Blog

Blog

Testing Banking Website Security: What You Need to Know

With 86% of UK adults using a form of online or remote banking and high street banks closing in record numbers, banking websites have become an integral part of our daily lives. They have changed how we manage our money, allowing us to send and receive money from anywhere in the world, open or close accounts at the click of a button (or tap or a screen), and avoid queuing in physical banks. They...
Blog

A Deep Dive into SELinux

Security-Enhanced Linux (SELinux), initially known for its perceived complexity in configuration and maintenance, has evolved into an indispensable security architecture across most Linux distributions. It empowers administrators to finely control the actions permitted to individual users, processes, and system daemons, thereby bolstering defense against potential security breaches. Through the...
Blog

Watch Out! CISA Warns It Is Being Impersonated By Scammers

The US Cybersecurity and Infrastructure Security Agency (CISA) has warned that scammers are impersonating its employees in an attempt to commit fraud. In an alert posted on the CISA website, the organisation warned that so-called impersonation scams are on the rise. An impersonation scam is any type of fraud where a criminal pretends to be a trusted individual or organisation to dupe a victim...
Blog

Breaking Compliance into Bite-Sized Portions

Many companies strive to achieve the best security possible. Along the path to improved security, many companies are also required to meet various compliance standards. In some cases, compliance is also a regulatory requirement. This crossroad between security and compliance can sometimes seem at odds with the organization’s goals. Compliance does...
Blog

VERT Threat Alert: June 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s June 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1110 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2023-50868 The only disclosed vulnerability we have this month, is CVE-2023-50868, a DNSSEC protocol level vulnerability that can lead to denial of service. The...
Blog

Mind the Gap: Strengthening Cybersecurity Through Behavioral Awareness

Exploring the intricate relationship between people and cybersecurity opens up a dynamic landscape where individuals' decisions, habits, and intentions significantly impact the safety and integrity of digital systems. Cybercriminals are savvy opportunists, and like pickpockets, they go where the crowds are. They scan the virtual world, identifying weaknesses in the popular sites and systems...
Blog

Hit by LockBit? The FBI is waiting to help you with over 7,000 decryption keys

Did your company fall victim to the LockBit ransomware? Have cybercriminals left gigabytes of your data encrypted, with no easy route for recovery that doesn't involve paying a ransom? Well, don't fear. The FBI announced this week that it had obtained over 7,000 decryption keys for the LockBit ransomware and is urging victims to come forward for free assistance. In a speech at this week's...
Blog

What Is the Difference between FIM and DLP?

Threats to sensitive data are everywhere. From sophisticated cybercriminal syndicates to accidental exposure to nation-state-backed advanced persistent threat (APT) groups and everything in between, it's never been more critical for organizations to have the correct data protection tools. When designing how to protect company information from loss...
Blog

AI Autonomy and the Future of Cybersecurity

Have you ever wondered how Artificial Intelligence (AI) could mimic consciousness and autonomously control various tasks? It sounds rather daunting. However, it may not be as intimidating as it seems under the right conditions. Moreover, Would AI perform tasks independently in the same manner as humans? And what implications does this hold for...
Blog

Life in Cybersecurity: From the Classroom to the Next Generation of Cybersecurity Professional

When you speak with many of the seasoned veterans of cybersecurity, it is not unusual to learn of the twisted path in technology that eventually landed them in the security profession. However, the newest cybersecurity professionals are digital natives. They grew up in a world of technology and were exposed to cybersecurity as early as their first...
Blog

A Brief Look at AI in the Workplace: Risks, Uses and the Job Market

Anyone remotely wired into technology newsfeeds – or any newsfeeds for that matter – will know that AI (artificial intelligence) is the topic of the moment. In the past 18 months alone, we’ve borne witness to the world’s first AI Safety Summit, a bizarre and highly public leadership drama at one of the world’s top AI companies, and countless prophecies of doom. And yet, even after all that, it...
Blog

How Can FIM Protect Against Insider Threats

An insider threat is someone inside an organization – including current and former employees, partners, and contractors – who, intentionally or otherwise, put their organization at risk. They typically abuse their access to private information and privileged accounts to steal or sabotage sensitive data, often for financial gain or even revenge. ...
Blog

EU Is Tightening Cybersecurity for Energy Providers

The energy sector is having a tumultuous decade. During the COVID pandemic, the price of oil plummeted. In 2021, a ransomware attack forced one of the US’s most significant oil pipelines to cease operations for five days, causing a state of emergency in seventeen states. Putin’s war in Ukraine has disrupted natural gas supplies across Europe. And now, it seems, it is the electricity providers’...
Blog

Data Destruction: The Final Line of Defense Against Cyber Attacks

Data is the lifeblood of modern organizations, and while watertight data protection policies are undeniably crucial, the need for robust data destruction methods has never been more pressing. Ultimately, all parties and vendors in your supply chain trust you to maintain the integrity of their data. Once that data is no longer needed, transparency...
Blog

Measuring the Effectiveness of File Integrity Monitoring Tools

A security incident can be the result of a single unauthorised change. A few may say, 'one change is inconsequential, don't sweat the small stuff.' But when it comes to infrastructure security, the detail is of paramount importance! Just a single edit to a single line item can have a negative effect on an entire file or operating system. It's...
Blog

Cloud Sprawl: How to Tidy It Up

Cloud computing offers indisputable benefits, but with the caveat that it can quickly become a disorganized jumble unless adequately managed. It’s common for the average organization to use dozens of cloud instances, solutions, and resources scattered across multiple platforms. Such off-premises services quickly accumulate to accommodate the company...
Blog

How Criminals Are Leveraging AI to Create Convincing Scams

Generative AI tools like ChatGPT and Google Bard are some of the most exciting technologies in the world. They have already begun to revolutionize productivity, supercharge creativity, and make the world a better place.But as with any new technology, generative AI has brought about new risks—or, rather, made old risks worse. Aside from the much-discussed potential "AI apocalypse" that has...
Blog

10 Years in Prison for $4.5 million BEC Scammer Who Bought Ferrari to Launder Money

A scammer has been sentenced to 10 years in prison for laundering over US $4.5 million obtained by targeting businesses and the elderly with Business Email Compromise (BEC) and romance fraud scams. Malachi Mullings, a 31-year-old from Sandy Springs, Georgia, was charged with opening 20 bank accounts in the name of a sham company, The Mullings Group LLC, to launder millions of dollars generated...
Blog

HITRUST: the Path to Cyber Resilience

Much has been made of cyber resilience in recent years. And with good reason: failing to bounce back quickly from a security event can have dramatic financial consequences. In early 2023, Royal Mail took several days to recover from a Lockbit cyberattack, losing upwards of £10 million in the process. However, for all the talk about resilience, the industry seems to be overlooking one of its...
Blog

Top 7 Cybersecurity Trends for Enterprises in 2024

How can an organization prepare to be cyber-resilient in 2024? The major trends to look out for seem to focus mainly on AI. While the rise of generative AI indeed poses challenges, executives should be cautious not to miss other critical trends that will shape the cybersecurity landscape this year. AI-driven Social Engineering Since the advent of...