Blog

Blog

Being Cybersmart is Always in Style

In 2022, the Security team at Microsoft published a cybersecurity awareness campaign named “#BeCyberSmart”. Even though that was two years ago, the same best practices still apply. Cybersecurity is an important part of our daily lives and can enable us to accomplish more while keeping our data and identity protected. Be CyberSmart Security starts...
Blog

The Impact of NIST SP 800-171 on SMBs

From more broad laws like GDPR to industry-specific regulations like HIPAA, most organizations today must comply with some kind of data protection guideline. Some businesses may even have to comply with numerous data protection regulations. As such, compliance with data protection regulations has become increasingly complicated. National Institute...
Blog

Ensuring Privacy in the Age of AI: Exploring Solutions for Data Security and Anonymity in AI

With the widespread use of AI technology, numerous AI models gather and process vast amounts of data, much of which comprises personal information utilized to offer personalized experiences. However, this abundance of data poses inherent risks, particularly in terms of privacy and security. As AI systems become more sophisticated, the potential for...
Blog

Vulnerability Scanning vs. Penetration Testing

In the modern digital landscape, cybersecurity is paramount, making the differentiation between vulnerability scanning and penetration testing essential for safeguarding organizational assets. Vulnerability scanning offers a broad sweep for potential security weaknesses, serving as an early warning system. Penetration testing takes a more targeted...
Blog

Tripwire Patch Priority Index for April 2024

Tripwire's April 2024 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. Firsts on the list are patches for Microsoft Edge (Chromium-based) and Chromium that resolve 2 spoofing vulnerabilities. Next on the patch priority list this month is a patch for Microsoft Office and Excel that resolves spoofing and remote...
Blog

Cybersecurity: The Battle of Wits

With cybersecurity, the digital battlegrounds stretch across the vast expanse of the internet. On the one side, we have increasingly sophisticated and cunning adversaries. On the other, skilled cybersecurity practitioners who are desperate to protect their companies’ assets at all costs. One fundamental truth rings clear: it’s an ongoing and...
Blog

Defending Against Supply Chain Spoofing in Critical Manufacturing

Supply chain attacks are a serious and growing threat to businesses across all industries. However, these attacks pose an even greater risk for manufacturers in critical infrastructure sectors. One pernicious form of supply chain attack is spoofing, where attackers impersonate legitimate suppliers to sneak malicious code or components into products...
Blog

DMARC - The Next Step in Email Hygiene and Security

In 1971, Ray Tomlison developed the first email service while working at The Defense Advanced Research Projects Agency (DARPA). This development changed how we communicated. However, even though this was an exceptional tool, it was not very user-friendly, requiring users to have specific software installed on their computers. In 1996, Sabeer...
Blog

Machines vs Minds: The Power of Human Ingenuity Against Cyber Threats

Most people remember the iconic movie Terminator, in which the cyborg T-800 was dispatched back in time from the year 2029 with the mission to eliminate Sarah Connor. She was destined to give birth to the future leader of the human resistance against machines, thus threatening their dominance. If Sarah were killed, humanity's fate would be sealed,...
Blog

10 Database Security Best Practices You Should Know

Statista shows a near doubling of data compromises between last year (3,205) and the year before (1,802). Cybercriminals go where the data goes, and there is more need than ever for effective database security measures. These tactics differ from network security practices, which rely heavily on software solutions and even employee best practices....
Blog

"Junk gun" ransomware: the cheap new threat to small businesses

What's going on? A wave of cheap, crude, amateurish ransomware has been spotted on the dark web - and although it may not make as many headlines as LockBit, Rhysida, and BlackSuit, it still presents a serious threat to organizations. What's "junk gun" ransomware? It's a name coined by Sophos researchers for unsophisticated ransomware that is...
Blog

UK IT Leaders Are Prioritizing Cybersecurity: But Is This a Good Thing?

Tech leaders taking cybersecurity seriously is something of a double-edged sword. While it’s undoubtedly good that organizations are waking up to the genuine threat cyberattacks pose, it’s depressing that they must siphon off so many resources to protect themselves rather than using them for growth and innovation. A recent survey of UK technology...
Blog

"All for One and One for All": The EU Cyber Solidarity Act Strengthens Digital Defenses

Alexandre Dumas's timeless novel "The Three Musketeers" immortalized the ideal of unyielding solidarity, the enduring motto "All for one and one for all." In the face of ever-evolving threats in the digital realm, the European Union echoes this spirit with its landmark Cyber Solidarity Act. This new legislation recognizes that collective defense is...
Blog

Enhancing Endpoint Security with Advanced Host-Based Intrusion Detection Capabilities

In 2023, companies lost about $4.45 million on average because of data breaches. As cyber threats advance, securing endpoints is more important than ever. An advanced Host-based Intrusion Detection System (HIDS) provides a sturdy remedy to improve endpoint security. By monitoring and examining system responses and device status, HIDS identifies and...
Blog

37 Arrested as Police Smash LabHost International Fraud Network

Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide. A major international operation, led by the UK's Metropolitan Police, has seized control of LabHost, which has been helping cybercriminals create phishing websites since 2021 to steal sensitive information...
Blog

Supply Chain Cybersecurity – the importance of everyone

I’m always surprised – and a little disappointed – at how far we have to go before supply chain cybersecurity gets the respect and attention it deserves. I sat down this week with a new client who wanted some help addressing several internal issues surrounding their IT systems. When I asked them about their relationship with the supplier –...
Blog

SCM and NERC: What You Need to Know

Security configurations are an often ignored but essential factor in any organization’s security posture: any tool, program, or solution can be vulnerable to cyberattacks or other security incidents if the settings are not configured correctly. Staying on top of all of these security configurations can be a daunting responsibility for security or...
Blog

Casting a Cybersecurity Net to Secure Generative AI in Manufacturing

Generative AI has exploded in popularity across many industries. While this technology has many benefits, it also raises some unique cybersecurity concerns. Securing AI must be a top priority for organizations as they rush to implement these tools. The use of generative AI in manufacturing poses particular challenges. Over one-third of...