Blog

Blog

750,000 Patients' Medical Records Exposed After Data Breach at French Hospital

When we think about our data being leaked onto the internet, we often picture it as our financial records, our passwords, our names and addresses... what is less often considered is the exposure of our private medical information.A French hospital has found itself in the unenviable position of learning that hackers have gained access to the medical records of over 750,000 patients following a...
Blog

The Role of Security Configuration Management in Achieving Zero Trust Security Architectures

Zero Trust is a network security model that dictates that no one or no system should be trusted by default and that every attempt to access a network or application is a threat.For those who are naturally trusting of others, this concept is difficult to accept. However, distrusting every entity on a network until it has been verified is imperative today. Security Configuration in Zero TrustWhen...
Blog

Essential Security Best Practices for Remote Work

As we continue to embrace remote work, it’s crucial to keep our security practices sharp to protect both company and personal data. With increasing cyber threats, adhering to security best practices helps us safeguard our information and maintain our productivity. Here’s a quick guide to help you stay vigilant and secure while working remotely.Secure Your Home OfficePick a space that is private.Do...
Blog

BEC Cost Citizens Worldwide Over $55bn in Last 10 Years

Business email compromise (BEC) is a sophisticated type of phishing that uses social engineering and deception to obtain access to sensitive accounts, networks, and data. In these attacks, bad actors pose as organization executives to request funds transfers from other members of the organization. Playing on the trust that employees place in executives, this scam demands that the attacker gather...
Blog

The Future of Cybersecurity: Why Vendor Consolidation is the Next Big Trend

The cybersecurity landscape is constantly changing as new technologies and threat trends emerge. Maintaining an effective cybersecurity strategy over time requires updating tools and practices with the evolution of cyberattacks, security capabilities, and business operations. Implementing the best tools for the most pressing issues as they arise has been the predominant tactic for many...
Blog

Identity Fraud and the Cost of Living Crisis: New Challenges for 2024

Fraud is a rampant threat to individuals and organizations worldwide and across all sectors. In order to protect against the dangers of fraud in its many forms, it is vital to stay in the loop on the latest fraud trends and the threat landscape.The Fraudscape 2024 report from Cifas, the UK’s Fraud Prevention Community, is an effort to share this information to help prevent fraud. The report is...
Blog

Cyberbiosecurity: Where Digital Threats Meet Biological Systems

Cyberbiosecurity has emerged as an essential area of interest as the boundaries between the digital and biological sectors continue to blur. With rapid advancements in areas such as artificial intelligence, automation, and synthetic biology, the need for strong cyberbiosecurity protections has grown to safeguard the bioeconomy. As biotechnology evolves, it creates a complex landscape where...
Blog

ShrinkLocker Ransomware: What You Need To Know

What is ShrinkLocker?ShrinkLocker is a family of ransomware that encrypts an organisation's data and demands a ransom payment in order to restore access to their files. It was first identified by security researchers in May 2024, after attacks were observed in Mexico, Indonesia, and Jordan.So far, so normal. What makes it noteworthy?The ShrinkLocker ransomware is unusual because it uses VBScript...
Blog

Exploring the Security Risks of VR and AR

In an era where innovative technologies are emerging left, right, and center, two of the most influential in recent years are experiencing exponential growth. Virtual Reality (VR) and Augmented Reality (AR) are immersive technologies that have now firmly integrated into numerous industries.As these technologies have become more prevalent in our personal and professional lives, they bring with them...
Blog

The Rising Cost of Cybersecurity: How Companies Can Effectively Communicate the Value of Protection

Data shows that financial motivation is a huge incentive for threat actors, which explains the rising prevalence of ransomware and other extortion breaches in the corporate world. In 2023 alone, business email compromise (BEC) complaints received by the FBI amounted to over 2.9 billion. SourceThis situation highlights an uncomfortable truth that has...
Blog

Winter Fuel Payment Scam Targets UK Citizens Via SMS

Scammers have leapt at the opportunity to exploit vulnerable UK residents by sending bogus messages telling them they need to take action to receive help with their winter heating bills. In July, the UK's new Labour Government announced that it was limiting who was eligible for assistance with their winter fuel bills by making eligibility means-tested. The controversial decision appears to have...
Blog

IT Security Terms: Regulations, Standards, Controls, Frameworks, and Policies - Where to Start!?

When tasked with the IT security of an organization, it can be easy to get bogged down in particulars and definitions and lose heart before you’ve even begun. With a plethora of terms to learn, details to secure, and moving parts to keep track of, building an effective cybersecurity strategy is no simple task. It requires a great deal of effort, planning, and coordination.Security is a crucial...
Blog

Creating a Real-Time USB Monitoring Rule for Enhanced Security and Compliance

In today's cybersecurity landscape, controlling access to USB drives is critical, particularly for organizations looking to maintain compliance with regulations like NERC CIP and bolster their security posture. Unauthorized USB usage poses significant risks, from data exfiltration to malware injection. However, restricting USB access entirely isn't always practical. Instead, organizations can...
Blog

A Snapshot of Cyber Threats: Highlights from the ENISA Threat Landscape 2024 Report

Understanding the threats we face is crucial to protecting against them. Industry research and reports are invaluable to this understanding, providing insights to inform mitigation efforts.Few cybersecurity reports are as valuable or comprehensive as the annual ENISA Threat Landscape Report (ETL). Now in its 20th year and published by the European Union Agency for Cybersecurity (ENISA), the ETL...
Blog

How to Integrate FIM with SOAR Platforms

File Integrity Monitoring (FIM) is a key intelligence and audit tool in an advanced security portfolio. While it is a logical component to integrate into your Security Orchestration, Automation, and Response (SOAR) tooling, it’s important to consider your approach to ensure you can gain the most benefits from it.Classify FirstThe sensible starting place for your integration is to consider your FIM...
Blog

Tripwire Patch Priority Index for October 2024

Tripwire's October 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft.First on the list are patches for Microsoft Edge, Office, Excel, and Visio that resolve remote code execution, elevation of privilege, and spoofing vulnerabilities.Next are patches that affect components of the core Windows operating system. These patches resolve over 80 vulnerabilities,...
Blog

Real Estate Fraud is Running Rampant in the US

Real Estate Fraud is Running Rampant in the USReal estate is an area ripe for fraud and scams: transactions usually involve large sums of money, convoluted paperwork, and messaging back and forth. Criminals can use a wide variety of methods to intercept legitimate communications or launch their own scams in order to deceive their targets.This type of fraud is on the rise right now in the United...
Blog

What Is the ISA/IEC 62443 Framework?

Cybersecurity threats to manufacturing and process plants come from a wide range of attack vectors, including supply chain, logistics, enterprise computing, remote connections, operator stations, programmable logic controllers, distributed control systems (DCSs), smart sensors, and new smart devices. Internet of Things (IoT) technologies offer greater connectivity and endless applications, but...
Blog

Strategies for Implementing Effective Threat Detection in IIoT

The industrial Internet of Things (IIoT) is growing rapidly. While that’s good news for businesses in terms of productivity and cost savings, these devices carry unique cybersecurity risks that demand attention. Amid such rising concerns, IIoT threat detection is a must.Why Organizations Need IIoT Threat DetectionIIoT endpoints are inherently risky because of the potential for lateral movement....
Blog

Fraudsters Exploit US General Election Fever, FBI Warns

As the United States of America enters the final days of the race for the White House, the FBI has warned that fraudsters are using the presidential election campaign to scam citizens out of their savings and personal data.According to a public service announcement published by the Internet Crime Complaint Center (IC3), scammers who have previously exploited state and local elections are targeting...