Image The payment industry is bracing for the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0, heralding significant changes in cybersecurity practices. As we approach the implementation of this revised standard, a critical focal point emerges: the role and new mandate of web application firewalls (WAFs) in...

Image Anyone can get scammed. If you think you're somehow immune to being scammed, then, in my opinion, you're a prime target for being scammed. No one is too big, too clever, too security-savvy to avoid being duped because it's only human to make a mistake and screw up. And that certainly seems to be the case with Bill Lou. Bill...

Image Continuous Integration and Continuous Delivery (CI/CD) security has become crucial to modern software development practices. As the speed of software development increases with DevOps and Agile methodologies, there is a growing need to ensure the integrity of software across the entire development pipeline. CI/CD security...

Image At the turn of the millennium, few people were worried about cybercrime. The Good Friday Agreement had just come into effect, the US expelled a Russian diplomat for spying, and the threat of the Y2K bug loomed. ILOVEYOU, the computer worm that catapulted cybercrime into the public consciousness, was still five months away. Today...

Image What Is the Future and Technology of Zero Trust? In the dynamic realm of cybersecurity, the future of Zero Trust unfolds with promises and challenges. In the second part of the Zero Trust series, we explore the insights from industry experts, contemplate the intersection of trust and security, and chart a course for the...

Image Despite increasing data breaches, ransomware attacks, and assorted cyber threats, convincing the Board of Directors to invest in robust cybersecurity isn't always easy for many businesses. The challenge originates mainly from the need to demonstrate a quantifiable Return On Investment (ROI) from any cybersecurity initiative....

Image Cloud optimization is the process of correctly selecting and assigning the right resources to a workload or application with the ultimate goal of minimizing costs while improving performance and efficiency. These resources can range from computational power, memory, and storage to network capabilities. The cloud optimization...

Image We live in a highly digitized world, and small businesses and solopreneurs have become prime targets for cybercriminals. The 2023 Business Impact Report, conducted by the Identity Theft Resource Center (ITRC), sheds light on a concerning trend: a sharp rise in cyberattacks on these smaller entities. This annual report reveals...

Image Cybersecurity is an essential consideration for any organization that deals in the digital sphere on any level, and the education sector is no exception. In recent years, the global pandemic and technological advances have led to a massive shift toward online learning, which has posed a number of challenges to educators and...

Image At the recent Tripwire Energy and NERC Compliance Working Group, we held a session to demonstrate some tips and tricks to make the latest Tripwire State Analyzer (TSA) work better for your organization. The newest State Analyzer version is 1.5.2, which offers features that align it with most of the latest systems and practices....

Image In an era where knowledge and creativity are the cornerstones of progress, intellectual property (IP) is not just a legal asset but the very lifeblood that sustains business innovation, competitiveness, and growth. However, as we march deeper into the digital age, the specter of intellectual property theft looms larger than ever...

Image One of the most critical aspects of cybersecurity is ensuring that all software is kept up to date with the latest patches. This is necessary to cover any vulnerabilities that cybercriminals could take advantage of in order to infiltrate an organization and launch an attack. With the volume of updates and the effort needed to...

Image In the fast-evolving world of cybersecurity, the transition to remote work, the challenges of Zero Trust adoption, and the technology that supports it have taken center stage. Join me as we explore the insights of cybersecurity professionals and uncover the realities of this transformative journey. The Hype Surrounding Remote...

Image Earlier this year, the SEC proposed a new set of rules on cybersecurity governance, which would require public companies to make appropriate disclosures of cyber risks and management procedures. Although the amendments target the financial sector, it is one more evidence of the fact that cybersecurity is no longer a backburner...

Image Most of the team that I work with on a daily basis is heavily invested in Python. As such, it was difficult to find people interested in reading The Rust Programming Language, 2nd Edition. In the end, two members of the team tackled the book, and it took them longer to complete the read than I would have expected. While I...

Image What's happened? Researchers at Abnormal have discovered the latest evolution in call-back phishing campaigns. Call-back phishing? Traditional phishing emails might contain a malicious link or attachment, and lure recipients into clicking on them via social engineering techniques. Call-back phishing dupes unsuspecting...

Image Frankly stated, operational resilience is your ability to climb the mountain, no matter the weather. Businesses now need more than a good security structure to weather the storms of AI-driven threats, APTs, cloud-based risks, and hyper-distributed environments. And more importantly, operational resilience in 2024 requires a...

Image Electrical utilities are responsible for just about everything we do. This presents a tremendous burden on those who operate those utilities. One way these organizations offer assurance is through the audit process. While audits can generate tremendous anxiety, good planning, and tools can help make the entire process go...

Image Today’s VERT Alert addresses Microsoft’s December 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1086 on Wednesday, December 13th. In-The-Wild & Disclosed CVEs CVE-2023-20588 AMD has released AMD-SB-7007 – Speculative Leaks Security Notice, which describes how...

Image A malicious hacking group, thought to have been operating since at least 2013, may have suffered a significant blow after the arrest of a suspected leading member by Spanish police late last week. Spain's National Police arrested a Venezuelan man in Alicante on Thursday, in the belief that he is connected to the Kelvin Security...