Resources

How Can OEMs Reduce Their Risk of Cyberattacks?
Blog

How Can OEMs Reduce Their Risk of Cyberattacks?

By Tripwire Guest Authors on Tue, 05/24/2022
Many modern businesses in almost every sector of the economy are adopting the latest technologies for greater connectivity and efficiency. However, while many of these technologies offer myriad benefits, they can also create new cybersecurity vulnerabilities. While much of the focus has remained on manufacturers and how they can bolster their...
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 16, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 16, 2022

By Andrew Swoboda on Mon, 05/23/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 16, 2022. I’ve also included some comments on these stories. Watch Out! Hackers Begin Exploiting Recent Zyxel...
Vulnerability & Risk Management
VERT Research
Regulatory Compliance in the Cloud: What you Need to Know 
Blog

Regulatory Compliance in the Cloud: What you Need to Know 

By Chris Hudson on Mon, 05/23/2022
Anyone reading this post will have at least dipped their toes into the world of cloud services. As a result of this massive growth, the world of compliance has spent much of the last decade catching up with the implications of cloud services. For hosted infrastructure, “catching up” presents an interesting set of challenges since cloud managed...
#TripwireBookClub – Go H*ck Yourself
Blog

#TripwireBookClub – Go H*ck Yourself

By Tyler Reguly on Sun, 05/22/2022
After a busy start to the year, we were finally able to settle down and take a look at a new book. This time around, we’re looking at Go H*ck Yourself: A Simple Introduction to Cyber Attacks and Defense by Bryson Payne. The No Starch Press page describes the book as “an eye-opening, hands-on introduction to the world of hacking, from an award...
Case Study

Tripwire Helps Girl Scouts 'Be Prepared' to Meet Growing Security Needs

The Girl Scouts of the USA was founded in 1912 to empower girls and teach values by encouraging participation in a wide variety of new activities. The instantly recognizable motto of “Be Prepared” extends across every aspect of the organization, including its change and compliance management strategies. We don’t approach compliance as an isolated event or as a necessity at the time of an audit...
Phishing gang that stole over 400,000 Euros busted in Spain
Blog

Phishing gang that stole over 400,000 Euros busted in Spain

By Graham Cluley on Thu, 05/19/2022
Spanish police say that they have dismantled a phishing gang operating across the country, following the arrest of 13 people and the announcement that they are investigating a further seven suspects. According to police, the phishing ring defrauded some 146 victims, stealing at least 443,600 Euros from online bank accounts. Victims were tricked...
Malicious hackers are finding it too easy to achieve their initial access
Blog

Malicious hackers are finding it too easy to achieve their initial access

By Graham Cluley on Thu, 05/19/2022
It should be hard for malicious hackers to break into systems, but all too often it isn't. That's a takeaway from a joint cybersecurity advisory issued by the Cybersecurity and Infrastructure Security Agency (CISA), the NSA and FBI, and their counterparts in Canada, New Zealand, the Netherlands, and United Kingdom. The advisory, which is titled ...
Your social media account hasn’t been hacked, it’s been cloned!
Blog

Your social media account hasn’t been hacked, it’s been cloned!

By Tyler Reguly on Tue, 05/17/2022
A recent Facebook post from a family member made me realize that I needed to write about an overused term. A term, that when used, causes chaos and concern. I don’t blame the family member for using it, I’ve seen it used hundreds of times over the past few years and I’ve seen IT and cybersecurity professionals respond without correcting, even, on...
Adding visibility to the invisible: securing your automated systems
Blog

Adding visibility to the invisible: securing your automated systems

By Irfahn Khimji on Mon, 05/16/2022
Have you ever dined in a restaurant with a police officer? When choosing a table, or seating location, law enforcement professionals will often choose the seat that positions them with their back to the wall. This plays out quite humorously when a group of law enforcement professionals dine together, all racing toward that coveted “protected”...
2022 Q1 Privacy Update — A new year sparks new initiatives
Blog

2022 Q1 Privacy Update — A new year sparks new initiatives

By Tripwire Guest Authors on Mon, 05/16/2022
The first months of 2022 began slowly for privacy, but by the end of the first quarter we had our marching orders for the rest of the year. In the U.S., we saw an explosion of state privacy bills being put forward (again), the Senate utilized a seldom used maneuver to push President Biden’s Federal Trade Commission nominee through to confirmation,...
VERT Threat Alert: June 2022 Patch Tuesday Analysis
Blog

VERT Threat Alert: May 2022 Patch Tuesday Analysis

By Tyler Reguly on Tue, 05/10/2022
Today’s VERT Alert addresses Microsoft’s May 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1002 on Wednesday, May 11th. CVE-2022-26925 In-The-Wild & Disclosed CVEs Based on Microsoft’s limited documentation, this appears to be a resurgence and/or improved version of PetitPotam. This...
Vulnerability & Risk Management
VERT Research
Building a Strong Business Case for Security and Compliance
Blog

Building a Strong Business Case for Security and Compliance

By Fortra Staff on Mon, 05/09/2022
Compliance is a key part of any organisation and in business terms, it is about ensuring companies of all sizes and their employees comply with existing national and international laws. In the UK the Companies Act 2006 is the main legislation that forms the primary source of company law and businesses of all sizes must ensure they adhere to it to...
Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 2, 2022
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of May 2, 2022

By Editorial Staff on Mon, 05/09/2022
All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of May 2, 2022. I’ve also included some comments on these stories. Microsoft Azure Vulnerability Exposes PostgreSQL Databases...
Vulnerability & Risk Management
VERT Research
The main security challenges when adopting cloud services
Blog

The main security challenges when adopting cloud services

By Tripwire Guest Authors on Sun, 05/08/2022
The popularity of cloud services has increased exponentially in recent years. The prospects of saving on capital and operational expenditures have been significant driving forces in influencing companies to adopt cloud services. Scalability and elasticity are also key drivers that encourage companies to move to the cloud. However, moving to the...
5 Potential Solutions to the Cybersecurity Talent Shortage
Blog

5 Potential Solutions to the Cybersecurity Talent Shortage

By Tripwire Guest Authors on Sun, 05/08/2022
The most relevant cybersecurity threat to most businesses may be human, not technical. A sudden wave of cybercrime paired with longstanding tech labor challenges has created a cybersecurity skills gap, leaving companies without the expertise they need.Some companies lack dedicated security staff entirely, while others have a small, overworked...
World Password Day is Dead. Long Live World Password Day!
Blog

World Password Day is Dead. Long Live World Password Day!

By Former Tripwire Employee on Wed, 05/04/2022
In 2002 I sat in a local bookstore in Jackson Hole, WY that offered a few Internet-connected computers for hourly use. After chatting with the owner and petting the resident store dog, I took a few guesses at the password protecting these computers. It took me maybe 10 attempts. It was, of course, some variation of the dog’s name. While this is a...