Resources

Blog

VERT Threat Alert: January 2024 Patch Tuesday Analysis

By Tyler Reguly on Tue, 01/09/2024

Image Today’s VERT Alert addresses Microsoft’s January 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1088 as soon as coverage is completed. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs included in the January Patch Tuesday drop. CVE...

Blog

How to Reduce Your Attack Surface

By Tripwire Guest Authors on Mon, 01/08/2024

Image What is an Attack Surface? An attack surface is the total number of channels, pathways, or areas that threat actors can utilize to gain unauthorized access to networks. The result is that they can obtain private information or carry out a cyber-attack. An attack surface comprises the organizational assets a threat actor can...

Blog

VERT Threat Alert: December 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 12/12/2023

Image Today’s VERT Alert addresses Microsoft’s December 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1086 on Wednesday, December 13th. In-The-Wild & Disclosed CVEs CVE-2023-20588 AMD has released AMD-SB-7007 – Speculative Leaks Security Notice, which describes how...

Blog

NIST CSF 2.0: What you need to know

By Antonio Sanchez on Mon, 12/11/2023

Image Organizations looking to protect their sensitive data and assets against cyberattacks may lack the ability to build a cybersecurity strategy without any structured help. The National Institute of Standards and Technology (NIST) has a free, public framework to help any organization mature its IT security posture. Recently, the...

On-Demand Webinar

Top Security Misconfigurations to Watch Out For

Thu, 11/30/2023

Misconfigurations continue to be a leading cause of cybersecurity breaches. Luckily, you can prevent and correct them with the right knowledge and tools on your side. The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) recently released a joint cybersecurity advisory (CSA) sharing the most common misconfigurations observed by their Red...

Blog

SMB Protocol Explained: Understanding its Security Risks and Best Practices

By Dilki Rathnayake on Tue, 11/21/2023

Image Server Message Block (SMB) protocol is a communication protocol that allows users to communicate with remote servers and computers, which they can open, share, edit files, and even share and utilize resources. With the expansion of telecommunications, this protocol has been a prime target for threat actors to gain unauthorized...

Blog

Secure Access Control in 2024: 6 Trends to Watch Out For

By Gilad David Maayan on Wed, 11/15/2023

Image What Is Secure Access Control? Secure access control, part of the broader field of user management, is a key concept in the realm of information security, particularly in the business environment. It refers to the process of selectively restricting and allowing access to a place or resource. In the context of information...

Blog

VERT Threat Alert: November 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 11/14/2023

Image Today’s VERT Alert addresses Microsoft’s November 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1082 on Wednesday, November 15th. In-The-Wild & Disclosed CVEs CVE-2023-36033 A vulnerability in the Microsoft Desktop Window Manager (DWM) could allow an attacker to...

Blog

How Does IoT Contribute to Real-Time Grid Monitoring for Enhanced Stability and Fault Detection?

By Emily Newton on Tue, 11/14/2023

Image More decision-makers are investing in grid modernization efforts, knowing that doing so is necessary for keeping pace with modern demands. For example, smart grid fault-detection sensors could warn utility company providers of problems in real time, preventing costly and inconvenient outages. Technologies like the Internet of...

Guide

10 Common Security Misconfigurations and How to Fix Them

Is your organization using default security settings, or do you have a security configuration management (SCM) program in place to ensure your configurations are as secure as possible? Misconfigurations are a leading cause of unauthorized access and security breaches, creating entry points for hackers in servers, websites, software, and cloud infrastructure. The Open Worldwide...

Blog

5 Tripwire Enterprise Misconfigurations to Avoid

By Jeff Hines on Tue, 10/24/2023

Image Configuration management is vitally important as part of a sound cybersecurity strategy. We have previously published how patching alone is not enough, as that does not alter a system’s customized configuration. Misconfigurations can be as damaging to security as a deliberate attack on a system. As the manufacturer of Tripwire...

Blog

What is a CMDB?

By Lane Thames on Tue, 10/17/2023

Image There are countless tools and technologies available to help an organization stay on top of its IT assets, and a configuration management database (CMDB) is an extremely useful one. The database keeps track of relevant information regarding various hardware and software components and the relationships between them. It allows...

Blog

VERT Threat Alert: October 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 10/10/2023

Image Today’s VERT Alert addresses Microsoft’s October 2023 Security Updates, which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1077 on Wednesday, October 11th. In-The-Wild & Disclosed CVEs CVE-2023-41763 While this vulnerability is...

Blog

Compliance vs. Security: Striking the Right Balance in Cybersecurity

By Jay Thakkar on Mon, 10/09/2023

Image Compliance and security often go hand in hand as ideas that attempt to protect against cyber threats. While both compliance and security are designed to lower risk, they are not mutually inclusive—that is, not everything that is required for compliance will necessarily help with security, and not everything that bolsters...

Blog

Revealed! The top 10 cybersecurity misconfigurations, as determined by CISA and the NSA

By Graham Cluley on Fri, 10/06/2023

Image A joint cybersecurity advisory from the United States's National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) has shone a light on the top ten most common cybersecurity misconfigurations found in large private and public organisations. The report aims to detail the weaknesses found in many...

Blog

What is NERC? Everything you need to know

By Michael Betti on Tue, 10/03/2023

Image Electric grids are part of every nation’s critical infrastructure. Every societal activity and business depends on reliable and safe electricity distribution. The US electric grid is a huge network of powerlines, distribution hubs, and renewable and non-renewable energy generators that is increasingly exposed to cyber-physical...

Blog

ICS Environments and Patch Management: What to Do If You Can’t Patch

By Anastasios Arampatzis on Mon, 10/02/2023

Image The evolution of the cyber threat landscape highlights the need for organizations to strengthen their ability to identify, analyze, and evaluate cyber risks before they evolve into security incidents. Known unpatched vulnerabilities are often exploited by criminals to penetrate Industrial Control Systems (ICS) environments and...

Blog

Closing Integrity Gaps with NIST CSF

By Lane Thames on Wed, 09/27/2023

Image The then-new 2014 NIST Cybersecurity Framework (CSF) was designed to plug security gaps in operational technology. It’s still in use today and more relevant than ever. Fortra’s whitepaper provides a cohesive review of this security staple and how to glean the best out of it for your strategy. A Brief History of NIST CSF “The...

Blog

Increasing Your Business’ Cyber Maturity with Fortra

By Antonio Sanchez on Wed, 09/20/2023

Image When building a tower, it helps to start with a sturdy foundation. Cyber maturity is the tower, and there are three levels that build it: Foundational IT/OT & Security Control Processes Fundamental Security Control Capabilities Advanced Security Control Capabilities Fortra occupies a unique space in the industry because of...

Blog

How to Build an Effective ICS Security Program

By Michael Betti on Mon, 09/18/2023

Image How to Build an Effective ICS Security Program Of all the different areas of cybersecurity, not many are as important, or have as far-reaching consequences as industrial control systems (ICS) security. While most relevant organizations would agree that ICS security is a significant concern for their operations, it is easier...

VERT Threat Alert: January 2024 Patch Tuesday Analysis

How to Reduce Your Attack Surface

VERT Threat Alert: December 2023 Patch Tuesday Analysis

NIST CSF 2.0: What you need to know

Top Security Misconfigurations to Watch Out For

SMB Protocol Explained: Understanding its Security Risks and Best Practices

Secure Access Control in 2024: 6 Trends to Watch Out For

VERT Threat Alert: November 2023 Patch Tuesday Analysis

How Does IoT Contribute to Real-Time Grid Monitoring for Enhanced Stability and Fault Detection?

10 Common Security Misconfigurations and How to Fix Them

5 Tripwire Enterprise Misconfigurations to Avoid

What is a CMDB?

VERT Threat Alert: October 2023 Patch Tuesday Analysis

Compliance vs. Security: Striking the Right Balance in Cybersecurity

Revealed! The top 10 cybersecurity misconfigurations, as determined by CISA and the NSA

What is NERC? Everything you need to know

ICS Environments and Patch Management: What to Do If You Can’t Patch

Closing Integrity Gaps with NIST CSF

Increasing Your Business’ Cyber Maturity with Fortra

How to Build an Effective ICS Security Program

Contact Information

Privacy Policy

Cookie Policy

Impressum