Resources

Blog

How to deal with cyberattacks this holiday season

The holiday season has arrived, and cyberattacks are expected to increase with the upcoming celebratory events. According to The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) 2022 Holiday Season Threat Trends and summary report, ransomware and phishing attacks are expected to increase in retail. With the FIFA World Cup 2022,...
Blog

2023 Cybersecurity Almanac

As we walk towards the end of 2022, full-scale predictions are made about the trends for cybersecurity in the upcoming year: how will cybersecurity affect us, what major cyber threats will dominate the landscape, and, where shall we allocate cybersecurity budgets? Above all, what can we do to secure our businesses and protect our tangible and...
Blog

CISO interview with Darren Desmond, the CISO with the Automobile Association in the UK

Philip Ingram (PI) talked to Darren Desmond (DD). Darren currently works with the Automobile Association (AA) in the UK as the Chief Information Security Officer (CISO), joining in 2018. He started his professional career in the British Army's Royal Military Police, before a stint in the Special Investigation Branch, and Military Intelligence....
Blog

Cybersecurity challenges facing SMBs and steps to protect them

Businesses come in many different sizes, yet, they all share one similarity; the growing need for cybersecurity in today’s ever-changing technology landscape. While large companies with robust security infrastructure and experience may ward off many aspiring cybercriminals, small to medium-sized businesses (SMBs) prove to be ideal targets. Lacking...
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of December 5, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of December 5th, 2022. I’ve also included some comments on these stories. Vulnerable Redis servers allow malware to drop a...
Blog

Malicious hackers exploit Seoul Halloween tragedy in zero-day attack

Malicious hackers, hell-bent on infiltrating an organisation, have no qualms about exploiting even the most tragic events. Take, for instance, the horrific crowd crush that occurred in Seoul's nightlife district of Itaweon on 29 October, when over 150 people were killed during Halloween festivities. Google's Threat Analysis Group (TAG) reports...
Blog

Tripwire Patch Priority Index for October 2022

Tripwire's October 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe. First on the patch priority list this month are patches for Chromium and Microsoft Edge based on Chromium. These patches resolve over 10 issues such as user-after-free, insufficient policy enforcement, and out-of-bounds write...
Blog

Choosing the Right Industrial Cybersecurity Framework

It’s no surprise that industrial environments have become increasingly valuable targets for malicious behavior. The State of Security has featured many cybersecurity events across myriad industrial verticals, including but not limited to chemical manufacturing, transportation, power generation and petrochemical. Several of these industries have...
Blog

How proper use of Identity and Access Management (IAM) can protect your organization from breaches.

In the world of security, authentication, and authorization methodologies are foundational aspects of defense. Authentication techniques protect against unlawful entry to systems through the verification of a user, and authorization either grants or denies the verified user’s access level. For example, if an employee from the finance department...
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of November 28, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of November 28th, 2022. I’ve also included some comments on these stories. UEFI bugs disabled Secure Boot Acer has fixed a...
Blog

Whoops! Researchers accidentally crash botnet used to launch DDoS and cryptomining campaigns

Researchers investigating a newly-discovered botnet have admitted that they "accidentally" broke it. In November, security experts at Akamai described a Golang-based botnet that they had discovered, hijacking PCs via SSH and weak credentials in order to launch distributed denial-of-service (DDoS) attacks and mine cryptocurrency. The botnet, which...
Blog

What Can Football Teach Cybersecurity About Resilience?

One thing is for certain in football, surprises do happen. Whether it is Saudi Arabia beating Argentina or Germany losing to Japan in the World Cup 2022, football is a sport full of excitement. But have you ever thought that football can teach us many great lessons about cybersecurity? Football can be a great teachable moment for cybersecurity ...
Blog

Tripwire Enterprise Use Cases – Advanced Monitoring

Many people remember where they were during historic events. Whether it is a personal, or a public occurrence, it’s just human nature to remember these significant moments. Every profession also has its share of memorable events. In medicine, those who were in the profession will remember where they were when they heard about the first heart...
Blog

Zero Trust: Key challenges, benefits and how it works

Zero trust is a security approach which replaces the traditional network edge. Since network resources can be anywhere – on-premises, in the cloud, or a hybrid of both – zero trust is built towards an identity-centric approach. This places people and resources at the heart of the security architecture. What is a zero-trust model? The most...
Blog

Cyberattacks are targeting smaller healthcare companies and specialty clinics. But why?

The healthcare industry has been a favored target for cybercriminals for many years. In the first half of 2022 alone, 324 attacks against healthcare organizations have been reported. Attackers have primarily focused on large hospitals in years past, but there has been a sudden switch to smaller healthcare companies and specialty clinics. There...
Blog

80% of SMBs Are Vulnerable — Here’s How to Stay Safe

It would be nice to imagine that when cyber criminals look for their next target, they ignore the small- and medium-sized businesses (SMBs) that simply can’t afford an attack. Unfortunately, that’s not the case. In fact, 43% of cyber attacks are directed at SMBs. Today, a massive 80% of North American SMBs are at risk of a cyber attack. This is...
Blog

Staying protected from cybercriminals this holiday season

As we approach the holiday season, we wanted to focus this month’s post on you (and your family). Bad guys don’t just wait until the holidays to start causing havoc, they also relentlessly target all of us all throughout the year. Judging by our perseverance, nothing is going to keep us from a good holiday deal, and attackers love to use this season...