Image In today's expanding cyber threat landscape, infiltrating a system goes beyond unauthorized access or malware installation. To achieve their ultimate objectives, cybercriminals need to maintain an undetected presence in the system or network to control or extract data according to their needs. Command and Control attacks, also...

Image In the intricate realm of cybersecurity, the relentless surge of cyber threats demands a constant reassessment of defensive strategies. Amidst this dynamic landscape, a subtle yet indispensable player takes center stage — Security Configuration Management (SCM). This blog embarks on an insightful journey into the critical role...

Image Agriculture, a fundamental aspect of human civilization, plays an important role in global economic stability, contributing 4% to the global GDP. This sector not only provides food, but also supplies vital raw materials for various industries and drives economic development through job creation and trade facilitation. As we...

   Image   The most recent book that we’ve read over here is Black Hat GraphQL: Attacking Next Generation APIs written by Dolev Farhi and Nick Aleks. The book is described as being for, “anyone interested in learning how to break and protect GraphQL APIs with the aid of offensive security testing.” As someone who works primarily...

Image Tripwire's February 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft, ConnectWise, and Google. First on the patch priority list are patches for ConnectWise ScreenConnect, Microsoft Exchange Server, Microsoft Windows SmartScreen, and Microsoft Windows Internet Shortcut files. These CVEs (CVE...

Image What's happened? The US government warned healthcare organizations about the risk of being targeted by the ALPHV BlackCat ransomware after a surge in attacks. I thought ALPHV BlackCat had been taken down by the cops? Well remembered. Shortly before Christmas, the US Department of Justice (DOJ) announced that it had disrupted...

Image The financial services sector faces unprecedented cybersecurity challenges in today's digital age. With the industry being a prime target for cybercriminals, understanding and adhering to cybersecurity regulations has never been more crucial. This article delves into the labyrinth of cybersecurity regulations affecting financial...

Image What is the greatest cyber risk in the world right now? Ransomware? Business Email Compromise? Maybe AI? Well, the last one is pretty close. According to the World Economic Forum, misinformation and disinformation are the most severe global risks of the next two years. In their Global Risks Report 2024, the WEF posited that the...

Image Cybersecurity is a pressing topic of concern for most organizations today, as any amount of sensitive data or digital assets can present a security risk. Understanding the digital landscape, threat trends, and the way they change over time is an essential step in defending against cyberattacks. It can be daunting for any...

Image Scammers are increasingly resourceful when coming up with scam techniques. But they often rely on long-standing persuasion techniques for the scam to work. So, you may hear about a new scam that uses a novel narrative, but there is a good chance that the scam relies on proven scam techniques once the narrative is stripped away....

Image Have you ever considered that even before you enjoy the first sip of your favorite morning beverage, you have probably interacted with at least half of the 16 critical infrastructure sectors that keep a nation running? In one way or another, the simple act of brewing a cup of tea would probably not be possible without...

Image Navigating the information superhighway is like threading your car through traffic on a dangerous rush-hour freeway. The journey is full of perils that can prevent you from getting where you need to go and turn the trip into a bumpy ride. In the same way, we plan for wrecks and try to avoid hazards on the road, businesses can...

Image Although attacks on small and medium-sized businesses (SMBs) rarely hit the headlines, they remain a serious threat. Unlike their corporate counterparts, many SMBs lack the tools, skills, and mitigation services they need to combat modern threats. Understanding that forewarned is forearmed, the National Cyber Security Centre ...

Image A huge reward is being offered for information leading to the identification or location of any of the leaders of the LockBit ransomware gang. The bounty offer comes from the US State Department, following this week's disruption of the criminal organisation's activities. LockBit, which has been operating since 2020, has...

Image Many of the breaches of the past ten years have taken advantage of weak or nonexistent security settings. Conversely, for example, companies that configured their Docker application to the CIS recommended security settings for container users and privileges were not as vulnerable to container escape exploits. Arguably, a...

Image As we are well into 2024 now, we at Fortra want to continue our commitment to empowering you all with the knowledge and tools needed to protect you, your organization, and even your family. This year, we will be looking more and more at the human element, and provide you with methods to practice repeatable, real-world techniques...

Image Last year, the Securities and Exchange Commission adopted rules on cybersecurity risk management that focused on transparency. Much of the adopted rules were focused on investors, but the rules also underscored the importance of the impact to customers when cybersecurity incidents occur. The data security landscape has recently...

Image Over the years, PayPal has earned a reputation for being a secure and easy way to send and receive money. However, no payment system is entirely immune to scams, and cybercriminals often exploit these platforms due to their widespread popularity and trust among users. PayPal is the most widely used online payment system in the...

Image Today, almost every organization is engaged with a third-party vendor at some level when offering products or services. Take, for instance, an e-commerce business that may not be able to function properly unless multiple third-party integrations are involved, such as CRMs, payment gateways, live chat APIs, or a shipping gateway,...

Image A recent report from Duke University's Sanford School of Public Policy has shed light on a concerning issue - data brokers are selling vast amounts of highly sensitive information about American military service members. This includes private data about active-duty personnel, veterans, and their families, encompassing sensitive...