Resources

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 22, 2022

By Andrew Swoboda on Mon, 08/29/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 22nd, 2022, including some commentary of mine. VMware fixed a privilege escalation issue in VMware Tools VMware this...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 15, 2022

By Andrew Swoboda on Mon, 08/22/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 15th, 2022. I’ve also included some comments on these stories. Newly Uncovered PyPI Package Drops Fileless Cryptominer...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 8, 2022

By Andrew Swoboda on Tue, 08/16/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 8st, 2022. I’ve also included some comments on these stories. Slack leaked hashed passwords from its servers for years ...

Guide

Why Integrity Should Be Your Organizing Cybersecurity Principle

While integrity has been a common word in the cybersecurity lexicon for years, its meaning and use have been relatively limited. It may be time to reconsider its central role in security. The reality of always-connected networks, fluid data transfers across cloud and hybrid environments, and broadly deployed endpoints presents an opportunity to take a fresh look at integrity as an organizing...

Guide

Threat Prevention is Foundational

How proper foundational controls help block today’s advanced threats

Guide

Securing the Cyber EO's Four Critical Frontiers

Guide

5 File Integrity Monitoring (FIM) Myths and Misconceptions

File integrity monitoring (FIM) is the cybersecurity process that monitors and detects changes in your environment to alert you to threats and helps you remediate them. While monitoring environments for change sounds simple enough, there are plenty of misconceptions about how exactly FIM fits into a successful cybersecurity program. It’s essential to address those common myths now so that...

Guide

File Integrity Monitoring (FIM) Software Buyer's Guide

There’s a lot more to file integrity monitoring than simply detecting change. Although FIM is a common policy requirement, there are many FIM capabilities and processes you can elect to implement or not. These can vary from a simple “checkbox” compliance tool to the option to build effective security and operational controls. These decisions directly affect the value your organization gains from...

Guide

The Value of True File Integrity Monitoring

File Integrity Monitoring (FIM) is a technology that monitors for changes in files that may indicate a cyberattack. In many organizations, however, FIM mostly means noise: too many changes, no context around these changes, and little insight into whether a detected change actually poses a risk. What does file integrity monitoring do? FIM, and often referred to as “change audit” was around long...

Guide

Integrity: The True Measure of Enterprise Security

Federal cybersecurity integrity is often defined as the incorruptibility of data (as part of the CIA triad), and file integrity monitoring (FIM), a control which has become a compliance requirement in standards such as FISMA and PCI DSS. Read the full white paper to learn more.

Guide

File integrity Monitoring (FIM) for Comprehensive Integrity Management

Shifting language can be difficult, but it’s more appropriate to talk about Integrity Management in regards to today’s technology landscape. Integrity Management provides an umbrella approach to managing risk in an environment. There are four basic steps to ensuring integrity: Secure deployment System baseline Change monitoring Change remediation This white paper will help you broaden your...

Blog

VERT Threat Alert: August 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 08/09/2022

Today’s Patch Tuesday VERT Alert addresses Microsoft’s August 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1015 on Wednesday, August 10th. In-The-Wild & Disclosed CVEs CVE-2022-34713 According to Microsoft, CVE-2022-34713 is a variant of the Dogwalk vulnerability. There has been a lot...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 1, 2022

By Andrew Swoboda on Mon, 08/08/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of August 1st, 2022. I’ve also included some comments on these stories. Windows 11 Smart App Control blocks files used to push...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of July 25, 2022

By Andrew Swoboda on Mon, 08/01/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of July 25, 2022. I’ve also included some comments on these stories. SonicWall fixed critical SQLi in Analytics and GMS products ...

Blog

VERT Threat Alert: July 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 07/12/2022

Today’s VERT Alert addresses Microsoft’s July 2022 Security Updates. VERT is actively working on coverage for these Patch Tuesday vulnerabilities and expects to ship ASPL-1011 on Wednesday, July 13th. In-The-Wild & Disclosed CVEs CVE-2022-22047 Microsoft is reporting this month that a single vulnerability in the Windows Client/Server Runtime...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 20, 2022

By Andrew Swoboda on Mon, 06/27/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 20, 2022. I’ve also included some comments on these stories. Over a Dozen Flaws Found in Siemens' Industrial Network...

Blog

VERT Threat Alert: June 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 06/14/2022

Today’s VERT Alert addresses Microsoft’s June 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1007 on Wednesday, June 15th. In-The-Wild & Disclosed CVEs None of the vulnerabilities patched this month have been exploited in-the-wild or publicly disclosed according to Microsoft. However,...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022

By Andrew Swoboda on Mon, 06/13/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of June 06, 2022. I’ve also included some comments on these stories. Another nation-state actor exploits Microsoft Follina to...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 30, 2022

By Andrew Swoboda on Mon, 06/06/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 30, 2022. I’ve also included some comments on these stories. Vendor Refuses to Remove Backdoor Account That Can Facilitate...

Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 16, 2022

By Andrew Swoboda on Mon, 05/23/2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 16, 2022. I’ve also included some comments on these stories. Watch Out! Hackers Begin Exploiting Recent Zyxel Firewalls...

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 22, 2022

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 15, 2022

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 8, 2022

Why Integrity Should Be Your Organizing Cybersecurity Principle

Threat Prevention is Foundational

Securing the Cyber EO's Four Critical Frontiers

5 File Integrity Monitoring (FIM) Myths and Misconceptions

File Integrity Monitoring (FIM) Software Buyer's Guide

The Value of True File Integrity Monitoring

Integrity: The True Measure of Enterprise Security

File integrity Monitoring (FIM) for Comprehensive Integrity Management

VERT Threat Alert: August 2022 Patch Tuesday Analysis

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of August 1, 2022

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of July 25, 2022

VERT Threat Alert: July 2022 Patch Tuesday Analysis

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 20, 2022

VERT Threat Alert: June 2022 Patch Tuesday Analysis

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of June 06, 2022

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 30, 2022

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 16, 2022

Contact Information

Privacy Policy

Cookie Policy

Impressum