As technology advances, the battle between cyber criminals and organizations intensifies. Cyber threats have become more sophisticated, complex, and widespread, posing a significant risk to the security and integrity of sensitive data. In Q1 2023 alone, the number of global cyber attacks increased by 7% , with an average of 1,248 attacks reported per week. In a separate report by The Independent...

In cybersecurity, knowledge is everything. From APT intelligence to zero-day vulnerabilities, relevant and timely information can be the difference between a thwarted attack and a total disaster. With Business Email Compromise (BEC) attacks at their zenith, there has never been a better time for a comprehensive BEC report. As such, Fortra has released its 2023 BEC Trends, Targets, and Changes in...

Today’s VERT Alert addresses Microsoft’s August 2023 Security Updates , which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1068 on Wednesday, August 9th. In-The-Wild & Disclosed CVEs CVE-2023-38180 A vulnerability in Kestrel could allow for a denial of service. Kestrel is the cross-platform web server...

Most small and midsized businesses trust an IT services partner to help them secure their networks. A few years ago, high-profile cyberattacks targeting MSP vendors Kaseya and SolarWinds thrust the security risk of relying on a complex chain of vendors into the technology media and moved the Department of Homeland Security to issue a statement about the need for greater security in the IT services...

Cyber Threat Intelligence (CTI), or threat intelligence, is evidence-based knowledge established from current cyber threats, gathered from myriad sources to identify existing or potential attacks. Threat intelligence assists in identifying the motives, targets, and attack behaviors of a threat actor and implementing strong defenses from future attacks. According to IBM’s Cost of a Data Breach 2022...

I recently spoke at a Fortra Webinar about CIS and MITRE . More specifically, I discussed the intersection between the CIS Critical Security Controls , CIS Benchmarks , and MITRE ATT&CK . In this post, I won't go into deep details about the core background, but there are plenty of excellent references available online, including our breakdown of the various CIS Controls . I do, however, want to...

Today’s VERT Alert addresses Microsoft’s July 2023 Security Updates , which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1064 on Wednesday, July 12th. In-The-Wild & Disclosed CVEs CVE-2023-32046 A vulnerability in MSHTML could allow an attacker to execute code in the context of the logged in user providing the attacker...

If you’re busy securing the perimeter, mandating strong authentication practices, and restricting software downloads, you may be missing the mark. (Just to be clear: if you are doing those things, keep it up. You’re off to a good start, and none of what follows here replaces classic and vital cybersecurity measures.) Protecting your organization from outside threats is foundational to any...

Today’s VERT Alert addresses Microsoft’s June 2023 Security Updates , which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1060 on Wednesday, June 14th. In-The-Wild & Disclosed CVEs There were no in-the-wild or disclosed CVEs in the June Patch Tuesday drop. CVE Breakdown by Tag While historical Microsoft Security Bulletin...

Gabrielle is a security engineer. She deploys tools to scan for threats and vulnerabilities, read logs, and manage the security risks for her company, but is all that data really helping? Sometimes, it seems like she works in a noise factory instead of a SOC . The cacophony of all the log and event data and vulnerability scans are pouring into the SIEM, and it’s Gabrielle’s job to listen to the...

A Social engineering attack is the process of exploiting weaknesses in human psychology to manipulate and persuade others to perform in a way that is harmful. Prior to the digital age, criminals would carry out these attacks in person, in what was known as a confidence game. The perpetrators were referred to a “con men”, regardless of their gender. In the cybersecurity realm, these attacks are...

Today’s VERT Alert addresses Microsoft’s May 2023 Security Updates , which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1055 on Wednesday, May 10th. In-The-Wild & Disclosed CVEs CVE-2023-29336 Up first this month is a vulnerability reported by Avast in Win32k. This vulnerability could allow an authenticated attacker to...

Root Cause Analysis (RCA) is a technique used to identify the underlying reasons for a problem, with the aim of trying to prevent it from recurring in the future. It is often used in change management processes to help identify the source of any issues that arise following any modifications to a system or process. RCA is something Tripwire Enterprise is often deeply tied into too. Before we talk...

This piece was originally published on Fortra’s AlertLogic.com Blog . Managed detection and response (MDR) would be nothing without a SOC (security operations center) . They’re on the frontline of our clients’ defenses — a living, breathing layer of intelligence and protection to complement our automated cybersecurity features. These are the people who make our MDR services best in class so...

CISA released in late February a cybersecurity advisory on the key findings from a recent Cybersecurity and Infrastructure Security Agency (CISA) red team assessment to provide organizations recommendations for improving their cyber posture. According to the Agency, the necessary actions to harden their environments include monitoring network activity to spot abnormal behavior, conducting regular...

Today’s VERT Alert addresses Microsoft’s April 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1050 on Wednesday, April 12th. In-The-Wild & Disclosed CVEs CVE-2023-28252 A vulnerability in the Common Log File System (CLFS) Driver has been exploited in-the-wild. CLFS provides a general-purpose logging service to other software via the...

Dealing with the aftermath of ransomware attacks is like Russian roulette. Submitting the ransom might seem like it’s the sole option for recovering locked data . Ransomware also continues to evolve as a threat category within the past year, with old names like REvil rearing their heads and new players like Black Basta emerging in 2022. Malicious actors employ ransomware to extort money (at least...

Today’s VERT Alert addresses Microsoft’s March 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1046 on Wednesday, March 15th. In-The-Wild & Disclosed CVEs CVE-2023-24880 Up first this month is a publicly disclosed and exploited vulnerability impacting Windows SmartScreen. SmartScreen prompts you when running certain files downloaded...

Today’s VERT Alert addresses Microsoft’s February 2023 Security Updates . VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1042 on Wednesday, February 15th. In-The-Wild & Disclosed CVEs CVE-2023-21823 The first vulnerability in the list this week is CVE-2023-21823, a vulnerability in Windows Graphic Component that can allow for code execution leading to...

The healthcare sector has become a popular target for cybercriminals and is one of the most targeted industries by cyber criminals. In 2022, 324 attacks were reported in the first half of the year. As bad actors continue to target the healthcare industry, cybersecurity experts and healthcare administrators should be aware that attacks are frequently impacting smaller companies. These numbers point...