Resources

Blog

Massive Surge in Security Breaches of Pensions Prompt Questions

By Josh Breaker-Rolfe on Thu, 11/02/2023

Image A recent report from RPC has revealed that cybersecurity breaches in UK pension schemes increased by 4,000% from 2021/22 to 2022/23. Understandably, the announcement has raised serious concerns about the efficacy of financial service organization’s cybersecurity programmes. Although the reasons for cyberattacks on financial...

Guide

10 Common Security Misconfigurations and How to Fix Them

Is your organization using default security settings, or do you have a security configuration management (SCM) program in place to ensure your configurations are as secure as possible? Misconfigurations are a leading cause of unauthorized access and security breaches, creating entry points for hackers in servers, websites, software, and cloud infrastructure. The Open Worldwide...

Blog

5 Tripwire Enterprise Misconfigurations to Avoid

By Jeff Hines on Tue, 10/24/2023

Image Configuration management is vitally important as part of a sound cybersecurity strategy. We have previously published how patching alone is not enough, as that does not alter a system’s customized configuration. Misconfigurations can be as damaging to security as a deliberate attack on a system. As the manufacturer of Tripwire...

Blog

Plastic surgeries warned by the FBI that they are being targeted by cybercriminals

By Graham Cluley on Wed, 10/18/2023

Image Plastic surgeries across the United States have been issued a warning that they are being targeted by cybercriminals in plots designed to steal sensitive data including patients' medical records and photographs that will be later used for extortion. The warning, which was issued by the FBI yesterday and is directed towards...

Blog

What is a CMDB?

By Lane Thames on Tue, 10/17/2023

Image There are countless tools and technologies available to help an organization stay on top of its IT assets, and a configuration management database (CMDB) is an extremely useful one. The database keeps track of relevant information regarding various hardware and software components and the relationships between them. It allows...

Blog

Understanding Cybersecurity Footprinting: Techniques and Strategies

By Dilki Rathnayake on Mon, 10/16/2023

Image Footprinting, also known as fingerprinting, is a methodology used by penetration testers, cybersecurity professionals, and even threat actors to gather information about a target organization to identify potential vulnerabilities. Footprinting is the first step in penetration testing. It involves scanning open ports, mapping...

Blog

Compliance vs. Security: Striking the Right Balance in Cybersecurity

By Jay Thakkar on Mon, 10/09/2023

Image Compliance and security often go hand in hand as ideas that attempt to protect against cyber threats. While both compliance and security are designed to lower risk, they are not mutually inclusive—that is, not everything that is required for compliance will necessarily help with security, and not everything that bolsters...

Blog

Revealed! The top 10 cybersecurity misconfigurations, as determined by CISA and the NSA

By Graham Cluley on Fri, 10/06/2023

Image A joint cybersecurity advisory from the United States's National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) has shone a light on the top ten most common cybersecurity misconfigurations found in large private and public organisations. The report aims to detail the weaknesses found in many...

Blog

How MSSPs Help with Cybersecurity Compliance

By Zack Jessee on Wed, 10/04/2023

Image While always a part of business, compliance demands have skyrocketed as the digital world gives us so many more ways to go awry. We all remember the Enron scandal that precipitated the Sarbanes-Oxley Act (SOX). Now, SOX compliance means being above board on a number of cybersecurity requirements as well. Fortra's Tripwire...

Blog

What is NERC? Everything you need to know

By Michael Betti on Tue, 10/03/2023

Image Electric grids are part of every nation’s critical infrastructure. Every societal activity and business depends on reliable and safe electricity distribution. The US electric grid is a huge network of powerlines, distribution hubs, and renewable and non-renewable energy generators that is increasingly exposed to cyber-physical...

Blog

Fighting AI Cybercrime with AI Security

By Tripwire Guest Authors on Mon, 10/02/2023

Image On August 10th, the Pentagon introduced "Task Force Lima," a dedicated team working to bring Artificial Intelligence (AI) into the core of the U.S. defense system. The goal is to use AI to improve business operations, healthcare, military readiness, policy-making, and warfare. Earlier in August, the White House announced a...

On-Demand Webinar

Best Practices for the PCI DSS 4.0 Countdown

Wed, 09/27/2023

The deadline for compliance with the Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements isn’t until March 31, 2024, but organizations that allow those remaining months to fly by without adequate preparation may face last-minute PCI panic. The best approach is to steadily reach key milestones so you’ll be fully prepared when the deadline arrives. Watch the...

Blog

Closing Integrity Gaps with NIST CSF

By Lane Thames on Wed, 09/27/2023

Image The then-new 2014 NIST Cybersecurity Framework (CSF) was designed to plug security gaps in operational technology. It’s still in use today and more relevant than ever. Fortra’s whitepaper provides a cohesive review of this security staple and how to glean the best out of it for your strategy. A Brief History of NIST CSF “The...

Blog

Defending against DDoS Attacks: What you need to know

By Bob Covello on Mon, 09/25/2023

Image Patience is one of those time-dependent, and often situational circumstances we experience. Few things define relativity better than patience. Think of the impatience of people who have to wait ten minutes in a line at a gas station, yet the thought of waiting ten minutes for a perfectly brewed cup of coffee seems entirely...

Blog

Increasing Your Business’ Cyber Maturity with Fortra

By Antonio Sanchez on Wed, 09/20/2023

Image When building a tower, it helps to start with a sturdy foundation. Cyber maturity is the tower, and there are three levels that build it: Foundational IT/OT & Security Control Processes Fundamental Security Control Capabilities Advanced Security Control Capabilities Fortra occupies a unique space in the industry because of...

Blog

General Data Protection Regulation (GDPR) – The Story So Far

By Gary Hibberd on Tue, 09/19/2023

Image Do you remember where you were on 25th May 2018? Perhaps you were enjoying a Friday night drink with friends. Perhaps you were with family, relaxing after a busy week at work. I was actually having a GDPR Birthday party with friends and colleagues because 25th May 2018 was a landmark day for the world of Data Protection (yes,...

Blog

The Consequences of Non-Compliance in Cybersecurity: Risks and Penalties

By Stefanie Shank on Tue, 09/19/2023

Image Non-compliance in cybersecurity marks a grave oversight. It involves neglecting established security protocols, leaving organizations vulnerable to malicious actors. Read on as we examine the potential risks of non-compliance, including heightened susceptibility to cyberattacks, the specter of data breaches, and the erosion of a...

Blog

Guarding Against Fileless Malware: Types and Prevention

By Dilki Rathnayake on Thu, 09/14/2023

Image Fileless malware, true to its name, is malicious code that uses existing legitimate programs in a system for compromise. It operates directly in the Random Access Memory (RAM) without requiring any executable files in the hard drive. Differing from conventional malware, fileless attacks are stealthier in nature, falling under...

Blog

5 Reasons Why You Should Conduct Regular Cybersecurity Audits

By Chester Avey on Wed, 09/13/2023

Image Cyber threats are growing more sophisticated, covert, and frequent every day. This year alone has seen the likes of T-Mobile and PharMerica suffering serious security breaches. These incidents disrupted operations and threatened their bottom lines, not to mention the lingering aftereffects and negative brand perception in the...

Blog

What is ISO 27002:2022 Control 8.9? A Quick Look at the Essentials

By Taha Dharsi on Wed, 09/06/2023

Image The basic parameters that control how hardware, software, and even entire networks operate are configurations, whether they take the form of a single configuration file or a collection of connected configurations. For instance, the default properties a firewall uses to control traffic to and from a company's network, such as...

Massive Surge in Security Breaches of Pensions Prompt Questions

10 Common Security Misconfigurations and How to Fix Them

5 Tripwire Enterprise Misconfigurations to Avoid

Plastic surgeries warned by the FBI that they are being targeted by cybercriminals

What is a CMDB?

Understanding Cybersecurity Footprinting: Techniques and Strategies

Compliance vs. Security: Striking the Right Balance in Cybersecurity

Revealed! The top 10 cybersecurity misconfigurations, as determined by CISA and the NSA

How MSSPs Help with Cybersecurity Compliance

What is NERC? Everything you need to know

Fighting AI Cybercrime with AI Security

Best Practices for the PCI DSS 4.0 Countdown

Closing Integrity Gaps with NIST CSF

Defending against DDoS Attacks: What you need to know

Increasing Your Business’ Cyber Maturity with Fortra

General Data Protection Regulation (GDPR) – The Story So Far

The Consequences of Non-Compliance in Cybersecurity: Risks and Penalties

Guarding Against Fileless Malware: Types and Prevention

5 Reasons Why You Should Conduct Regular Cybersecurity Audits

What is ISO 27002:2022 Control 8.9? A Quick Look at the Essentials

Contact Information

Privacy Policy

Cookie Policy

Impressum