Blog

Blog

Protecting the New Most Vulnerable Population – The Grandparent Scam

In Part 1 of this series, we introduced the concept that the most vulnerable people on the internet are our senior population. According to the FBI, elder fraud impacts millions of American seniors every year. Figures from the United Kingdom show similar levels of criminal activity targeting seniors. Most of the elder fraud schemes are financially...
Blog

A Look at a Zero Trust Strategy for the Remote Workforce

If you are new to the security world, it is fair to ask yourself, “Isn’t access to data and systems always conditional? Isn’t it always granted to someone who has access to the credentials (ID and password)?” True enough, but in totality, the approach to managing access encompasses a broader spectrum of privacy policies. These policies include a mix...
Blog

5 Tips and Tricks for Cloud Native Security

Cloud-native applications that are based on new types of infrastructure such as containers and serverless platforms are being rapidly adopted by organizations worldwide. While cloud-native applications deliver compelling benefits such as elastic scalability, unmatched resilience and rapid development velocity, they also raise challenges. Cloud...
Blog

Open Source: The Positives, the Risks and the Future

In a world that is constantly evaluating costs, it is little wonder that there is an increasing demand for cost-effective solutions to business problems. In the real world, this means 'free,' and in the digital marketplace, it means 'open source.' Open Source aka "Freeware" Since the early days of the internet, open source software (OSS) has been...
Blog

VERT Threat Alert: June 2021 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s June 2021 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-947 on Wednesday, June 9th. In-The-Wild & Disclosed CVEs CVE-2021-31955 This is one of two vulnerabilities fixed in today’s patch drop which were reported by Kaspersky Lab after detecting...
Blog

The Principle of 'Least Privilege' in the World of Cybersecurity

The principle of least privilege in cybersecurity prescribes that no user should have access to system resources beyond what's necessary for fulfilling a specific task. Adhering to this principle has become essential, as one of the primary ways malicious actors breach a system is by compromising (legitimate) user access. The 2020 Global State of...
Blog

Protecting a New Vulnerable Population on the Internet

On a Mission of Protecting Abraham Lincoln is credited with saying that “A lawyer’s time and advice are his stock and trade.” Whether the quote is mis-attributed to Lincoln is irrelevant to the greater message, which is that attorneys are “knowledge workers.” To state it as bluntly as one attorney once explained to an executive where I worked, “My...
Blog

#TripwireBookClub – The Crypto Dictionary

Welcome back to #TripwireBookClub. If you recall, the last book we reviewed was The Ghidra Book: The Definitive Guide, a book that I thoroughly enjoyed because I’m a huge fan of everything Chris Eagle writes. This time, we’re looking at Crypto Dictionary: 500 Tasty Tidbits for the Curious Cryptographer. I am by no means a cryptography expert, so I...
Blog

Overcoming Compliance Issues in Cloud Computing

The benefits of organizations moving some or all their IT workloads to the cloud are well-known and numerous. There are several challenges to successful cloud adoption, though, and one of the most important of them is compliance. Whether your cloud use case is low-cost data storage, scaling your infrastructure for critical business apps or disaster...
Blog

Tripwire Patch Priority Index for May 2021

Tripwire's May 2021 Patch Priority Index (PPI) brings together important vulnerabilities from Google Chrome, Adobe and Microsoft. First on the patch priority list this month are patches for macOS (CVE-2021-30657) and Google Chrome (CVE-2021-21220). Exploits for these vulnerabilities have been recently added to the Metasploit Exploit Framework....
Blog

2021 Cybersecurity: Mitigating Mobile Security Risks for CISOs

Cybersecurity has always been a significant challenge for businesses, mostly due to the increasing financial and reputational cost of data breaches. As a result, there has been a consistent rise in tactics and technologies used to combat these threats. These methods fulfill the need for better, smarter ways to augment enterprise-level security and...