Often, the most critical threats come from within an organization itself. This is true for all sectors, but it is especially true for industrial control systems (ICS). Technicians in these environments already have access to plant controls and may have the deep knowledge of industrial processes needed to achieve specific goals. The damage caused by...

Attacks targeting critical infrastructure have been on the rise in recent years. Back in 2019, for instance, 56% of utility professionals responsible for overseeing risk in their organizations’ operational technology (OT) assets told Siemens and the Ponemon Institute that they experience at least one shutdown or operational data loss event a year....

People make up an important part of an organization’s security posture. That’s because some employees have the rights necessary for accessing sensitive data as well as the privileges for viewing and/or editing critical systems. If those individuals have the right focus and training, they can play a crucial part in keeping those assets safe against...

Tripwire's July 2021 Patch Priority Index (PPI) brings together important vulnerabilities from VMware, Adobe, Oracle, and Microsoft. First on the patch priority list this month are patches for Microsoft Print Spooler (CVE-2021-34527, CVE-2021-1675) and vSphere Client (CVE-2021-21985). Exploits for these vulnerabilities have been recently added to...

More and more companies understand the benefits of cloud computing, which is making their migration to the cloud more rapid. Per IDG’s 2020 Cloud Computing Study, 81% of organizations said that they’ve migrated either one application or a portion of their infrastructure to the cloud. The reasons why a company would shift its services towards the...

A new ransomware gang that calls itself BlackMatter has launched itself on the dark web, and is actively attempting to recruit criminal partners and affiliates to attack large organisations in the United States, UK, Canada, and Australia. As experts at Recorded Future describe, the BlackMatter gang is advertising for "initial access brokers" -...

Scammers target businesses with phishing emails all the time, pretending to be legitimate customers or vendors asking for payment. While any company can be vulnerable to this type of attack, small- to medium-size companies are particularly vulnerable because it is easier for a scammer to do a bit of research online and identify the right people to...

Cloud compliance is more important than ever, especially as businesses and organizations continue to engage in remote and digital work practices due to COVID-19. Even before the pandemic, more and more companies were migrating to the cloud. But what exactly is cloud compliance, and what are some best practices you should keep in mind if you’re...

Faced with rows of empty gas pumps, many Americans on the East Coast may be wondering why this happened, whether it will happen again, or if there is anything we can do to avoid future catastrophe. The unpleasant truth of the matter is that this will certainly not be the last time society is disrupted due to attackers targeting critical industrial...

Organizations can take various steps to protect their operational technology (OT) environments against digital threats. But some stand out more than others. In particular, network segmentation is described as “the first answer to insufficient ICS (Industrial Control System) cybersecurity.” Experts advocate zoning ICS assets to coordinate...

In this blog series, I will be putting the spotlight on useful Ghidra features you may have missed. Each post will look at a different feature and show how it helps you save time and be more effective in your reverse engineering workflows. Ghidra is an incredibly powerful tool, but much of this power comes from knowing how to use it effectively. In...

Jihana Barrett, CEO of Cybrsuite explains the security needs from not just from an enterprise perspective but for day-to-day life. She also tells us about how her organization, Tech Sorority, provides valuable professional support and guidance for women in tech. https://open.spotify.com/episode/5JKIveh41lNDbgan07d1BG?si=mVV1OtHpScydCqLJWqp4aQ&dl...

With the regular and much needed update to critical standards such as HIPAA, auditors and compliance experts need to be continuously on their toes to review and acquaint themselves with these new developments. One of the latest such updates is the Health Information Portability and Accountability (HIPAA) Enforcement rule, which has caused quite a...

Police in Spain have arrested a British man in connection with what many consider the worst hack in Twitter's history. In July 2020, the Twitter accounts of public figures and well-known organisations were compromised, allowing malicious hackers to post tweets to millions of unsuspecting followers. Compromised accounts included those of then...

Data breaches and ransomware attacks aren’t just still occurring. They’re also becoming more frequent. According to ZDNet, the number of ransomware attacks detected and blocked by one security firm grew 715% year-over-year in 2020 alone. Another security company calculated the total number of ransomware attacks for the year to be around 65,000,...

IT/OT convergence is an oft-repeated term, and maybe it's the wrong term. From a technology standpoint, IT/OT convergence has been occurring since at least the 1990s when HMI/Operator Stations began running on Windows and when Ethernet began displacing deterministic custom LAN protocols in the OT realm. This technology convergence has continued...

A bipartisan Senate bill would require some businesses to report data breaches to law enforcement within 24 hours or face financial penalties and the loss of government contracts. The legislation from Senate Intelligence Chair and Democratic Senator Mark Warner with Republican Senators Marco Rubio and Susan Collins is just one of several new...

SIEM (pronounced like “sim” from “simulation”), which stands for Security Information and Event Management, was conceived of as primarily a log aggregation device. However, a SIEM’s primary capabilities are to provide threat detection, better enable incident investigation, and speed up your incident response time, while also giving you a unified,...

On May 12th, the President of the USA, Joe Biden, signed an Executive Order (EO) that would bolster the cyber defences of the USA. The EO is intended to protect against “increasingly sophisticated malicious cyber campaigns that threaten the public sector, the private sector, and ultimately the American people’s security and privacy.” An EO is a...