Blog

Blog

Why Application Dependencies Are Critical for Cloud Security

Application dependencies occur when technology components, applications, and servers depend on each other to provide a business solution or service. Developers have a specific technology stack in mind when building solutions. This can typically include operating systems, database engines, and development frameworks (such as .Net or Java), as well as...
Blog

Four of the Oldest Tricks in Scammers’ Books

As the world grows increasingly digital and dependent on the internet, cyberthreats are constantly evolving to clash with newer and more rigid security features. Despite cybercriminals’ propensity for finding new and innovative ways to take advantage of their targets, however, there are also tactics that have been in use since the early days of the...
Blog

The Language of Cybersecurity Frameworks, Guidance, Regulations, and Standards

When it comes to acronyms, Technology and Cybersecurity often rival various branches of government. Technology acronyms are usually somewhat bland, amounting to little more than the arcane argot of the profession, such as SOC, SIEM, and DNS. Government, however, rarely disappoints in its inventiveness, whether it is the acronym of the Puppies...
Blog

How to achieve and maintain data compliance in 2023

The Compliance Landscape Only those hiding from the news, prospects, and customers can miss the data security and privacy challenges that are occurring. More businesses are relying on data analytics (garnered from data collection) for more and improved service and product offerings. More individuals want data privacy and security. More nations...
Blog

VERT Threat Alert: February 2023 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s February 2023 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1042 on Wednesday, February 15th. In-The-Wild & Disclosed CVEs CVE-2023-21823 The first vulnerability in the list this week is CVE-2023-21823, a vulnerability in Windows Graphic Component...
Blog

Cybersecurity Is Necessary for Mission-Critical Energy Grids

Today’s energy sector is undergoing massive change, especially as more utilities try to usher in clean or renewable energy alternatives like solar, geothermal, hydroelectric, and wind power. In addition to the clean energy transition, grid modernization is another major shift in the energy industry. The Industrial Internet of Things (IIoT) is...
Blog

The Role of Data Hygiene in the Security of the Energy Industry

We create massive amounts of data daily, from the exercise stats compiled by our wearable devices to smart meters used at our homes to reduce expense consumption to maintenance statistics of critical systems in industrial settings. If data creation continues at its present rate, more than a yottabyte (a million trillion megabytes) will likely be...
Blog

Tripwire Patch Priority Index for January 2023

Tripwire's January 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe. First on the patch priority list this month are patches for Microsoft Visio and Microsoft Office that resolve 6 vulnerabilities, including remote code execution and information disclosure vulnerabilities. Next are patches for Adobe...
Blog

Romance fraud losses rose 91% during the pandemic, claims UK's TSB bank

UK banking group TSB is calling on social networks and dating apps to better protect their users from fake profiles, following an alarming spike in romance fraud. Examining data from December 2020 - January 2022, TSB determined that romance fraud almost doubled compared to pre-pandemic levels, with a record increase in losses of 91% - averaging £6...
Blog

​​Key Insights From the Guide to Cybersecurity Trends and Predictions for 2022-23

The cybersecurity landscape has become something of a battle royale: companies and cyber criminals are continually trying to outsmart one another in an effort to be the last one standing. Thankfully, many businesses are seeking a proactive approach, aiming to avoid the proverbial egg on their face when it comes to cybersecurity breaches. Learning...
Blog

Network Security Threats and Defenses: A 2023 Guide

What Is Network Security? Network security is a broad field, encompassing various processes, policies, rules, standards, frameworks, software, and hardware solutions. Its primary goal is to protect a network and its data from various threats, including intrusions and breaches. A network security program typically utilizes a combination of access...
Blog

Data Privacy Day: Understanding the Risks of Social Media

For most people, January 28th is the 28th day of the year. For me, January 28th is more commonly known as “the day before my wife’s birthday.” For those who pay attention to history, they may know it as the day of Charlemagne’s death, Edward VI’s ascension to the throne, the founding of Northwestern University, the birth of the US Coast Guard, the...
Blog

ShinyHunters suspect extradited to United States from Morocco, could face 116 years in jail if convicted

A 22-year-old suspected of being "Seyzo", a member of the ShinyHunters cybercrime gang, has been extradited from Morocco to the United States, where - if convicted - he could face up to 116 years in prison. Sebastien Raoult, a French national, was arrested at Rabat international airport in Morocco on May 31 2022, while trying to take a flight to...
Blog

The Intersection of Artificial Intelligence and Environmental, Social, and Governance Concerns

The release of ChatGPT last November transformed public awareness, perception, and discourse about Artificial Intelligence (AI). Prior to the release, AI has long existed in now familiar technologies, devices, and processes. Perhaps one of the most common uses of AI is the Google search engine. Search engines rely on AI to scan the internet to...
Blog

The prevalence of RCE exploits and what you should know about RCEs

Recent headlines have indicated that some major companies were affected by Remote Code Execution (RCE) vulnerabilities, just in the month of October. RCE flaws are largely exploited in the wild, and organizations are continually releasing patches to mitigate the problem. RCE is a type of an Arbitrary Code Execution (ACE) attack where the threat...
Blog

3 Learnings from the DoDIIS Conference

The annual Department of Defense Intelligence Information System (DoDIIS) Worldwide Conference took place on December 12 – 15 in San Antonio, Texas. If you are unfamiliar with the DoDIIS, it is presented by the Defense Intelligence Agency (DIA), and it brings together experts from multiple governmental, academic, and industry organizations to...
Blog

AI-generated phishing attacks are becoming more convincing

It's time for you and your colleagues to become more skeptical about what you read. That's a takeaway from a series of experiments undertaken using GPT-3 AI text-generating interfaces to create malicious messages designed to spear-phish, scam, harrass, and spread fake news. Experts at WithSecure have described their investigations into just how...
Blog

The Heightened Importance of Cybersecurity in Mobile App Development

Mobile device use is pervasive, and has eclipsed traditional computing. We often hear how various malicious mobile apps are released into circulation. For these reasons, mobile app development needs to focus on cybersecurity just as much as it does on functionality and flexibility, if not more so. It’s an inevitable aspect of app development that...
Blog

C-Suite Security: How IT Teams Improve Security Culture

Every person in an organisation has the potential to enhance security. Physical office barriers were removed during the pandemic, exposing companies to countless vulnerabilities as attack avenues have multiplied. However, this does not mean that all was lost. What it signals is the importance of promoting a culture of security across the entire...
Blog

Healthcare Supply Chain Attacks Raise Cyber Security Alarm

The healthcare sector has become a popular target for cybercriminals and is one of the most targeted industries by cyber criminals. In 2022, 324 attacks were reported in the first half of the year. As bad actors continue to target the healthcare industry, cybersecurity experts and healthcare administrators should be aware that attacks are...