Image Dealing with the aftermath of ransomware attacks is like Russian roulette. Submitting the ransom might seem like it’s the sole option for recovering locked data. Ransomware also continues to evolve as a threat category within the past year, with old names like REvil rearing their heads and new players like Black Basta emerging...

Image As the United States government, the energy industry, and individual consumers work toward cleaner and more sustainable energy solutions, it is crucial to consider how new and advancing technologies affect, and are affected by, cybersecurity concerns. ­­­­Increasing use of smart energy devices can be useful for consumers to have...

Image From its inception, the automotive industry has been shaped by innovation and disruption. In recent years, these transformations have taken shape in rapid digitization, ever-growing Electric Vehicle (EV) infrastructure, and advanced connectivity. These shifts have redirected the automotive industry, meeting and surpassing...

Image Legacy gas and coal plants are being aged out – and no one wants to pay enough to keep them going. With increased pressure from green energy laws and added competition from renewable sources, these monsters of Old Power are being shown the door. Considering they've predated and precipitated all Industrial Revolutions (except for...

Image Today’s VERT Alert addresses Microsoft’s March 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1046 on Wednesday, March 15th. In-The-Wild & Disclosed CVEs CVE-2023-24880 Up first this month is a publicly disclosed and exploited vulnerability impacting Windows...

Image Today’s VERT Alert addresses Microsoft’s February 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1042 on Wednesday, February 15th. In-The-Wild & Disclosed CVEs CVE-2023-21823 The first vulnerability in the list this week is CVE-2023-21823, a vulnerability in...

Image Industrial control systems are fundamental to all industrial processes, from power generation to water treatment and manufacturing. ICS refers to the collection of devices that govern a process to ensure its safe and effective execution. These devices include Supervisory Control and Data Acquisition (SCADA) systems, Distributed...

Image The distribution systems of the U.S. energy grid — the portions of the grid that carry electricity to consumers — are growing more susceptible to cyber-attacks, in part due to the advent of monitoring and control technology and their reliance on them. However, the magnitude of the possible consequences of such attacks is not...

Image   The healthcare sector has become a popular target for cybercriminals and is one of the most targeted industries by cyber criminals. In 2022, 324 attacks were reported in the first half of the year. As bad actors continue to target the healthcare industry, cybersecurity experts and healthcare administrators should be aware...

Image Today’s VERT Alert addresses Microsoft’s January 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1037 on Wednesday, January 11th.  In-The-Wild & Disclosed CVEs CVE-2023-21549 A vulnerability in the SMB Witness Service was reported by two Akamai researchers, Stiv...

Image The popularity of electric vehicles is partly a response to the desire of achieving sustainability and carbon footprint reduction. Automobile manufacturers are making substantial investments to tackle emissions issues, create environment-friendly vehicles, and align with Environmental, Social, and Governance (ESG) requirements....

Image The holiday season has arrived, and cyberattacks are expected to increase with the upcoming celebratory events. According to The Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) 2022 Holiday Season Threat Trends and summary report, ransomware and phishing attacks are expected to increase in retail. With the...

Image Today’s VERT Alert addresses Microsoft’s December 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1034 on Wednesday, December 14th. In-The-Wild & Disclosed CVEs CVE-2022-44698 This vulnerability allows a malicious individual to bypass SmartScreen, which does a...

Image   It’s no surprise that industrial environments have become increasingly valuable targets for malicious behavior. The State of Security has featured many cybersecurity events across myriad industrial verticals, including but not limited to chemical manufacturing, transportation, power generation and petrochemical. Several of...

Image The healthcare industry has been a favored target for cybercriminals for many years. In the first half of 2022 alone, 324 attacks against healthcare organizations have been reported. Attackers have primarily focused on large hospitals in years past, but there has been a sudden switch to smaller healthcare companies and specialty...

Image The Cross-Sector Cybersecurity Performance Goals (CPGs) are a new baseline released jointly by CISA, NIST, and the interagency community, with a goal of providing consistency across all critical infrastructure. The primary webpage for these goals gives us a great understanding of what they are (and are not). It is worth delving...

Image Today’s VERT Alert addresses Microsoft’s November 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1029 on Wednesday, November 9th. In-The-Wild & Disclosed CVEs CVE-2022-41091 This vulnerability allows a malicious individual to bypass Mark of the Web. Mark of the...

Image The third quarter saw some major developments across the privacy space. In the U.S., we saw a federal bill for comprehensive privacy achieve more than ever before, children’s privacy proved to remain a top concern, and the Federal Trade Commission formally began its heavily criticized “Magnuson-Moss rulemaking” process. Not to...

Image If you were to take a look at the cybersecurity news cycle, you’d be forgiven for thinking that it’s only large enterprises with expansive customer bases and budgets that are the most vulnerable to attacks. But that’s not entirely true. Even if it’s at a much smaller scale, small- and medium-sized businesses (SMBs) still have...

Image The NIST Cybersecurity Framework was meant to be a dynamic document that is continuously revised, enhanced, and updated. These upgrades allow the Framework to keep up with technological and threat developments, incorporate lessons learned, and transform best practices into standard procedures. NIST created the Framework in 2014...