Resources

Getting in Control of Financial Services Cybersecurity Regulations

Organizations in the financial sector are all too aware that their industry continues to be one of the top targets for cyber criminals. Among financial services and insurance organizations, the leading cause of breaches is system intrusion. That’s why so many cybersecurity compliance regulations have sprung up to ensure systems are kept hardened against attack. This guide will cover the main...

On-Demand Webinar

Insights for Navigating PCI-DSS 4.0 Milestones

With the PCI-DSS 4.0 implementation deadline looming just around the corner in 2024, financial companies have no time to waste when it comes to reaching key compliance milestones. Watch this on-demand webinar presented by Fortra’s Tripwire and BankInfoSecurity.com designed to help you get—and stay—on track for PCI 4.0 compliance. Hear from industry experts on preparing for PCI 4.0 using a simple...

Blog

VERT Threat Alert: April 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 04/11/2023

Today’s VERT Alert addresses Microsoft’s April 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1050 on Wednesday, April 12th. In-The-Wild & Disclosed CVEs CVE-2023-28252 A vulnerability in the Common Log File System (CLFS) Driver has been exploited in-the-wild. CLFS provides a general-purpose logging service to other software via the...

Guide

PCI DSS 4.0 Compliance

Maintaining compliance is a difficult job—both in scope and in practical application. Organizations need to comply with a vast array of regulations, and the number is constantly increasing. Compliance is consistently tightening; businesses and financial institutions now have to learn and dive into the new Payment Card Industry Data Security Standard (PCI DSS) 4.0 requirements as the implementation...

Blog

VERT Threat Alert: March 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 03/14/2023

Today’s VERT Alert addresses Microsoft’s March 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1046 on Wednesday, March 15th. In-The-Wild & Disclosed CVEs CVE-2023-24880 Up first this month is a publicly disclosed and exploited vulnerability impacting Windows SmartScreen. SmartScreen prompts you when running certain files downloaded...

Blog

VERT Threat Alert: February 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 02/14/2023

Today’s VERT Alert addresses Microsoft’s February 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1042 on Wednesday, February 15th. In-The-Wild & Disclosed CVEs CVE-2023-21823 The first vulnerability in the list this week is CVE-2023-21823, a vulnerability in Windows Graphic Component that can allow for code execution leading to...

Blog

VERT Threat Alert: January 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 01/10/2023

Today’s VERT Alert addresses Microsoft’s January 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1037 on Wednesday, January 11th. In-The-Wild & Disclosed CVEs CVE-2023-21549 A vulnerability in the SMB Witness Service was reported by two Akamai researchers, Stiv Kupchik and Ophir Harpaz . The vulnerability allows for a privilege...

Blog

VERT Threat Alert: December 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 12/13/2022

Today’s VERT Alert addresses Microsoft’s December 2022 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1034 on Wednesday, December 14th. In-The-Wild & Disclosed CVEs CVE-2022-44698 This vulnerability allows a malicious individual to bypass SmartScreen , which does a reputation check based on Mark of the Web identifiers. We saw CVE-2022...

Blog

VERT Threat Alert: November 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 11/08/2022

Today’s VERT Aler t addresses Microsoft’s November 2022 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1029 on Wednesday, November 9th. In-The-Wild & Disclosed CVEs CVE-2022-41091 This vulnerability allows a malicious individual to bypass Mark of the Web . Mark of the Web is what is used to present security warnings when opening files and...

Blog

Integrity Monitoring Use Cases: Compliance

By David Bruce on Wed, 10/19/2022

What is File Integrity Monitoring? The IT ecosystems of enterprises are highly dynamic. Typically, organizations react to this volatility by investing in asset discovery and Security Configuration Management (SCM). These core controls enable businesses to compile an inventory of authorized devices and monitor the configurations of those assets. In addition to managing changes to their...

Case Study

Case Study: Why One Fortune 250 Electric & Gas Utility Trusts Fortra’s Tripwire for Unbeatable Accuracy

Vulnerability & Risk Management

Cybersecurity

Compliance

NERC CIP

PCI DSS

Industrial Control Systems

Blog

VERT Threat Alert: September 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 09/13/2022

Today’s VERT Alert addresses Microsoft’s September 2022 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1021 on Wednesday, September 14th. In-The-Wild & Disclosed CVEs CVE-2022-23960 The first disclosed vulnerability this month is Spectre-BHB that is discussed in great detail on arm Developer. The Microsoft update for this vulnerability...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 5, 2022

By Andrew Swoboda on Mon, 09/12/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of September 5 th , 2022. I’ve also included some comments on these stories. Critical RCE Vulnerability Affects Zyxel NAS Devices — Firmware Patch Released Networking...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 29, 2022

By Andrew Swoboda on Mon, 09/05/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 29 th , 2022. I’ve also included some comments on these stories. WordPress 6.0.2 Patches Vulnerability That Could Impact Millions of Legacy Sites The WordPress team...

Blog

Defense and Development: Key points from The Complete Guide to Application Security for PCI-DSS

By Tripwire Guest Authors on Wed, 08/31/2022

The increasing popularity of online payment systems results from the world’s gradual transition to a cashless and contactless digital economy — an economy, projected in a recent Huawei white paper, to be worth $23 trillion by 2025. With digital commerce emerging as the largest segment in the projected $8.49 trillion global digital payments market in 2022, it’s not surprising that businesses are...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 22, 2022

By Andrew Swoboda on Mon, 08/29/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 22nd, 2022, including some commentary of mine. VMware fixed a privilege escalation issue in VMware Tools VMware this week released patches to address an important...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 15, 2022

By Andrew Swoboda on Mon, 08/22/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 15 th , 2022. I’ve also included some comments on these stories. Newly Uncovered PyPI Package Drops Fileless Cryptominer to Linux Systems A now-removed rogue package...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 8, 2022

By Andrew Swoboda on Tue, 08/16/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 8 st , 2022. I’ve also included some comments on these stories. Slack leaked hashed passwords from its servers for years Did Slack send you a password reset link...

Blog

A 5 Step Checklist for Complying with PCI DSS 4.0

By Tripwire Guest Authors on Mon, 08/15/2022

In March 2022, the Payment Card Industry Data Security Standard (PCI DSS) was updated with a number of new and modified requirements . Since their last update in 2018, there has been a rapid increase in the use of cloud technologies, contactless payments have become the norm, and the COVID-19 pandemic spurred a massive growth in e-commerce and online payments. At the same time, cybercriminals have...

Product Video

AAA: Getting Roadside Assistance from Tripwire

Mon, 08/15/2022

Tim Masey, Director of Enterprise Information Security at AAA, shared his company’s PCI journey: beginning with a small implementation of Tripwire, then running into roadblocks by Management for the expansion of products, and eventually moving forward with the implementation of Tripwire’s policy driven dashboards, rules and tasks for over 500 servers.

Getting in Control of Financial Services Cybersecurity Regulations

Insights for Navigating PCI-DSS 4.0 Milestones

VERT Threat Alert: April 2023 Patch Tuesday Analysis

PCI DSS 4.0 Compliance

VERT Threat Alert: March 2023 Patch Tuesday Analysis

VERT Threat Alert: February 2023 Patch Tuesday Analysis

VERT Threat Alert: January 2023 Patch Tuesday Analysis

VERT Threat Alert: December 2022 Patch Tuesday Analysis

VERT Threat Alert: November 2022 Patch Tuesday Analysis

Integrity Monitoring Use Cases: Compliance

Case Study: Why One Fortune 250 Electric & Gas Utility Trusts Fortra’s Tripwire for Unbeatable Accuracy

VERT Threat Alert: September 2022 Patch Tuesday Analysis

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of September 5, 2022

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 29, 2022

Defense and Development: Key points from The Complete Guide to Application Security for PCI-DSS

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 22, 2022

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 15, 2022

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 8, 2022

A 5 Step Checklist for Complying with PCI DSS 4.0

AAA: Getting Roadside Assistance from Tripwire

Contact Information

Privacy Policy

Cookie Policy

Impressum