Today’s VERT Alert addresses Microsoft’s March 2025 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1147 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2025-26633 According to Microsoft, improper neutralization in…
Tag: Blog RSS Feed
The Growing Importance of Penetration Testing in OT and ICS Security
A critical aspect of manufacturing, energy, and transportation is Industrial Control Systems (ICS) and Operational Technologies (OT). The rapid pace of digital growth makes these systems susceptible to cyberattacks. OT and ICS system security is important, making penetration testing an…
Understanding the Windows Filtering Platform (WFP): A Quick Overview
What is it? The Tripwire Enterprise Critical Change Audit rules provide customers with the ability to monitor for critical events that could have a significant impact on a system. Monitoring for critical events can help administrators identify malicious and/or unexpected…
How to Secure Your Mobile Device: 9 Tips for 2025
Can you imagine a life without your smartphone? For most of us, this is a difficult task, and some younger readers will have never lived in a world without smartphones. The countless functionalities of modern mobile devices – surfing the…
Cactus Ransomware: What You Need To Know
What is the Cactus ransomware? Cactus is a ransomware-as-a-service (RaaS) group that encrypts victim’s data and demands a ransom for a decryption key. Hundreds of organisations have found themselves the victim of Cactus since it was first discovered in March…
Tripwire Patch Priority Index for February 2025
Tripwire’s February 2025 Patch Priority Index (PPI) brings together important vulnerabilities for Microsoft. Up first on the list are patches for Microsoft Edge (Chromium-based) that resolve 4 remote code execution and 2 spoofing vulnerabilities. Next on the list are patches…
ICS Environments and Patch Management: What to Do If You Can’t Patch
The evolution of the cyber threat landscape highlights the need for organizations to strengthen their ability to identify, analyze, and evaluate cyber risks before they evolve into security incidents. Criminals often exploit known unpatched vulnerabilities to penetrate Industrial Control Systems…
Understanding the Abu Dhabi Healthcare Information and Cyber Security Standard
Abu Dhabi is boosting its healthcare system with the introduction of the Abu Dhabi Healthcare Information and Cyber Security Standard (ADHICS). This initiative, driven by the Department of Health—Abu Dhabi (DoH)—has been put in place to protect sensitive healthcare data,…
What is SaaS Security Posture Management (SSPM)?
Over 80% of businesses use at least one Software-as-a-Service (SaaS) application in their operations, per a report by SaaS Academy. It’s easy to see why SaaS applications are the fulcrum of many businesses today. From collaboration tools to CRMs, SaaS…
Enhancing Security Monitoring with Tripwire’s Change Audit: New Rules for Firewalls, WFP, and Microsoft Store Applications
What is it? The Tripwire Enterprise Change Audit rules provide customers with the ability to monitor for change events that could have an impact on a system. Monitoring for change events can help administrators identify malicious and/or unexpected changes within…