Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Non-repudiation: Your Virtual Shield in Cybersecurity

In the digital world, where countless users communicate, share data, and engage in diverse activities, determining the origin and actions behind these interactions can be quite challenging. This is where non-repudiation steps in. Coupling other security factors, such as delivery proof, identity verification, and a digital signature, creates non-repudiation. This guarantees that the parties involved in the transmission are unable to renounce the execution of an action.

Improving OT Security in Industrial Processes

Have you ever considered that even before you enjoy the first sip of your favorite morning beverage, you have probably interacted with at least half of the 16 critical infrastructure sectors that keep a nation running? In one way or another, the simple act of brewing a cup of tea would probably not be possible without interacting with water, energy, manufacturing, food and agriculture, waste, transportation, and financial sectors.

Top 5 Scam Techniques: What You Need to Know

Scammers are increasingly resourceful when coming up with scam techniques. But they often rely on long-standing persuasion techniques for the scam to work. So, you may hear about a new scam that uses a novel narrative, but there is a good chance that the scam relies on proven scam techniques once the narrative is stripped away. These scam techniques often exploit our characteristics and heuristics, or things that make us human and fallible.

Delving into NCSC's New SMB Cybersecurity Guide

Although attacks on small and medium-sized businesses (SMBs) rarely hit the headlines, they remain a serious threat. Unlike their corporate counterparts, many SMBs lack the tools, skills, and mitigation services they need to combat modern threats. Understanding that forewarned is forearmed, the National Cyber Security Centre (NCSC) recently debuted a guide aimed at smaller companies that lack dedicated IT or support staff called “Using Online Services Safely”.

Cyber Resilience: Planned and Practiced

Navigating the information superhighway is like threading your car through traffic on a dangerous rush hour freeway. The journey is full of perils that can prevent you from getting where you need to go and turn the trip into a bumpy ride. In the same way we plan for wrecks and try to avoid hazards on the road, businesses can minimize the impact of an incident and cruise confidently through the chaos by thinking with a resilience-first mindset.

Customizing Security with Security Configuration Management (SCM)

Many of the breaches of the past ten years have taken advantage of weak or nonexistent security settings. Conversely, for example, companies that configured their Docker application to the CIS recommended security settings for container users and privileges were not as vulnerable to container escape exploits. Arguably, a configuration change prevented many breaches. Security configuration management can make a huge difference in reducing an organization’s vulnerability.

Bring us the head of LockBit! $15 million bounty offered for information on leaders of notorious ransomware gang

A huge reward is being offered for information leading to the identification or location of any of the leaders of the LockBit ransomware gang. The bounty offer comes from the US State Department, following this week's disruption of the criminal organisation's activities. LockBit, which has been operating since 2020, has targeted thousands of victims around the globe, causing the loss of billions of dollars in both ransom payments and recovery.

Building Customer Trust through Transparent Safety and Security Practices

Last year, the Securities and Exchange Commission adopted rules on cybersecurity risk management that focused on transparency. Much of the adopted rules were focused on investors, but the rules also underscored the importance of the impact to customers when cybersecurity incidents occur. The data security landscape has recently shifted to prioritize the user or the customer, and that was just one of the steps in furthering the approach.

Cybersecurity Trends in 2024: 5 Key Areas to Follow

As we are well into 2024 now, we at Fortra want to continue our commitment to empowering you all with the knowledge and tools needed to protect you, your organization, and even your family. This year, we will be looking more and more at the human element, and provide you with methods to practice repeatable, real-world techniques to ingrain positive habits and security behaviors to keep you as safe as possible.

PCI DSS Compliance - Meeting the Third-Party Vendor Requirements

Today, almost every organization is engaged with a third-party vendor at some level when offering products or services. Take, for instance, an e-commerce business that may not be able to function properly unless multiple third-party integrations are involved, such as CRMs, payment gateways, live chat APIs, or a shipping gateway, to name a few.