-
-
Blog
Top 5 Scam Techniques: What You Need to Know
By Martina Dove on Tue, 02/27/2024
Image
Scammers are increasingly resourceful when coming up with scam techniques. But they often rely on long-standing persuasion techniques for the scam to work. So, you may hear about a new scam that uses a novel narrative, but there is a good chance that the scam relies on proven scam techniques once the narrative is stripped away....
Blog
Improving OT Security in Industrial Processes
By Lane Thames on Tue, 02/27/2024
Image
Have you ever considered that even before you enjoy the first sip of your favorite morning beverage, you have probably interacted with at least half of the 16 critical infrastructure sectors that keep a nation running? In one way or another, the simple act of brewing a cup of tea would probably not be possible without...
Blog
Cyber Resilience: Planned and Practiced
By Sandy Dunn on Mon, 02/26/2024
Image
Navigating the information superhighway is like threading your car through traffic on a dangerous rush-hour freeway. The journey is full of perils that can prevent you from getting where you need to go and turn the trip into a bumpy ride. In the same way, we plan for wrecks and try to avoid hazards on the road, businesses can...
Blog
Delving into NCSC’s New SMB Cybersecurity Guide
By Kirsten Doyle on Mon, 02/26/2024
Image
Although attacks on small and medium-sized businesses (SMBs) rarely hit the headlines, they remain a serious threat. Unlike their corporate counterparts, many SMBs lack the tools, skills, and mitigation services they need to combat modern threats.
Understanding that forewarned is forearmed, the National Cyber Security Centre ...
On-Demand Webinar
Digging Deeper: Discover Advanced Tripwire Enterprise Capabilities
Thu, 02/22/2024
Most people know Fortra’s Tripwire Enterprise for its essential file integrity monitoring and security configuration management capabilities. But what about the more advanced use cases, like dealing with zero-day vulnerabilities or isolating specific systems when they contain a critical risk?
Watch the on-demand webinar presented by Forta’s Tripwire to find out more about...
Blog
Bring us the head of LockBit! $15 million bounty offered for information on leaders of notorious ransomware gang
By Graham Cluley on Thu, 02/22/2024
Image
A huge reward is being offered for information leading to the identification or location of any of the leaders of the LockBit ransomware gang.
The bounty offer comes from the US State Department, following this week's disruption of the criminal organisation's activities.
LockBit, which has been operating since 2020, has...
Blog
Customizing Security with Security Configuration Management (SCM)
By Michael Betti on Thu, 02/22/2024
Image
Many of the breaches of the past ten years have taken advantage of weak or nonexistent security settings. Conversely, for example, companies that configured their Docker application to the CIS recommended security settings for container users and privileges were not as vulnerable to container escape exploits. Arguably, a...
Blog
Cybersecurity Trends in 2024: 5 Key Areas to Follow
By Fortra Staff on Wed, 02/21/2024
Image
As we are well into 2024 now, we at Fortra want to continue our commitment to empowering you all with the knowledge and tools needed to protect you, your organization, and even your family. This year, we will be looking more and more at the human element, and provide you with methods to practice repeatable, real-world techniques...
Blog
Building Customer Trust through Transparent Safety and Security Practices
By Tripwire Guest Authors on Wed, 02/21/2024
Image
Last year, the Securities and Exchange Commission adopted rules on cybersecurity risk management that focused on transparency. Much of the adopted rules were focused on investors, but the rules also underscored the importance of the impact to customers when cybersecurity incidents occur.
The data security landscape has recently...
Blog
Outsmarting PayPal Scammers to Keep Your Cash Safe
By Kirsten Doyle on Tue, 02/20/2024
Image
Over the years, PayPal has earned a reputation for being a secure and easy way to send and receive money. However, no payment system is entirely immune to scams, and cybercriminals often exploit these platforms due to their widespread popularity and trust among users.
PayPal is the most widely used online payment system in the...
Blog
PCI DSS Compliance - Meeting the Third-Party Vendor Requirements
By Tripwire Guest Authors on Tue, 02/20/2024
Image
Today, almost every organization is engaged with a third-party vendor at some level when offering products or services. Take, for instance, an e-commerce business that may not be able to function properly unless multiple third-party integrations are involved, such as CRMs, payment gateways, live chat APIs, or a shipping gateway,...
Blog
Data Brokering: A Thousand Things About Yourself
By Tripwire Guest Authors on Mon, 02/19/2024
Image
A recent report from Duke University's Sanford School of Public Policy has shed light on a concerning issue - data brokers are selling vast amounts of highly sensitive information about American military service members. This includes private data about active-duty personnel, veterans, and their families, encompassing sensitive...
Blog
Insights from the NSA 2023 Cybersecurity Report
By Stefanie Shank on Mon, 02/19/2024
Image
The digital landscape is ever-changing, causing cybersecurity to often feel like a moving target. Thankfully, the NSA 2023 Cybersecurity Report arrives to provide critical information and context to help organizations keep their peace of mind.
This comprehensive report, drawing insights from a wide range of industries, delves...
Blog
Rhysida ransomware cracked! Free decryption tool released
By Graham Cluley on Thu, 02/15/2024
Image
Good news for organisations who have fallen victim to the notorious Rhysida ransomware.
A group of South Korean security researchers have uncovered a vulnerability in the infamous ransomware. This vulnerability provides a way for encrypted files to be unscrambled.
Researchers from Kookmin University describe how they exploited...
Blog
VERT Threat Alert: February 2024 Patch Tuesday Analysis
By Tyler Reguly on Tue, 02/13/2024
Image
Today’s VERT Alert addresses Microsoft’s February 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1093 as soon as coverage is completed.
In-The-Wild & Disclosed CVEs
CVE-2024-21351
This CVE describes a bypass in the Windows SmartScreen Security Feature. At this...
Blog
3 Tips for Enterprise Patch Management
By Lane Thames on Tue, 02/13/2024
Image
With all the technology we have today, installing software updates has become a near-daily, full-time activity. Patch management for large-scale enterprise IT systems can be one of the most stressful parts of an IT professional’s job. In today’s large and evolving IT networks where many new services are going online every day...
Blog
Leveraging AI LLMs to Counter Social Engineering: A Psychological Hack-Back Strategy
By Anastasios Arampatzis on Mon, 02/12/2024
Image
In the ever-evolving landscape of cybersecurity, businesses and individuals find themselves in a relentless battle against the surge of cybercrime, which continues to escalate in complexity and frequency. Despite the significant investments in cutting-edge cybersecurity solutions, the financial toll of cybercrime persists, with...
Blog
5 Key Findings from the Business Email Compromise (BEC) Trends Report
By Anirudh Chand on Mon, 02/12/2024
Image
Today’s BEC attacks are more nuanced, more accessible, less technically demanding, and consequently, more dangerous than ever before. In our report, 2023 BEC Trends, Targets, and Changes in Techniques, we take a hard look at the anatomy of Business Email Compromise (BEC) attacks today and the lures that are drawing users to the...