The past half-decade has been a particularly tumultuous one for cybersecurity. It has borne witness to some of the most damaging attacks in history, unprecedentedly high data breach rates, and a staggering number of emerging threat groups. However, a new report from cyber insurance provider Coalition suggests that things are beginning to stabilize. ...

In recent years, blockchain technology has garnered significant attention thanks to its remarkable tamper-proof features and robust security. It is also expected that the blockchain technology market will exceed 1.2 billion US dollars by 2030, with an annual growth rate of 82.8 percent. However, recent headlines have exposed numerous...

A former US Navy IT manager has been sentenced to five years and five months in prison after illegally hacking a database containing personally identifiable information (PII) and selling it on the dark web. 32-year-old Marquis Cooper, of Selma, California, was a chief petty officer in the US Navy's Seventh Fleet when he opened an account in August...

In the brisk air of early autumn, optimism fills our hearts as we celebrate the 20th anniversary of Cybersecurity Awareness Month, an annual event dedicated to fostering a deeper understanding of cybersecurity and inspiring behavior change. Two decades ago, the prevailing belief among security professionals was that raising awareness alone could...

Plastic surgeries across the United States have been issued a warning that they are being targeted by cybercriminals in plots designed to steal sensitive data including patients' medical records and photographs that will be later used for extortion. The warning, which was issued by the FBI yesterday and is directed towards plastic surgery offices...

We often hear of how we need to protect ourselves from online scams. Criminals seek our personal information in order to use it for multiple nefarious purposes. However, there is a population who, while not having a broad online presence, are equally vulnerable to identity theft. Children are particularly vulnerable to identity theft, as they often...

These days, it’s not a matter of if your password will be breached but when. Major websites experience massive data breaches at an alarming rate. Have I Been Pwned currently has records from 705 sites comprising 12.6 billion accounts. This includes well-known names like Wattpad, Verifications.io, and Facebook. This is a 30% increase in the number...

There are countless tools and technologies available to help an organization stay on top of its IT assets, and a configuration management database (CMDB) is an extremely useful one. The database keeps track of relevant information regarding various hardware and software components and the relationships between them. It allows IT teams to have an...

Gaming companies collect data concerning user behavior for a variety of reasons: to inform investment and content decisions, enable game and advertisement personalization, and improve gameplay, to name a few. However, the data available provides a daunting task for those attempting to make use of it, as well as a ripe target for attackers....

Footprinting, also known as fingerprinting, is a methodology used by penetration testers, cybersecurity professionals, and even threat actors to gather information about a target organization to identify potential vulnerabilities. Footprinting is the first step in penetration testing. It involves scanning open ports, mapping network topologies, and...

Interconnected, data-enabled devices are more common now than ever before. By 2027, it is predicted that there will be more than 41 billion new IoT devices. The emergence of each new device offers a fresh vulnerability point for opportunistic bad actors. In 2022, there were over 112 million cyberattacks carried out on IoT devices worldwide....

One of the most reliable constants in the cybersecurity world is that threats are always increasing as cybercriminals advance their tactics and develop new ones. It can be a daunting task for organizations to continually stay on top of these threats, protect their own data and assets, and monitor the threat landscape for changes. A recent report...

Today’s VERT Alert addresses Microsoft’s October 2023 Security Updates, which includes a recently introduced release notes format. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1077 on Wednesday, October 11th. In-The-Wild & Disclosed CVEs CVE-2023-41763 While this vulnerability is labeled as a Skype for...

As cyber threats grow more frequent and sophisticated, the need for vigilant defense is paramount, and cybersecurity is top of mind for organizations nationwide. Understanding the threat landscape and current and future trends is crucial to designing effective security strategies to mitigate risk and keep companies, their employees, and their data...

Compliance and security often go hand in hand as ideas that attempt to protect against cyber threats. While both compliance and security are designed to lower risk, they are not mutually inclusive—that is, not everything that is required for compliance will necessarily help with security, and not everything that bolsters security will necessarily...

Data is expanding beyond environments, applications, and geographical boundaries. It is safe to say that we are currently experiencing the era of the Big Bang of Data. It is driving economies and industries. Organizations that can leverage data to its fullest potential take the helm of their industry, leading it peerlessly. However, with the...

A joint cybersecurity advisory from the United States's National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) has shone a light on the top ten most common cybersecurity misconfigurations found in large private and public organisations. The report aims to detail the weaknesses found in many large organisations,...

Tripwire's September 2023 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. First on the patch priority are patches for Microsoft Edge (Chromium-based) that resolve 5 vulnerabilities such as out of bounds memory access, type confusion, and use after free. Next on the patch priority list this month are patches for...

Cyber Security Awareness Month kicked off its nineteenth anniversary this year. One would hope that after nearly two decades, this would be a time to celebrate, however, the outlook is not as bright as one would expect. There are so many aspects of cybersecurity that have been promoted to make the world a safer place, but one that stands out as the...

While always a part of business, compliance demands have skyrocketed as the digital world gives us so many more ways to go awry. We all remember the Enron scandal that precipitated the Sarbanes-Oxley Act (SOX). Now, SOX compliance means being above board on a number of cybersecurity requirements as well. Fortra's Tripwire recently released a new...