After years of falling behind, the construction industry has realised the importance of its data. Construction-related businesses invested a remarkable 188% more in cybersecurity in 2018–19. Data leaks and cyberattacks have jolted sectors worldwide, affecting everyone. 55% of UK businesses experienced a cyberattack in 2019 alone, and the average...

Follies The Broadway Tower in Worcestershire, England is a famous structure. It's inspiring, beautiful, and at 62 feet high, like other similar buildings, it's a folly. While it looks grand inside and out, it serves no purpose than to be a decoration. It’s all too easy to buy a set of policies and procedures, change the company name and some other...

A 40-year-old man could face up to 10 years in prison, after admitting in a US District Court to sabotaging his former employer's computer systems. Casey K Umetsu, of Honolulu, Hawaii, has pleaded guilty to charges that he deliberately misdirected a financial company's email traffic and prevented customers from reaching its website in a failed...

I’m delighted to share that I will be speaking for the first time at SecTor this year. The talk will be in Theatre 1 at 1:15pm on October 5th. In the session Neither Pointless Nor Boring: Pop It And Lock It Down With CIS Controls, I will be discussing the latest version of CIS Controls. There are 18 Controls in Version 8. We will review these before...

Fleet operations today revolve around data. Telematics systems, connected cars, and similar IoT systems provide fleet managers with a wealth of information, but this connectivity also raises security concerns. As data breach costs reach their highest point in decades, accounting for vulnerabilities in organizations’ data becomes increasingly...

It’s no secret that if nations want to meet the Net Zero emission targets set by international organizations by 2050, there’s a lot of work to be done. In the UK, one of the key initiatives aimed at reducing emissions and increasing energy efficiency is the development of the Smart Grid. What Is the Smart Grid? In 2014, the Department of Energy...

There’s a high chance that you or someone you know has been impacted by email fraud or identity theft. At the very least, you’ve likely received a variety of spam emails and text messages asking to provide a payment or confirm your identity. The good news is that cybersecurity protection is constantly evolving and improving, with cybersecurity...

2022 began with successful ransomware attacks against global IT and digital transformation providers, no thanks to the notorious LAPSUS$ ransomware gang. Often, any discussion about ransomware impact has mostly centered on affected organizations. Rightly so, as victimized organizations usually suffer significant disruption to their operations. In...

Together with the National Cybersecurity Center of Excellence (NCCoE), the National Institute of Standards and Technology (NIST) has released a series of practice guides that focuses on data integrity. Data integrity is the property that records have not been altered in an unauthorized manner. Tripwire is very proud to have contributed and...

Organizations and businesses must use a range of measures, protocols, and tools to protect their databases from cybercriminals. If breached, malicious actors can gain access to sensitive information that they can use for financial gain. Security teams must adapt and constantly improve to protect against ever-evolving security threats, and maintain...

For the record, it should be acknowledged from the start that there is no question that the cybersecurity landscape has improved over time, mostly courtesy of persistent increases in cyber spending year after year. Gartner estimates that the U.S. and the rest of the world will invest $172 billion in cybersecurity this year, up from $150 billion last...

People have become the primary attack vector for cyber attackers around the world. As the Verizon Data Breach Investigations Report 2022 indicates, it is humans rather than technology that now represent the greatest risk to organizations. According to the SANS 2022 Security Awareness Report, the top three security risks that security professionals...

Last year, it was great to be back at SecTor after everything was canceled in 2020. The capacity was reduced, but the Hack Lab was still plenty busy and we loved having everyone come by and visit our table and play with the gear. Even more than that, we were excited to meet up with so many friends that we hadn’t seen since 2019. We’re looking...

Tripwire's August 2022 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority list this month are patches for Microsoft Office, Outlook, and Excel that resolve 4 vulnerabilities, including denial of service, remote code execution, and security feature bypass. Up next are patches that affect...

Modern enterprises will have to work with customer data in one way or another. The COVID-19 pandemic proved that the only businesses that would survive the future were those willing to embrace technology. While technologies such as the Internet of Things, and artificial intelligence have undeniable benefits, they have also presented complications. ...

It is always said that security is never a one-size-fits-all solution. This is true not only because of the apparent infinite varieties of equipment in each individual organization, but also, and perhaps more importantly, the different ways that every organization views security. Some spend lots of time focusing on physical security, especially...

I’m excited to share that I will be speaking at SecTor this year in the tools track. While the SecTor schedule is not yet finalized, I’m currently listed as speaking at 10:15am on October 6th. The talk, The Power of the Pico: Replacing Expensive Toys with the Raspberry Pi Pico, will cover how to use a Raspberry Pi Pico to perform BadUSB attacks....

With the massive increase in mobile device sales worldwide, it is easy to imagine that the number of people using the internet while travelling has also increased significantly in recent years. With this growth in online activity comes a greater risk of becoming a victim of cybercrime. There are a number of steps that travellers can take to protect...

In today’s online landscape, it is crucial for organizations to stay on top of the threats that put their enterprises at risk. Agari and PhishLabs have put together their Quarterly Threat Trends & Intelligence Report detailing their analysis of phishing and social media attacks this quarter. The report presents statistics regarding the volume of...

Millions of dollars have been stolen from healthcare companies after fraudsters gained access to customer accounts and redirected payments. In a newly-published advisory directed at the healthcare payment industry, the FBI warns that cybercriminals are using a cocktail of publicly-available Personally Identifiable Information (PII) and social...