Resources

Glamourizing fraudsters hurts victims of fraud, and society
Blog
Blog

Glamourizing fraudsters hurts victims of fraud, and society

By Martina Dove on Fri, 04/14/2023
We seem to be fascinated by fraudsters, and recent documentaries prove this. The documentary landscape is populated with many fraud-centered stories, such as The Tinder Swindler, Fyre, The Con, Fake Heiress, The Inventor, and many others. Some have even been made into series, such as the story of Elisabeth Holmes in The Dropout , and the story of Anna Delvey in Inventing Anna . We just can’t get...
Cybersecurity
The U.S. Army Is Revamping Its Cybersecurity Approach
Blog
Blog

The U.S. Army Is Revamping Its Cybersecurity Approach

By Tripwire Guest Authors on Thu, 04/13/2023
Military cybersecurity operations are shifting to a digital battlefield, where tools and technology work to save lives and increase efficiency. With these advancements comes the increased need for resilient measures to meet the needs of soldiers, leadership, and civilians alike. A ransomware attack rocked the U.S. Marshals Service in February 2023, compromising critical state data on everything...
Cybersecurity
Tripwire’s Vulnerability Exposure Research Team (VERT): What you need to know
Blog
Blog

Tripwire’s Vulnerability Exposure Research Team (VERT): What you need to know

By Joe Pettit on Thu, 04/13/2023
Each month, at the State of Security, we publish a range of content provided by VERT. Whether it’s a round-up of all the latest cybersecurity news , our Patch Priority Index that helps guide administrators on what they should be patching , a book review, general musings from the team, or most notability our Patch Tuesday round-up . VERT is helping organizations stay abreast of the cybersecurity...
Vulnerability & Risk Management
Cybersecurity
CISA Publishes Advisory on Improving Network Monitoring and Hardening.
Blog
Blog

CISA Publishes Advisory on Improving Network Monitoring and Hardening

By Anastasios Arampatzis on Wed, 04/12/2023
CISA released in late February a cybersecurity advisory on the key findings from a recent Cybersecurity and Infrastructure Security Agency (CISA) red team assessment to provide organizations recommendations for improving their cyber posture. According to the Agency, the necessary actions to harden their environments include monitoring network activity to spot abnormal behavior, conducting regular...
Vulnerability & Risk Management
Cybersecurity
Incident Detection & Investigation
30-ransomware-prevention-tips-bw
Blog
Blog

30 Ransomware Prevention Tips

By Tripwire Guest Authors on Tue, 04/11/2023
Dealing with the aftermath of ransomware attacks is like Russian roulette. Submitting the ransom might seem like it’s the sole option for recovering locked data . Ransomware also continues to evolve as a threat category within the past year, with old names like REvil rearing their heads and new players like Black Basta emerging in 2022. Malicious actors employ ransomware to extort money (at least...
Vulnerability & Risk Management
Cybersecurity
Incident Detection & Investigation
Securing your Digital Life: MFA, Password Managers and Risk
Blog
Blog

Securing your Digital Life: MFA, Password Managers and Risk

By Editorial Staff on Wed, 04/05/2023
In security, there are always tensions; the balancing act between security, convenience, and functionality. While these three, often competing interests cause many people to become frustrated, there are some simple steps that can ease the security struggle: Any Multi-Factor Authentication (MFA) is better than no MFA. Any password manager is better than not using one. Determine your current level...
Cybersecurity
Distributed Energy Resources and Grid Security
Blog
Blog

Distributed Energy Resources and Grid Security

By Tripwire Guest Authors on Tue, 04/04/2023
As the United States government, the energy industry, and individual consumers work toward cleaner and more sustainable energy solutions, it is crucial to consider how new and advancing technologies affect, and are affected by, cybersecurity concerns. ­­­­Increasing use of smart energy devices can be useful for consumers to have more control over their energy consumption, but can also pose a...
Cybersecurity
Industrial Control Systems
5 Secure Ways to Avoid Crypto Theft in 2023
Blog
Blog

5 Secure Ways to Avoid Crypto Theft in 2023

By Tripwire Guest Authors on Mon, 04/03/2023
The rise in popularity of cryptocurrencies has brought about significant concerns regarding wallet vulnerabilities and digital theft among individuals and businesses transacting in the market. While the meteoric rise in the value of cryptocurrency has attracted legitimate investors, it has also caught the attention of malicious actors who are constantly searching for vulnerabilities to exploit...
Cybersecurity
How-to-Secure-Your-Mobile-Device-in-Six-Steps
Blog
Blog

How to Secure Your Mobile Device: 8 Tips for 2023

By Tripwire Guest Authors on Tue, 03/28/2023
The rapidly changing technology and portability of mobile devices have forced people to rely heavily on those products. With their increased functionalities, mobile devices carry out a number of our day-to-day activities, such as surfing the web, booking appointments, setting up reminders, sharing files, instant messaging, video calling, and even mobile banking. Given all these functionalities...
Cybersecurity
Motivations for Insider Threats: What to Watch Out For
Blog
Blog

Motivations for Insider Threats: What to Watch Out For

By Tripwire Guest Authors on Tue, 03/28/2023
While a majority of discourse in the cybersecurity industry is focused on external threats – malicious hacking, phishing , and the like – the fact is that internal actors are just as capable of causing damage to an enterprise, if not more so. An insider threat may have access to resources or areas of the network that someone outside the organization would need to do extra work to obtain. Insider...
Cybersecurity
Guide
Guide

2023 Zero Trust Security Report

The concept of Zero Trust is quickly gaining momentum among enterprise IT security teams, with 87 percent saying their organizations have zero trust access in place and projects underway or planned. The 2023 Zero Trust Security Report reveals how enterprises are implementing zero trust security in their organizations, including key drivers, adoption trends, technologies, investments, and benefits...
Cybersecurity
Guide
Guide

PCI DSS 4.0 Compliance

Maintaining compliance is a difficult job—both in scope and in practical application. Organizations need to comply with a vast array of regulations, and the number is constantly increasing. Compliance is consistently tightening; businesses and financial institutions now have to learn and dive into the new Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements as the implementation...
Compliance
PCI DSS
5 Key Components of Cybersecurity Hardening
Blog
Blog

5 Key Components of Cybersecurity Hardening

Wed, 03/22/2023
Hardening in Cybersecurity Cybersecurity hardening is a comprehensive approach to keeping your organization safe from intruders, and mitigating risk. By reducing your attack surface, vulnerability is reduced in tandem. Hardening (or system hardening) considers all flaws and entry points potentially targeted by attackers to compromise your system. While innovative and determined cybercriminals will...
Cybersecurity
Key Findings: UK Cybersecurity Breaches Survey 2022
Blog
Blog

Key Findings: UK Cybersecurity Breaches Survey 2022

By Tripwire Guest Authors on Tue, 03/21/2023
The cybersecurity landscape is continuously evolving. It has led businesses to question how they are protecting themselves and their consumers from data breaches. Since 2014, the Department for Digital, Culture, Media and Sport (DCMS) has commissioned the Cybersecurity Breaches Survey of the UK to understand what protections are in place, and where the UK can improve for future security postures...
Cybersecurity
A-Look-at-The-2023-Global-Automotive-Cybersecurity-Report
Blog
Blog

A Look at The 2023 Global Automotive Cybersecurity Report

By Tripwire Guest Authors on Mon, 03/20/2023
From its inception, the automotive industry has been shaped by innovation and disruption. In recent years, these transformations have taken shape in rapid digitization, ever-growing Electric Vehicle (EV) infrastructure, and advanced connectivity . These shifts have redirected the automotive industry, meeting and surpassing customer expectations for what vehicles should accomplish. However, they...
Cybersecurity
Industrial Control Systems
keys
Blog
Blog

Free decryptor released for Conti-based ransomware following data leak

By Graham Cluley on Fri, 03/17/2023
Security researchers have released a new decryption tool that should come to the rescue of some victims of a modified version of the Conti ransomware, helping them to recover their encrypted data for free. Conti was one of the most notorious ransomware groups, responsible for hundreds of attacks against organisations, which netted criminals over $150 million. Its victims included the government of...
Cybersecurity
What-is-CSAF
Blog
Blog

What is CSAF (Common Security Advisory Framework)?

By Tripwire Guest Authors on Wed, 03/15/2023
The world of security advisories is disjointed, with disparate systems holding critical documentation in various formats. To make matters more challenging, despite living in a digital-first era, most of these documents are not legible for machines and must be parsed, reviewed, or referenced by humans. As system administrators contend with a rapidly changing threat landscape and the need to remain...
Cybersecurity
What-actually-is-database-integrity
Blog
Blog

What actually is database integrity?

By Faisal Parkar on Tue, 03/14/2023
If you were to poll the folks in a typical office about which aspect of the infamous CIA Triad was most important to them, you would likely get different answers from different people. While confidentiality, integrity, and availability are all important and serve to function together, for the sake of fun, what if you had to choose one factor as the most critical? The legal team would most likely...
Cybersecurity
5-social-engineering-attacks-bw
Blog
Blog

Social Engineering: Definition & 6 Attack Types

By Joe Pettit on Wed, 03/01/2023
We all know about the attacker who leverages their technical expertise to infiltrate protected computer systems and compromise sensitive data. This type of malicious actor ends up in the news all the time. But they’re not the only ones making headlines. So too are “social engineers,” individuals who use phone calls and other media to exploit human psychology and trick people into handing over...
Cybersecurity
Cyber-Attackers-Exploit-Government-Agencies-bw
Blog
Blog

9 Ways Cyber Attackers are Looking to Exploit Government Agencies in 2023

By Tripwire Guest Authors on Mon, 02/27/2023
Governments play a key role in the continued operation of society. While getting a speeding ticket or paying taxes may not be anyone’s favorite thing to do, they contribute to the government’s ability to protect its citizens while maintaining its infrastructure and services. Cybersecurity is critical for all organizations and government agencies, as they may hold sensitive information on both...
Cybersecurity