Have you ever been around someone who is just better at something than you are? Like when you were in grade school and there was this person who was effortless at doing things correctly, like getting high grades? They had great study habits, they arrived on time, they were prepared and confident in the materials that they studied in class, and they...

Compliance should be an essential part of business operations, regardless of industry. Taking preventative measures to manage compliance and mitigate risk can feel like a hassle upfront, but it can save your organisation huge costs in the long run. Compliance violations can result in fines, penalties, lawsuits, loss of reputation, and more. However,...

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of April 4, 2022. I’ve also included some comments on these stories. Borat RAT, a new RAT that performs ransomware and DDoS...

A new report, which surveyed 1200 IT security professionals in 17 countries around the world, has shone a light on a dramatic rise in the number of organisations willing to pay ransoms to extortionists. The ninth annual Cyberthreat Defense Report (CDR), produced by CyberEdge Group, shows that not only has there been a substantial increase in the...

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of March 28, 2022. I’ve also included some comments on these stories. Muhstik Botnet Targeting Redis Servers Using Recently...

Environmental sustainability has become a significant concern for businesses today. Yet, many are not seeing the connection between sustainability efforts and cybersecurity. Despite how different they may seem, these two topics are intertwined. If environmental services and infrastructure don’t embrace better security, the consequences could be...

Originally envisaged as a convenient way to store web data, cookies emerged as a powerful marketing tool in the 2000s. For many years, digital marketers relied on cookies for data collection. However, in recent history, new privacy laws, browser features, and plug-ins have changed the landscape of data collection. Marketers have had to develop...

Cloud computing has emerged as the go-to organizational workload choice because of its innate scalability and flexibility. However, cloud computing still comes with some security risks. Examining cloud security is an important part of adopting this new technology. Presently, cloud-native security is experiencing changes and innovations that help...

One of the main challenges of OT security is the problem of compatibility. OT components often differ significantly from each other in terms of age and sophistication as well as software and communication protocols.This complicates asset discovery and makes it difficult to establish a consistent cybersecurity governance approach. Combating asset...

How often have you heard someone say "Cybersecurity is complicated!"? If you're a practitioner in the cybersecurity industry you'll have heard these words often, probably along with "…and it's really boring too!" Complex, not complicated Let's start with the first statement. In truth, cybersecurity is a complex topic, but that doesn't mean it...

Like many organizations, K-12 schools adapted to COVID-19 by accelerating their digital transformation journeys. And like everyone else who followed this path, they invited unwanted attention from digital criminals in the process. In December 2020, for instance, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) issued a joint alert...

The benefits of a capable and properly deployed File Integrity Monitoring (FIM) solution are plentiful: If you see unexpected or unexplained file changes, you can investigate immediately and resolve the issue quickly if your system has been compromised. You can reconcile changes against change tickets or a list of approved changes in a text file...

Perhaps Disaster Recovery (DR) isn’t one of the hot terms like the Internet of Things (IoT) or Hybrid Cloud, but I would argue that re-examining your DR plan now might be one of the most important IT management initiatives on which you can focus your energy. Think about it. How much has the world changed in the past two years? Most people used to...

Tripwire's February 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.First on the patch priority list this month is a vulnerability for Microsoft Windows LSA (CVE-2021-36942). This vulnerability has been added to Metasploit Exploit Framework and any vulnerable systems should be patched as soon as possible.Up next...