Net to Secure Generative AI in Manufacturing
By Emily Newton on Tue, 04/16/2024
Generative AI has exploded in popularity across many industries. While this technology has many benefits, it also raises some unique cybersecurity concerns. Securing AI must be a top priority for organizations as they rush to implement these tools. The use of generative AI in manufacturing poses particular challenges. Over one-third of manufacturers plan to invest in this technology, making it the...
Blog
What Is an Axon Agent, and Why Do You Need One?
By Michael Betti on Mon, 04/15/2024
The number of endpoints in an organization often exceeds the number of employees. Managing these often disparate entities is more than a full-time job. Moreover, keeping them secure is equally difficult, yet securing all of your endpoints against cyber threats has become paramount for organizations worldwide. A common oversight that undermines these security efforts is the misconception about data...
Blog
ITRC's 2023 Data Breach Report Is a Mixed Bag
By Josh Breaker-Rolfe on Mon, 04/15/2024
In the first quarter of every year, organizations around the world release reports summing up data breach trends from the previous twelve months. And every year, these reports say broadly the same thing: data breach numbers have gone up again. This year is no different. Or is it? Compromises Up, Victims Down However, the Identity Theft Resource Center's (ITRC) Data Breach Report 2023 tells a...
Product Video
Tripwire Enterprise Overview
Fri, 04/12/2024
Tripwire Enterprise is an integrity management tool that combines powerful file integrity monitoring (FIM) and security configuration management (SCM) capabilities into one solution. Tripwire Enterprise helps your organization monitor for unexpected changes and misconfigurations in your environment. Take a couple minutes to watch this video to see how Tripwire Enterprise empowers you to reduce...
Blog
DragonForce Ransomware - What You Need To Know
By Graham Cluley on Thu, 04/11/2024
What's going on? A relatively new strain of ransomware called DragonForce has making the headlines after a series of high-profile attacks. Like many other ransomware groups, DragonForce attempts to extort money from its victims in two ways - locking companies out of their computers and data through encryption, and exfiltrating data from compromised systems with the threat of releasing it to others...
Live Event
Cybersecurity is a team sport. It’s heroes versus adversaries. All for one and one for all. Or else. With mounting cyber threats, tectonic changes in the digital landscape, and AI infiltrating all aspects of business, seasoned cybersecurity leaders turn to fellow practitioners to find solace and solutions. On May 8, Fortra CISO Chris Reffkin leads a panel of security experts from across the...
Blog
Life in Cybersecurity: From Nursing to Threat Analyst
By Joe Pettit on Wed, 04/10/2024
As digital threats increase, we see more professionals transition into cybersecurity. Some come from previous technical roles, and some do not. However, because cybersecurity is primarily a problem-solving industry, those who switch from other high-pressure, high-performance positions are often best prepared for the job. Take Gina D’Addamio , for example, a former nurse turned threat analyst. I...
Blog
Embracing Two-Factor Authentication for Enhanced Account Protection
By Fortra Staff on Wed, 04/10/2024
Let’s start the second quarter of the year with boosting our security posture by adopting two-factor authentication methods on our accounts to make them more secure. Two-factor authentication (2FA) is an identity and access management security method that requires two forms of identification to access resources and data. The first factor you provide is a password (often referred to as something...
Blog
VERT Threat Alert: April 2024 Patch Tuesday Analysis
By Tyler Reguly on Tue, 04/09/2024
Today’s VERT Alert addresses Microsoft’s April 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1101 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-26234 This CVE describes a Proxy Driver Spoofing Vulnerability that, thanks to Microsoft’s new CWE listings , we know is tied to Improper Access Control . From a...
On-Demand Webinar
Perfecting Security Hardening One Step at a Time
Tue, 04/09/2024
Sometimes the wisest thing we can do as cybersecurity practitioners is to zoom out and look at our systems holistically. Security hardening is the practice of closing potential points of entry over the scope of your entire system, from applications to servers and everything in between. Another way to put this is “shrinking the attack surface.” Watch this on-demand webinar presented by Fortra’s...
Blog
Cybersecurity Compliance Around the Globe: India's DPDP
By Fortra Staff on Tue, 04/09/2024
In an era where data breaches and privacy concerns are increasingly shaping global discourse, India's proactive stance on data protection is noteworthy. Introducing the Digital Personal Data Protection (DPDP) Act 2023 marks a significant milestone in India's legislative landscape. This groundbreaking Act fortifies individual data privacy rights and aligns India with global cybersecurity and data...