Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Tripwire

Thousands of compromised websites spreading malware via fake updates

Malicious hackers have been exploiting thousands of legitimate websites since at least December 2017 in a sophisticated campaign that has disguised malware as fake software updates. Security researchers at MalwareBytes report that they have uncovered evidence of thousands of compromised websites running popular content management systems (CMS) such as SquareSpace, WordPress and Joomla.

PCI DSS 3.2 - Protecting Your Organization from the Next Big Ransomware Threat

As the number of Ransomware attacks continues to rise, retail and healthcare organizations are increasingly challenged to keep pace. Ensuring employees are aware of common attack types and staying vigilant in testing, patching and monitoring your systems can drain the resources of any team.

3 Emerging Innovations in Technology that Will Impact Cyber Security

The war between security experts charged with the responsibility of protecting information and cyber-criminals who threaten to compromise the integrity of data for different entities has become a cat and mouse game. For instance, as soon as white hats counter one form of malicious behavior using encryption tools, there is the almost immediate development of yet another malevolent form of threat for information systems.

SIEM Implementation Strategies

A SIEM or Security Information and Event Management is only as good as its logs. People can think of logs as the fuel for the engine. Without logs (log management), the SIEM will never be useful. Selecting the right types of logs to ingest in your SIEM is a complex undertaking. On one hand, it is easy to say “Log it all!” but you will inevitably reach the glass ceiling of your SIEM, which will either be your licensing or you will cap the performance of the SIEM hardware.