Resources

money-scam
Blog

Tech support scammers trick victims into old-school offline money transfer

By Graham Cluley on Thu, 07/20/2023
We're all familiar with tech support scams - where the unwary are tricked into granting remote access to their computers by fraudsters, in the belief that the "tech support person" will fix a non-existent "problem" (such as a "virus infection") or make a refund after claiming that there has been fraudulent activity detected on an account. It's not...
Cybersecurity
three-reasons-why-business-security-starts-with-employee-education
Blog

Three Reasons Why Business Security Starts with Employee Education

By Tripwire Guest Authors on Thu, 07/20/2023
Human error is a major contributing factor to company data breaches. More than 340 million people may already have been affected by a data breach in the first four months of 2023. With cybercrime rates soaring around the world, it’s clearly an area where investment and expertise are required. While updating laptops with the latest antimalware...
Vulnerability & Risk Management
Cybersecurity
why-integrity-is-vital-to-your-corporate-infrastructure
Blog

Why Integrity is Vital to Your Corporate Infrastructure

By David Henderson on Wed, 07/19/2023
Not too long ago, I watched an automobile commercial on television in which the manufacturer placed a huge emphasis on integrity, going on to define the lines of the automobile. I was impressed by this advertisement, so much so that I started looking at all vehicles in a new way. I would walk around the vehicle and look to ensure the spaces between...
Using-MFT-to-Solve-Your-Cloud-Data-Challenges-5-Key-Takeaways-bw
Blog

Using MFT to Solve Your Cloud Data Challenges: 5 Key Takeaways

By Tripwire Guest Authors on Wed, 07/19/2023
As business operations evolve, the challenge of securely moving data within the cloud is one of elevated concern. Transferring sensitive information to it is another. Many are caught between what worked in on-prem technologies and what is needed in cloud-based architectures. Others have sidestepped the security challenges by implementing a Managed...
Cybersecurity
File Integrity & Change Monitoring
learning-from-the-playground-the-original-soc
Blog

Learning from the Playground: The Original SOC

By Chris Hudson on Tue, 07/18/2023
Cybersecurity professionals seem to always be in the mode of learning. For me, this involves a lot of online training. With all that's available, it is easy to become immersed in a topic. Every so often, during a course, I'll look back to my early experiences in learning and consider how different things are. Yet many things seem to also remain the...
reviewing-remote-work-security-best-practices
Blog

Reviewing Remote Work Security: Best Practices

By Fortra Staff on Tue, 07/18/2023
Remote work has shifted the mindset away from the old style of employment, showing up to the office every day. However, it seems that more businesses are starting to grab back some of the traditional practice of showing up to the office. The timing is probably helping, as the northern hemisphere is starting to warm up, making the commute to an...
Vulnerability & Risk Management
Cybersecurity
what-we-learned-from-the-2023-pen-testing-report
Blog

What We Learned from the 2023 Pen Testing Report

By Katrina Thompson on Mon, 07/17/2023
Fortra’s Core Security recently released its 2023 Pen Testing Report, and there’s plenty to see. In this year’s report, IT decision-makers can learn what their peers are saying about why they pen test, how often they pen test, and whether or not they’re pen testing in-house, among other topics. Each year, Core Security collects and produces some...
Vulnerability & Risk Management
Cybersecurity
Product Video

Take a Tour of Tripwire Enterprise

Fri, 07/14/2023
Data is critical for cybersecurity, and data gaps in your assets, vulnerabilities, and ecosystem status can have catastrophic consequences. Fortra's Tripwire is built to give you the deep visibility, insight, and fast prioritization you need to not only continuously maintain your compliance, but drive profoundly enhanced security. As a powerful file and system integrity monitoring solution,...
water treatment
Blog

Former contractor accused of remotely accessing town's water treatment facility

By Graham Cluley on Fri, 07/14/2023
A federal grand jury has indicted a former employee of a contractor operating a California town's wastewater treatment facility, alleging that he remotely turned off critical systems and could have endangered public health and safety. 53-year-old Rambler Gallor of Tracy, California, held a full-time position at a Massachusetts company that was...
Cybersecurity
Industrial Control Systems
an-introduction-to-the-benefits-and-risks-of-packet-sniffing
Blog

An introduction to the benefits and risks of Packet Sniffing

By Tripwire Guest Authors on Thu, 07/13/2023
With the evolution of technology, network activities have increased excessively. Many day-to-day tasks are intertwined with the internet to function. On one level of the infamous OSI model, the data exchanged between devices is broken down into smaller units and transmitted in the network in the form of packets. These packets contain information that is useful for investigators and network...
the-value-of-vulnerability-management
Blog

The Value of Vulnerability Management

By Tyler Reguly on Wed, 07/12/2023
There’s nothing that makes you feel older than realizing how much of your life you have dedicated to a single topic. At what point do you consider yourself an expert? After more than 17 years in vulnerability management, I’m starting to come around to the idea that I might be an expert in the field. Although, the main reason I feel that way is...
Vulnerability & Risk Management
What to Expect When Seeking Cybersecurity Insurance-KA
Blog

What to Expect When Seeking Cybersecurity Insurance

By Antonio Sanchez on Wed, 07/12/2023
Cybersecurity liability insurance has progressed dramatically since the first bona fide policies emerged in the late 1990s. Some of the greatest changes that have occurred in recent years include insurance companies no longer insuring against state-sponsored attacks or ransomware events. The insurers do not want to become part of a cyber-war. In...
Cybersecurity
Tripwire VERT Security Update
Blog

VERT Threat Alert: July 2023 Patch Tuesday Analysis

By Tyler Reguly on Tue, 07/11/2023
Today’s VERT Alert addresses Microsoft’s July 2023 Security Updates, which include a new release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1064 on Wednesday, July 12th. In-The-Wild & Disclosed CVEs CVE-2023-32046 A vulnerability in MSHTML could allow an attacker to execute code in the...
Vulnerability & Risk Management
VERT Research
how-the-nis2-directive-will-impact-you
Blog

How the NIS2 Directive Will Impact You

By Gary Hibberd on Tue, 07/11/2023
Have you heard of the NIS Directive? The full name is quite a mouthful, "DIRECTIVE (EU) 2022/2555 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 14 December 2022 on measures for a high common level of cybersecurity across the Union". The informal name has been shortened to the Network and Information Security (NIS) Directive. The aim of the...
Cybersecurity
Compliance
The Top 10 Highest Paying Jobs in Information Security – Part 1
Blog

The Top 10 Highest Paying Jobs in Cybersecurity – Part 2

By Katrina Thompson on Mon, 07/10/2023
It’s no secret that we’re (still) in an international cyber talent crisis, and that skilled workers are in high demand. We conducted research into the top ten highest paying jobs in cybersecurity to find out just what kind of opportunities awaited those who entered the field. Here are the types of jobs companies are willing to pay (the most) for...
Cybersecurity
the-thin-line-between-user-behavioral-analytics-and-privacy-violation
Blog

The Thin Line Between User Behavioral Analytics and Privacy Violation

By Josh Breaker-Rolfe on Mon, 07/10/2023
Technology has supercharged marketing. The vast data at marketers' disposal provides unparalleled insight into what customers want, why they want it, and how they use products and services. Behavioral analytics benefits businesses and consumers; it allows companies to drive sales and increase conversion rates while providing customers services...
Cybersecurity
Free Akira ransomware decryptor released for victims who wish to recover their data without paying extortionists
Blog

Decryption tool for Akira ransomware available for free

By Graham Cluley on Thu, 07/06/2023
There's good news for any business which has fallen victim to the Akira ransomware. Security researchers at anti-virus company Avast have developed a free decryption tool for files that have been encrypted since the Akira ransomware first emerged in March 2023. The ransomware has been blamed for a number of high profile attacks - including ones...
Cybersecurity
12 Essential Tips for Keeping Your Email Safe
Blog

12 Essential Tips for Keeping Your Email Safe

By Katrina Thompson on Thu, 07/06/2023
Hey, did you get that sketchy email? You know, the one from that malicious hacker always trying to fool us into clicking on some malware? Boy, these criminals are relentless. Wait, what? You clicked on it? Uh-oh... A hypothetical scenario, but one that plays out every day in organizations across the globe. The truth is that it is a very real...
Guide

How Managed Services Can Help With Cybersecurity Compliance

Organizations are often overburdened with managing complex tools to handle their most important compliance responsibilities, and in many cases lack the internal headcount to manage those tools with highly-trained expertise. Managed services can solve your security staffing and resource challenges by arming your team with security expertise to maintain optimal compliance. Managed service providers...
Compliance
CIS Controls
FISMA
GDPR
HIPAA
NERC CIP
NIST
PCI DSS
SOX