Resources

Tripwire VERT
Blog
Blog

VERT Threat Alert: April 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 04/09/2024
Today’s VERT Alert addresses Microsoft’s April 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1101 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-26234 This CVE describes a Proxy Driver Spoofing Vulnerability that, thanks to Microsoft’s new CWE listings , we know is tied to Improper Access Control . From a...
Vulnerability & Risk Management
VERT Research
Blog
Blog

VERT Threat Alert: March 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 03/12/2024
Today’s VERT Alert addresses Microsoft’s March 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1097 as soon as coverage is completed. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs included in the March Patch Tuesday release. CVE Breakdown by Tag While historical Microsoft Security Bulletin groupings are gone...
Vulnerability & Risk Management
VERT Research
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: February 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 02/13/2024
Today’s VERT Alert addresses Microsoft’s February 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1093 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-21351 This CVE describes a bypass in the Windows SmartScreen Security Feature. At this point, these bypasses have become relatively common and are frequently...
Vulnerability & Risk Management
VERT Research
Tips for Ensuring HIPAA Compliance
Blog
Blog

Tips for Ensuring HIPAA Compliance

By Tripwire Guest Authors on Wed, 01/17/2024
Like every other industry, the healthcare sector is barely recognizable when compared to its state 20 years ago. It, too, has been transfigured by technology. While this has brought many impactful benefits, it has also introduced at least one major challenge: keeping sensitive patient information private. At the heart of this privacy challenge stands the venerable Health Insurance Portability and...
Compliance
HIPAA
Why Therapists need Data Protection and Cybersecurity
Blog
Blog

Why Therapists need Data Protection and Cybersecurity

By Gary Hibberd on Tue, 01/16/2024
Cybersecurity in Mental Healthcare - The Overlooked Risk Did you know the New-Age Therapeutic sector is unregulated? If that surprises you, then you’re not alone. I was a little surprised, too. Yes, there are various professional bodies a practitioner can join, and there are courses they can attend, but they aren’t forced to. It should be noted that professional, licensed psychotherapists and...
Cybersecurity
Compliance
HIPAA
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: January 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 01/09/2024
Today’s VERT Alert addresses Microsoft’s January 2024 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1088 as soon as coverage is completed. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs included in the January Patch Tuesday drop. CVE Breakdown by Tag While historical Microsoft Security Bulletin groupings are...
Vulnerability & Risk Management
VERT Research
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: December 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 12/12/2023
Today’s VERT Alert addresses Microsoft’s December 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1086 on Wednesday, December 13th. In-The-Wild & Disclosed CVEs CVE-2023-20588 AMD has released AMD-SB-7007 – Speculative Leaks Security Notice , which describes how some AMD processors can potentially return speculative data after a...
Vulnerability & Risk Management
VERT Research
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: November 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 11/14/2023
Today’s VERT Alert addresses Microsoft’s November 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1082 on Wednesday, November 15th. In-The-Wild & Disclosed CVEs CVE-2023-36033 A vulnerability in the Microsoft Desktop Window Manager (DWM) could allow an attacker to gain SYSTEM level privileges. This vulnerability has been publicly...
Vulnerability & Risk Management
VERT Research
Plastic surgeries warned by the FBI that they are being targeted by cybercriminals
Blog
Blog

Plastic surgeries warned by the FBI that they are being targeted by cybercriminals

By Graham Cluley on Wed, 10/18/2023
Plastic surgeries across the United States have been issued a warning that they are being targeted by cybercriminals in plots designed to steal sensitive data including patients' medical records and photographs that will be later used for extortion. The warning , which was issued by the FBI yesterday and is directed towards plastic surgery offices and patients, advises that extortionists have been...
Cybersecurity
Compliance
HIPAA
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: October 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 10/10/2023
Today’s VERT Alert addresses Microsoft’s October 2023 Security Updates , which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1077 on Wednesday, October 11th. In-The-Wild & Disclosed CVEs CVE-2023-41763 While this vulnerability is labeled as a Skype for Business Elevation of Privilege Vulnerability, the...
Vulnerability & Risk Management
VERT Research
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: September 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 09/12/2023
Today’s VERT Alert addresses Microsoft’s September 2023 Security Updates , which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1073 on Wednesday, September 13th. In-The-Wild & Disclosed CVEs CVE-2023-36761 Microsoft has indicated that a vulnerability impacting Microsoft Word, including the preview pane...
Vulnerability & Risk Management
VERT Research
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: August 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 08/08/2023
Today’s VERT Alert addresses Microsoft’s August 2023 Security Updates , which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1068 on Wednesday, August 9th. In-The-Wild & Disclosed CVEs CVE-2023-38180 A vulnerability in Kestrel could allow for a denial of service. Kestrel is the cross-platform web server...
Vulnerability & Risk Management
VERT Research
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: July 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 07/11/2023
Today’s VERT Alert addresses Microsoft’s July 2023 Security Updates , which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1064 on Wednesday, July 12th. In-The-Wild & Disclosed CVEs CVE-2023-32046 A vulnerability in MSHTML could allow an attacker to execute code in the context of the logged in user providing the attacker...
Vulnerability & Risk Management
VERT Research
Guide
Guide

How Managed Services Can Help With Cybersecurity Compliance

Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance. Managed service providers...
Compliance
CIS Controls
FISMA
GDPR
HIPAA
NERC CIP
NIST
PCI DSS
SOX
Tripwire VERT
Blog
Blog

VERT Threat Alert: June 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 06/13/2023
Today’s VERT Alert addresses Microsoft’s June 2023 Security Updates , which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1060 on Wednesday, June 14th. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs in the June Patch Tuesday drop. CVE Breakdown by Tag While historical Microsoft Security Bulletin...
Vulnerability & Risk Management
VERT Research
Tripwire VERT
Blog
Blog

VERT Threat Alert: May 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 05/09/2023
Today’s VERT Alert addresses Microsoft’s May 2023 Security Updates , which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1055 on Wednesday, May 10th. In-The-Wild & Disclosed CVEs CVE-2023-29336 Up first this month is a vulnerability reported by Avast in Win32k. This vulnerability could allow an authenticated attacker to...
Vulnerability & Risk Management
VERT Research
Tripwire VERT
Blog
Blog

VERT Threat Alert: April 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 04/11/2023
Today’s VERT Alert addresses Microsoft’s April 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1050 on Wednesday, April 12th. In-The-Wild & Disclosed CVEs CVE-2023-28252 A vulnerability in the Common Log File System (CLFS) Driver has been exploited in-the-wild. CLFS provides a general-purpose logging service to other software via the...
Vulnerability & Risk Management
VERT Research
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: March 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 03/14/2023
Today’s VERT Alert addresses Microsoft’s March 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1046 on Wednesday, March 15th. In-The-Wild & Disclosed CVEs CVE-2023-24880 Up first this month is a publicly disclosed and exploited vulnerability impacting Windows SmartScreen. SmartScreen prompts you when running certain files downloaded...
Vulnerability & Risk Management
VERT Research
Tripwire VERT
Blog
Blog

VERT Threat Alert: February 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 02/14/2023
Today’s VERT Alert addresses Microsoft’s February 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1042 on Wednesday, February 15th. In-The-Wild & Disclosed CVEs CVE-2023-21823 The first vulnerability in the list this week is CVE-2023-21823, a vulnerability in Windows Graphic Component that can allow for code execution leading to...
Vulnerability & Risk Management
VERT Research
Tripwire VERT Security Update
Blog
Blog

VERT Threat Alert: January 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 01/10/2023
Today’s VERT Alert addresses Microsoft’s January 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1037 on Wednesday, January 11th. In-The-Wild & Disclosed CVEs CVE-2023-21549 A vulnerability in the SMB Witness Service was reported by two Akamai researchers, Stiv Kupchik and Ophir Harpaz . The vulnerability allows for a privilege...
Vulnerability & Risk Management
VERT Research