Resources

Insights for Navigating PCI-DSS 4.0 Milestones

With the PCI-DSS 4.0 implementation deadline looming just around the corner in 2024, financial companies have no time to waste when it comes to reaching key compliance milestones. Watch this on-demand webinar presented by Fortra’s Tripwire and BankInfoSecurity.com designed to help you get—and stay—on track for PCI 4.0 compliance. Hear from industry experts on preparing for PCI...

Blog

Tripwire’s Vulnerability Exposure Research Team (VERT): What you need to know

By Joe Pettit on Thu, 04/13/2023

Image Each month, at the State of Security, we publish a range of content provided by VERT. Whether it’s a round-up of all the latest cybersecurity news, our Patch Priority Index that helps guide administrators on what they should be patching , a book review, general musings from the team, or most notability our Patch Tuesday round-up...

Blog

CISA Publishes Advisory on Improving Network Monitoring and Hardening

By Anastasios Arampatzis on Wed, 04/12/2023

Image CISA released in late February a cybersecurity advisory on the key findings from a recent Cybersecurity and Infrastructure Security Agency (CISA) red team assessment to provide organizations recommendations for improving their cyber posture. According to the Agency, the necessary actions to harden their environments include...

Blog

VERT Threat Alert: April 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 04/11/2023

Image Today’s VERT Alert addresses Microsoft’s April 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1050 on Wednesday, April 12th. In-The-Wild & Disclosed CVEs CVE-2023-28252 A vulnerability in the Common Log File System (CLFS) Driver has been exploited in-the-wild....

Blog

30 Ransomware Prevention Tips

By Tripwire Guest Authors on Tue, 04/11/2023

Image Dealing with the aftermath of ransomware attacks is like Russian roulette. Submitting the ransom might seem like it’s the sole option for recovering locked data. Ransomware also continues to evolve as a threat category within the past year, with old names like REvil rearing their heads and new players like Black Basta emerging...

Blog

Tripwire Patch Priority Index for March 2023

By Lane Thames on Tue, 04/04/2023

Image Tripwire's March 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Google and Microsoft. First on the patch priority list this month is a patch for Microsoft Office Outlook that resolves a critical elevation of privilege vulnerability (CVE-2023-23397) that should be patched as soon as possible. This...

Guide

PCI DSS 4.0 Compliance

Maintaining compliance is a difficult job—both in scope and in practical application. Organizations need to comply with a vast array of regulations, and the number is constantly increasing. Compliance is consistently tightening; businesses and financial institutions now have to learn and dive into the new Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements...

Blog

Don’t fail an audit over a neglected annual policy review

By Tripwire Guest Authors on Mon, 03/20/2023

Image When did you last have a light-bulb moment? For me, it was very recent. I was working with a client, supporting them in their latest Payment Card Industry Data Security Standard (PCI DSS) annual compliance assessment, and, in discussion with the Qualified Security Assessor (QSA), I had a sudden urge to challenge something we’ve...

Blog

How Retiring Gas and Coal Plants Affects Grid Stability

By Katrina Thompson on Thu, 03/16/2023

Image Legacy gas and coal plants are being aged out – and no one wants to pay enough to keep them going. With increased pressure from green energy laws and added competition from renewable sources, these monsters of Old Power are being shown the door. Considering they've predated and precipitated all Industrial Revolutions (except for...

Blog

VERT Threat Alert: March 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 03/14/2023

Image Today’s VERT Alert addresses Microsoft’s March 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1046 on Wednesday, March 15th. In-The-Wild & Disclosed CVEs CVE-2023-24880 Up first this month is a publicly disclosed and exploited vulnerability impacting Windows...

Blog

ISO27001 Updates: Change is afoot

By Tripwire Guest Authors on Mon, 03/13/2023

Image If you blinked, you might have missed it… On October 25th 2022, the new standard for the Information Security Management System, ISO27001 was released. Without fuss, and without fanfare. But, to quote a famous movie, “There was a great disturbance in the force.” ISO27001 is possibly one of the world's best-known standards...

Blog

The Language of Cybersecurity Frameworks, Guidance, Regulations, and Standards

By Bob Covello on Wed, 02/15/2023

Image When it comes to acronyms, Technology and Cybersecurity often rival various branches of government. Technology acronyms are usually somewhat bland, amounting to little more than the arcane argot of the profession, such as SOC, SIEM, and DNS. Government, however, rarely disappoints in its inventiveness, whether it is the...

Blog

VERT Threat Alert: February 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 02/14/2023

Image Today’s VERT Alert addresses Microsoft’s February 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1042 on Wednesday, February 15th. In-The-Wild & Disclosed CVEs CVE-2023-21823 The first vulnerability in the list this week is CVE-2023-21823, a vulnerability in...

Blog

Tripwire Patch Priority Index for January 2023

By Lane Thames on Tue, 02/07/2023

Image Tripwire's January 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe. First on the patch priority list this month are patches for Microsoft Visio and Microsoft Office that resolve 6 vulnerabilities, including remote code execution and information disclosure vulnerabilities. Next...

Blog

The State of the US National Cybersecurity Strategy for the Electric Grid

By Anastasios Arampatzis on Wed, 02/01/2023

Image The distribution systems of the U.S. energy grid — the portions of the grid that carry electricity to consumers — are growing more susceptible to cyber-attacks, in part due to the advent of monitoring and control technology and their reliance on them. However, the magnitude of the possible consequences of such attacks is not...

Blog

Healthcare Supply Chain Attacks Raise Cyber Security Alarm

Wed, 01/11/2023

Image The healthcare sector has become a popular target for cybercriminals and is one of the most targeted industries by cyber criminals. In 2022, 324 attacks were reported in the first half of the year. As bad actors continue to target the healthcare industry, cybersecurity experts and healthcare administrators should be aware...

Blog

VERT Threat Alert: January 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 01/10/2023

Image Today’s VERT Alert addresses Microsoft’s January 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1037 on Wednesday, January 11th. In-The-Wild & Disclosed CVEs CVE-2023-21549 A vulnerability in the SMB Witness Service was reported by two Akamai researchers, Stiv...

Blog

Is a Shift Left Approach Hurting Software and Supply Chain Security?

By Anastasios Arampatzis on Tue, 01/10/2023

Image As the cyber threat evolves, adversaries are increasingly targeting non-publicly disclosed vulnerabilities in the software supply chain. Attackers are able to stealthily travel between networks because to a vulnerability in the supply chain. To combat this risk, the cybersecurity community must center its efforts on protecting...

Blog

What are sandboxes? How to create your own sandbox

By Tripwire Guest Authors on Tue, 01/03/2023

Image In the language of technology, a sandbox is a safe testing environment that is isolated from the rest of your network or system. Developers use sandboxes to test their code before deployment. In cybersecurity, suspicious and potentially unsafe programs, software, and attachments are executed in sandboxes to detect malware and to...

Blog

Tripwire Patch Priority Index for November 2022

By Lane Thames on Thu, 12/22/2022

Image Tripwire's November 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Office, Word, and Excel that resolve 8 vulnerabilities, including remote code execution, information disclosure, and security feature bypass...

First page
Previous page
…
4
5
6
7
8
9
10
11
12
…
Next page
Last page

Insights for Navigating PCI-DSS 4.0 Milestones

Tripwire’s Vulnerability Exposure Research Team (VERT): What you need to know

CISA Publishes Advisory on Improving Network Monitoring and Hardening

VERT Threat Alert: April 2023 Patch Tuesday Analysis

30 Ransomware Prevention Tips

Tripwire Patch Priority Index for March 2023

PCI DSS 4.0 Compliance

Don’t fail an audit over a neglected annual policy review

How Retiring Gas and Coal Plants Affects Grid Stability

VERT Threat Alert: March 2023 Patch Tuesday Analysis

ISO27001 Updates: Change is afoot

The Language of Cybersecurity Frameworks, Guidance, Regulations, and Standards

VERT Threat Alert: February 2023 Patch Tuesday Analysis

Tripwire Patch Priority Index for January 2023

The State of the US National Cybersecurity Strategy for the Electric Grid

Healthcare Supply Chain Attacks Raise Cyber Security Alarm

VERT Threat Alert: January 2023 Patch Tuesday Analysis

Is a Shift Left Approach Hurting Software and Supply Chain Security?

What are sandboxes? How to create your own sandbox

Tripwire Patch Priority Index for November 2022

Contact Information

Privacy Policy

Cookie Policy

Impressum