Resources

What We Learned From "The Cyber-Resilient CEO" Report
Blog
Blog

What We Learned From "The Cyber-Resilient CEO" Report

By Stefanie Shank on Mon, 11/06/2023
In today's digital landscape, cybersecurity is not just a technical concern; it's a strategic imperative. As we delve into the insights from a recent report from Accenture titled " The Cyber-Resilient CEO ," we'll uncover CEOs' critical role in safeguarding their organizations against cyber threats. Discover how a select group of leaders navigates the complex terrain of cyber vulnerabilities...
Cybersecurity
What is Classiscam Scam-as-a-Service?
Blog
Blog

What is Classiscam Scam-as-a-Service?

By Katrina Thompson on Mon, 11/06/2023
"The 'Classiscam' scam-as-a-service operation has broadened its reach worldwide, targeting many more brands, countries, and industries, causing more significant financial damage than before,” touts Bleeping Computer . So just what is it? What is Classiscam? It’s a bird. It’s a plane. It’s - a pyramid? Classiscam is an enterprising criminal operation that uses a division of labor to organize low...
Cybersecurity
Patch Priority Index
Blog
Blog

Tripwire Patch Priority Index for October 2023

By Lane Thames on Fri, 11/03/2023
Tripwire's October 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority is a patch for Microsoft Edge (Chromium-based) that resolves a type confusion vulnerability. Next on the patch priority list this month are patches for Microsoft Office that resolve 3 elevation of privilege vulnerabilities. Next are patches that affect components...
Vulnerability & Risk Management
Cybersecurity
Simple Reminders to Conclude Cybersecurity Awareness Month
Blog
Blog

Simple Reminders to Conclude Cybersecurity Awareness Month

By Fortra Staff on Thu, 11/02/2023
2023 marked the 20th Cybersecurity Awareness Month which was founded as a collaboration between government and the private industry to raise awareness about digital security and empower everyone to protect their personal data from digital forms of crime. While most of the cybersecurity news articles are about massive data breaches and cybercriminals, it can seem overwhelming, making it feel like...
Cybersecurity
Massive Surge in Security Breaches of Pensions Prompt Questions
Blog
Blog

Massive Surge in Security Breaches of Pensions Prompt Questions

By Josh Breaker-Rolfe on Thu, 11/02/2023
A recent report from RPC has revealed that cybersecurity breaches in UK pension schemes increased by 4,000% from 2021/22 to 2022/23. Understandably, the announcement has raised serious concerns about the efficacy of financial service organization’s cybersecurity programmes. Although the reasons for cyberattacks on financial services are fairly obvious – potential financial gains, troves of...
Cybersecurity
Incident Detection & Investigation
Guide
Guide

10 Common Security Misconfigurations and How to Fix Them

Is your organization using default security settings, or do you have a security configuration management (SCM) program in place to ensure your configurations are as secure as possible? Misconfigurations are a leading cause of unauthorized access and security breaches, creating entry points for hackers in servers, websites, software, and cloud infrastructure. The Open Worldwide Application Security...
Cybersecurity
Security Configuration Management
A Scary Story of Group Policy Gone Wrong: Accidental Misconfigurations
Blog
Blog

A Scary Story of Group Policy Gone Wrong: Accidental Misconfigurations

By Chris Hudson on Mon, 10/30/2023
In the world of cybersecurity, insider threats remain a potent and often underestimated danger. These threats can emanate not only from malicious actors within an organization but also from well-intentioned employees who inadvertently compromise security with a mis-click or other unwitting action. Having spent many years in system administrator-type roles, I'm actually surprised at how easy it...
Vulnerability & Risk Management
Cybersecurity
linkedin job
Blog
Blog

Phony Corsair job vacancy targets LinkedIn users with DarkGate malware

By Graham Cluley on Thu, 10/26/2023
Job hunters should be on their guard. Researchers at security firm WithSecure have described how fake job opportunities are being posted on LinkedIn with the intent of spreading malware. A Vietnamese cybercrime gang is being blamed for a malware campaign that has seen bogus adverts posted on LinkedIn, pretending to be related to jobs at computer memory and gaming accessories firm Corsair. The...
Cybersecurity
What you should know about VPN audits
Blog
Blog

What you should know about VPN audits

By Tripwire Guest Authors on Wed, 10/25/2023
The main reasons internet users choose to use a virtual private network (VPN) are to protect their online identity and bypass geo-restrictions. Cybercrime is on the rise and is expected to grow each year – the largest breach of 2023 so far occurred on Twitter . For those who reside in countries where internet freedom is lacking, a VPN is necessary to access certain content, and privacy is crucial...
Cybersecurity
Security-in-the-Property-Industry-Challenges-and-How-to-Avoid-Attacks
Blog
Blog

Security in the Property Industry: Challenges and How to Avoid Attacks

By PJ Bradley on Wed, 10/25/2023
In recent years, there has been a major ongoing trend toward more digital infrastructure and an increased dependence on technology across a wide variety of sectors. In the property industry, this has manifested heavily in the growth of the property technology (PropTech) market. These developments have had a serious impact on the sector, enabling advances that both improve existing processes and...
Cybersecurity
The growth of APIs attracts Cybercrime: How to prepare against cyber attacks
Blog
Blog

The growth of APIs attracts Cybercrime: How to prepare against cyber attacks

By Josh Breaker-Rolfe on Tue, 10/24/2023
Application Programming Interfaces (APIs) have profoundly transformed the internet's fabric. In the pre-API era, digital interactions were limited by siloed systems functioning in isolation. APIs dismantled these barriers by introducing a universal language that diverse applications could comprehend. This linguistic bridge facilitated an unprecedented level of interconnectivity between software...
Cybersecurity
Cyber Insurance Report: Breach Frequency Down, Breach Severity Up
Blog
Blog

Cyber Insurance Report: Breach Frequency Down, Breach Severity Up

By Josh Breaker-Rolfe on Mon, 10/23/2023
The past half-decade has been a particularly tumultuous one for cybersecurity. It has borne witness to some of the most damaging attacks in history, unprecedentedly high data breach rates, and a staggering number of emerging threat groups. However, a new report from cyber insurance provider Coalition suggests that things are beginning to stabilize. The report , which features data from Coalition’s...
Cybersecurity
Blockchain-Security-Understanding-vulnerabilities-and-mitigating-risks
Blog
Blog

Blockchain Security: Understanding vulnerabilities and mitigating risks

By Dilki Rathnayake on Mon, 10/23/2023
In recent years, blockchain technology has garnered significant attention thanks to its remarkable tamper-proof features and robust security. It is also expected that the blockchain technology market will exceed 1.2 billion US dollars by 2030, with an annual growth rate of 82.8 percent. However, recent headlines have exposed numerous vulnerabilities and cyberattacks targeting blockchain technology...
Cybersecurity
Ex-Navy IT manager jailed for selling people's data on the dark web
Blog
Blog

Ex-Navy IT manager jailed for selling people's data on the dark web

By Graham Cluley on Thu, 10/19/2023
A former US Navy IT manager has been sentenced to five years and five months in prison after illegally hacking a database containing personally identifiable information (PII) and selling it on the dark web. 32-year-old Marquis Cooper, of Selma, California, was a chief petty officer in the US Navy's Seventh Fleet when he opened an account in August 2018 with a company that maintains a PII database...
Cybersecurity
Plastic surgeries warned by the FBI that they are being targeted by cybercriminals
Blog
Blog

Plastic surgeries warned by the FBI that they are being targeted by cybercriminals

By Graham Cluley on Wed, 10/18/2023
Plastic surgeries across the United States have been issued a warning that they are being targeted by cybercriminals in plots designed to steal sensitive data including patients' medical records and photographs that will be later used for extortion. The warning , which was issued by the FBI yesterday and is directed towards plastic surgery offices and patients, advises that extortionists have been...
Cybersecurity
Compliance
HIPAA
The Peril of Child Identity Theft and How to Mitigate It
Blog
Blog

The Peril of Child Identity Theft and How to Mitigate It

By Joseph Chukwube on Wed, 10/18/2023
We often hear of how we need to protect ourselves from online scams. Criminals seek our personal information in order to use it for multiple nefarious purposes. However, there is a population who, while not having a broad online presence, are equally vulnerable to identity theft. Children are particularly vulnerable to identity theft, as they often have clean credit histories and their personal...
Cybersecurity
Save the Embarrassment: The Value of Multi-Factor Authentication
Blog
Blog

Save the Embarrassment: The Value of Multi-Factor Authentication

By Tyler Reguly on Tue, 10/17/2023
These days, it’s not a matter of if your password will be breached but when. Major websites experience massive data breaches at an alarming rate. Have I Been Pwned currently has records from 705 sites comprising 12.6 billion accounts. This includes well-known names like Wattpad, Verifications.io, and Facebook. This is a 30% increase in the number of sites and a 10% increase in the number of...
Cybersecurity
Cyberattacks on Gaming Developers: Five Security Tips
Blog
Blog

Cyberattacks on Gaming Developers: Five Security Tips

By PJ Bradley on Mon, 10/16/2023
Gaming companies collect data concerning user behavior for a variety of reasons: to inform investment and content decisions, enable game and advertisement personalization, and improve gameplay, to name a few. However, the data available provides a daunting task for those attempting to make use of it, as well as a ripe target for attackers. Effectively utilizing and protecting this data can be a...
Cybersecurity
Understanding Cybersecurity Footprinting: Techniques and Strategies
Blog
Blog

Understanding Cybersecurity Footprinting: Techniques and Strategies

By Dilki Rathnayake on Mon, 10/16/2023
Footprinting, also known as fingerprinting, is a methodology used by penetration testers, cybersecurity professionals, and even threat actors to gather information about a target organization to identify potential vulnerabilities. Footprinting is the first step in penetration testing. It involves scanning open ports, mapping network topologies, and collecting information about hosts, their...
Cybersecurity
Incident Detection & Investigation
Fortifying IoT Devices: Unraveling the Art of Securing Embedded Systems
Blog
Blog

Fortifying IoT Devices: Unraveling the Art of Securing Embedded Systems

By Isla Sibanda on Fri, 10/13/2023
Interconnected, data-enabled devices are more common now than ever before. By 2027, it is predicted that there will be more than 41 billion new IoT devices . The emergence of each new device offers a fresh vulnerability point for opportunistic bad actors. In 2022, there were over 112 million cyberattacks carried out on IoT devices worldwide. Without sufficient protection, attackers can exploit...
Cybersecurity
IT Security Operations & Asset Discovery