Blog

Blog

4 Security Controls Keeping Up with the Evolution of IT Environments

The rapid adoption of cloud technology in the past few years has transformed IT environments, enabling unprecedented opportunities for flexibility, scalability, and collaboration. However, this transformation has introduced a potentially dangerous level of complexity into these environments – recent research from PwC revealed that 75% of executives report too much complexity in their organizations...
Blog

The State of Security in 2024: The Fortra Experts Take a Look

At Fortra, we like to encourage a collaborative environment. One of the ways we bring our community together is through our Transformer meetups which aim to provide a positive, energizing, and fun hub for all Fortra employees to learn how to be innovative, get inspired by others, and reach their creative potential.Our most recent meetup was moderated by myself and our panelists were Tyler Reguly,...
Blog

Silent Heists: The Danger of Insider Threats

When thinking about cybersecurity, we envision malicious actors working in dark basements, honing their tools to invent cunning new ways to breach our defenses. While this is a clear and present danger, it's also important to understand that another hazard is lurking much closer to home - the insider threat.These attacks have devastated entities in all sectors, with severe repercussions. These...
Blog

Managing NERC CIP Patching Process With Tripwire Enterprise and Tripwire State Analyzer

One of the hardest parts of managing an organization’s cybersecurity is patch management.Just as one patch cycle is completed, another set of patches are released. When compounded with the highly regulated energy industry, governed by the NERC CIP Standards, the task becomes even more daunting. Fortunately, Fortra’s Tripwire Enterprise (TE) and Tripwire State Analyzer (TSA) can ease the process...
Blog

CIS Control 08: Audit Log Management

Audit logs provide a rich source of data critical to preventing, detecting, understanding, and minimizing the impact of network or data compromise in a timely manner.Collection logs and regular reviews are useful for identifying baselines, establishing operational trends, and detecting abnormalities. In some cases, logging may be the only evidence of a successful attack.CIS Control 8 emphasizes...
Blog

How the Cyber Essentials Certification Can Help Your Business

Cybersecurity is a vital concern for organisations, but many security strategies fall short: recent research shows that 44% of UK companies are lacking in basic cybersecurity skills. The consequences of poor security go far beyond the direct impacts of cyberattacks, and the benefits of effective security are numerous as well. Unfortunately, it can be extremely complicated and difficult to cover...
Blog

London’s CNI is Under Threat

London is one of the smartest and most interconnected cities in the world. Digital infrastructure plays a role in almost every facet of society, streamlining public transport, improving healthcare provision, boosting sustainability, and more.However, this reliance on technology has left London’s critical national infrastructure (CNI) perilously vulnerable to digital attacks. As geopolitical...
Blog

Digital Threats, Real Losses: Cyber Risks to Retail Operations

The success of retailers depends on being able to offer consumers what they want. That means, for example, stocking Halloween costumes in October, turkeys in November, and Christmas decorations in December. Cybercriminals are all too aware of this fact and more than willing to capitalize on it, typically for financial gain or to cause disruption.The holiday season is the busiest time of year for...
Blog

What’s the Difference Between DSPM, CSPM, and CIEM?

DSPM, CSPM, and CIEM are more than just a mouthful of acronyms. They are some of today’s most sophisticated tools for managing data security in the cloud.While they are all distinct entities and go about protecting data in different ways, the fact that they all seem to do very much the same thing can lead to a lot of confusion. This, in turn, can sell each of these unique solutions short – after...
Blog

The Top 10 State of Security Blog Posts From 2024

As we approach the end of another exciting year in the world of cybersecurity, it's the perfect time to reflect on the stories, insights, and guidance that resonated most with our readers.2024 brought new challenges and opportunities with the rapid adoption of AI, evolving ransomware tactics, and an increased focus on proactive security measures. These trends shaped the conversations on Fortra’s...
Blog

27 DDoS-For-Hire Services Disrupted In Run-Up To Holiday Season

In a co-ordinated international effort, the law enforcement agencies of 15 countries have made the holiday season a little less stressful for companies and consumers - by seizing control of some of the internet's most popular DDoS-for-hire services.Operation PowerOFF has disrupted what was anticipated to be a surge of distributed denial-of-service (DDoS) attacks over the Christmas period by taking...
Blog

CIS Control 09: Email and Web Browser Protections

Web browsers and email clients are used to interact with external and internal assets. Both applications can be used as a point of entry within an organization. Users of these applications can be manipulated using social engineering attacks. A successful social engineering attack needs to convince users to interact with malicious content. A successful attack could give an attacker an entry point...
Blog

VERT Threat Alert: December 2024 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s December 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1136 as soon as coverage is completed. In-The-Wild & Disclosed CVEsCVE-2024-49138The only vulnerability that has been publicly disclosed and exploited this month is CVE-2024-49138, a vulnerability in the Windows Common Log File System...
Blog

3AM Ransomware: What You Need To Know

What is 3AM?3AM (also known as ThreeAM) is a ransomware group that first emerged in late 2023. Like other ransomware threats, 3AM exfiltrates victims' data (threatening to release it publicly unless a ransom is paid) and encrypts the copies left on targeted organisations' computer systems.So it's the normal story with ransomware - exfiltrate, encrypt, extort?Pretty much - but there are some...
Blog

Maximizing Security Data in Splunk with Tripwire’s New App

In today’s data-driven world, collecting information is just the beginning. The real value lies in transforming raw data into actionable insights that drive decisions. For enterprise security, this means making data not only accessible but also organized, relevant, and easy to analyze.Splunk is a powerful tool for analyzing large volumes of data and is widely used to support security operations....
Blog

Steps for Successful Vulnerability Management: Lessons from the Pitch

When I was younger, I played a variety of team sports and enjoyed competing against opponents with my teammates. Winning was always a matter of applying sound tactics and strategy, attacking and defending well and using a blend of skill, talent and luck.Now that I'm older, I watch more than I play, and I'm able to appreciate the many lessons team sports teach, especially at the professional level....
Blog

8 Emerging Cybersecurity Scams And Their Implications For The Future

Technological advances usually lead to a brighter future. While that may be true, these developments could also be used to refine and increase cybersecurity scams. Attackers do not care about who they target as long as they get people's and establishments' information and credentials. Cybersecurity professionals must be aware of the current scams plaguing the digital world and how to combat them....
Blog

Understanding the EU Cyber Resilience Act: A New Era for Digital Product Security

Cyber resilience is a constant topic of concern in technology and cybersecurity, as it approaches security from the standpoint of assuming that attacks are inevitable rather than solely attempting to prevent them. Layered cybersecurity is crucial to ensure comprehensive defense against a wide range of threats. Cyber resilience has long been a necessity for hardware and software components, but...
Blog

Money-Laundering Network Linked To Drugs and Ransomware Disrupted

The UK's National Crime Agency (NCA) has revealed details of Operation Destabilise, a years-long international law enforcement investigation into a giant Russian money laundering enterprise that handled billions of dollars for drug traffickers and ransomware gangs worldwide. The multi-billion dollar Smart and TGR networks are said to have used a complex system of cash handovers and cryptocurrency...
Blog

Tech Support Scams Exploit Google Ads to Target Users

It's not a new technique, but that doesn't mean that cybercriminals cannot make rich rewards from SEO poisoning. SEO poisoning is the dark art of manipulating search engines to ensure that malware-laced adverts and dangerous websites appear high on users' results - often impersonating legitimate businesses and organisations. But the simplest way of all to get a malicious website in front of a...