It’s no secret that if nations want to meet the Net Zero emission targets set by international organizations by 2050, there’s a lot of work to be done. In the UK, one of the key initiatives aimed at reducing emissions and increasing energy efficiency is the development of the Smart Grid. What Is the Smart Grid? In 2014, the Department of Energy...

Together with the National Cybersecurity Center of Excellence (NCCoE), the National Institute of Standards and Technology (NIST) has released a series of practice guides that focuses on data integrity. Data integrity is the property that records have not been altered in an unauthorized manner. Tripwire is very proud to have contributed and...

For the record, it should be acknowledged from the start that there is no question that the cybersecurity landscape has improved over time, mostly courtesy of persistent increases in cyber spending year after year. Gartner estimates that the U.S. and the rest of the world will invest $172 billion in cybersecurity this year, up from $150 billion last...

Tripwire's August 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.First on the patch priority list this month are patches for Microsoft Office, Outlook, and Excel that resolve 4 vulnerabilities, including denial of service, remote code execution, and security feature bypass.Up next are patches that affect...

Modern enterprises will have to work with customer data in one way or another. The COVID-19 pandemic proved that the only businesses that would survive the future were those willing to embrace technology. While technologies such as the Internet of Things, and artificial intelligence have undeniable benefits, they have also presented complications. ...

I’m excited to share that I will be speaking at SecTor this year in the tools track. While the SecTor schedule is not yet finalized, I’m currently listed as speaking at 10:15am on October 6th. The talk, The Power of the Pico: Replacing Expensive Toys with the Raspberry Pi Pico, will cover how to use a Raspberry Pi Pico to perform BadUSB attacks....

Millions of dollars have been stolen from healthcare companies after fraudsters gained access to customer accounts and redirected payments. In a newly-published advisory directed at the healthcare payment industry, the FBI warns that cybercriminals are using a cocktail of publicly-available Personally Identifiable Information (PII) and social...

In an increasingly digital world, cybersecurity is a significant - and relevant - threat to individuals and companies alike. Cybercriminals are constantly devising new ways to steal information for personal gain through exploitation or ransom demands. It’s become unfortunately commonplace to hear tales of drained checking accounts, leaked photos,...

Today’s VERT Alert addresses Microsoft’s September 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1021 on Wednesday, September 14th. In-The-Wild & Disclosed CVEs CVE-2022-23960 The first disclosed vulnerability this month is Spectre-BHB that is discussed in great detail on arm...

It is hard to believe, but ransomware is more than three decades old. While many would think that the ransomware mayhem started with the WannaCry attack of 2017, that is simply the most publicized example. Since then, dozens of ransomware strains have been utilized in a variety of cyberattacks. According to a PhishLabs report, by Fortra,...

The world is becoming a smaller place. The prospect of working in another country becomes increasingly realistic and even promising as businesses migrate toward the cloud and collaborate more closely with international partners. Amid this shift, cybersecurity professionals may wonder if they can work abroad. Cybersecurity is a worldwide concern,...

The biggest cyber security threat that businesses have to tackle is much closer than you’d think. Verizon’s 2022 Data Breach Investigations report – found human error to be a key driver in 82% of breaches, which is why it is crucial for businesses to address cyber security awareness in the workplace and ensure that employees are equipped with the...

With Cyber Security Awareness month fast approaching, information security professionals and data protection managers will be looking at how to secure board-level buy-in for company-wide cybersecurity awareness campaigns. Often, this is the biggest hurdle for any cyber awareness campaign as senior leadership weighs the costs and benefits of...

In the context of hybrid work, the threat of data loss is rampant. Cybersecurity systems that were once designed to operate within the confines of a network perimeter have become obsolete, with employees using various devices, networks, and applications to get their work done. As such, it’s easier than ever for companies to be vulnerable to the loss...

This year marks the eighth edition of the popular IBM i Marketplace Survey Results. Each year, Fortra collects data about how companies utilize the IBM i platform and the IT enterprises it helps. Year after year, the survey has started to demonstrate long-term directions that provide useful information about the future of this entrusted technology. ...

During the last few years, we have witnessed an increase in advanced cyber attacks. Cybercriminals utilize advanced technology to breach the digital boundary and exploit enterprises' security vulnerabilities. No industry feels secure; security professionals do their utmost to close security gaps and strengthen their cyber defense. As new...

The aviation safety sector is the study and practice of managing aviation risks. It is a solid concentration of regulations, legal documents, investigations of accidents and near-miss aviation incidents. On top of them lie lessons learned and shared knowledge; reports, facts and stats forming a cognitive super vitamin, that the aviation community...

Tripwire's July 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft and Adobe. First on the patch priority list this month are patches that resolve 2 vulnerabilities in Edge. Next is a patch that resolves a security feature bypass vulnerability in Office. Up next are patches for Adobe Reader and Acrobat that...

Oftentimes, three-letter acronyms trend and become buzzwords. At other times, they act as catalysts by influencing the business environment in which an organization operates. Such acronyms include CSR (corporate social responsibility), GRC (governance, risk, and compliance), and the most recent one, ESG (environmental, social, and governance). These...

The Center for Internet Security’s Critical Security Controls has become an industry standard set of controls for securing the enterprise. Now on version 8, the original 20 controls are down to 18 with several sub controls added. The first six basic controls can prevent 85 percent of the most common cyber attacks, and even though the controls have...