Blog

Blog

EPP/EDR: What Is It and How Can It Help to Keep Your Organization Safe?

Endpoint devices played a big part in malware and ransomware attacks in 2021. According to a study covered by Help Net Security, security researchers detected more malware and ransomware endpoint infections in the first nine months of the year than they did for all of 2020. Attack scripts leveraging PowerSploit, PowerWare, and other tools were...
Blog

To Governance and Beyond: Cybersecurity as a Journey

How often have you heard someone say "Cybersecurity is complicated!"? If you're a practitioner in the cybersecurity industry you'll have heard these words often, probably along with "…and it's really boring too!" Complex, not complicated Let's start with the first statement. In truth, cybersecurity is a complex topic, but that doesn't mean it...
Blog

Healthcare Providers Need to Increase Budgets for Cybersecurity

The past few years have emphasized just how important cybersecurity is. As cybercrime reached record heights and more companies went digital, industries realized their current security efforts fell short. Healthcare is a prime example. The medical sector has had the second highest number of data breaches of any industry for more than five years....
Blog

Texas SB 820 Advances K-12 Cybersecurity Despite Limitations

Like many organizations, K-12 schools adapted to COVID-19 by accelerating their digital transformation journeys. And like everyone else who followed this path, they invited unwanted attention from digital criminals in the process. In December 2020, for instance, the U.S. Cybersecurity & Infrastructure Security Agency (CISA) issued a joint alert...
Blog

Ragnar Locker ransomware - what you need to know

What is this Ragnar Locker thing I’ve heard about? Ragnar Locker is a family of ransomware, which first came to prominence in early 2020 when it became notorious for hitting large organisations, attempting to extort large amounts of cryptocurrency from its victims. So just your bunch of cybercriminals then? Yes, although on their underground...
Blog

Building Cyber Resilience in a heightened alert environment

There has been a lot of talk about cyber weapons and the cyber dimension of global politics after the NotPetya and WannaCry attacks of 2017 and the Stuxnet worm, first discovered in 2010, when it was used to attack the control mechanisms of Iran’s uranium enriching centrifuges. Professor Ciaran Martin CB, former CEO of the UK National Cyber...
Blog

VERT Threat Alert: March 2022 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s March 2022 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-989 on Wednesday, March 9th. In-The-Wild & Disclosed CVEs CVE-2022-21990 CVE-2022-21990 describes a code execution vulnerability within Remote Desktop Client. The vulnerability requires that...
Blog

The Five Stages of File Integrity Monitoring (FIM)

The benefits of a capable and properly deployed File Integrity Monitoring (FIM) solution are plentiful: If you see unexpected or unexplained file changes, you can investigate immediately and resolve the issue quickly if your system has been compromised. You can reconcile changes against change tickets or a list of approved changes in a text file...
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of February 28, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of February 28, 2022. I’ve also included some comments on these stories. High-Severity Flaws Discovered in Schneider, GE...
Blog

What Is CPS 234 and Who Needs to Comply with It?

In November 2018, the Australian Prudential Regulation Authority (APRA) released the Prudential Standard CPS 234 in direct response to the escalating attack landscape in the financial sector. APRA has understood these threats to be the direct result of banking services moving to more complex and heavily used digital platforms. The new Standard...
Blog

OT Cybersecurity Concerns Are Increasing Across the Globe

2021 was the year that marked a major cyber-attack against a critical national infrastructure organization whose impact was felt by millions of Americans on the East Coast. However, the attack against the Colonial Pipeline Company was not the only incident that affected the Operational Technology (OT) systems of a critical sector for the U.S....
Blog

Regulating a Nation’s Information Security Workforce

In a previous article, I examined Australia’s proposed Security Legislation Amendment (Critical Infrastructure) Bill 2020. This information security overhaul imposes strict reporting requirements for enterprises as well as affords the Australian government unprecedented and far-reaching powers that enables them to intervene in the operation of an...
Blog

How to Stimulate Organizations' Security Awareness Training Programs

We all know how important security awareness training is for an organization. Moreover, we try to enhance our efforts by weaving security into the "culture” of the organization. Yet, from the employee’s perspective, it all gets very stale. It seems like it is always the same message, but if that is the case, why hasn’t this knowledge been adopted...
Blog

Creating Your Disaster Recovery Action Plan

Perhaps Disaster Recovery (DR) isn’t one of the hot terms like the Internet of Things (IoT) or Hybrid Cloud, but I would argue that re-examining your DR plan now might be one of the most important IT management initiatives on which you can focus your energy. Think about it. How much has the world changed in the past two years? Most people used to...
Blog

What Are the Benefits of Adopting the Cloud in Industrial Cybersecurity?

Cloud adoption has come a long way from its early days where corporate executives questioned the stewardship of their data. The initial suspicions of “where’s my data” have been laid to rest, as administrative tools and contractual obligations have emerged to give better visibility to, and accountability of, data custodianship. Even the capabilities...
Blog

Extra, Extra, VERT Reads All About It: Cybersecurity News for the Week of February 21, 2022

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of February 21, 2022. I’ve also included some comments on these stories. 18 High-Severity Vulnerabilities Patched by Intel ...
Blog

Manufacturing was the top industry targeted by ransomware last year

Global supply chains are bearing the brunt of ransomware attacks, according to a new report that finds manufacturing was the most targeted industry during 2021. Knocking financial services and insurance off the top of the heap after a long reign, the manufacturing industry was found by IBM to be the most attacked sector - accounting for 23% of...