Since 2008, the CIS Controls have been through many iterations of refinement and improvement leading up to what we are presented with today in CIS Controls version 8.1. CIS Controls reflect the combined knowledge of experts from every part of…
Tag: Blog RSS Feed
Got a Microsoft Teams invite? Storm-2372 Gang Exploit Device Codes in Global Phishing Attacks
Security experts have warned that a cybercriminal group has been running a malicious and inventive phishing campaign since August 2024 to break into organizations across Europe, North America, Africa, and the Middle East. The Russian group, known as Storm-2372, has…
Ransomware: The $270 Billion Beast Shaping Cybersecurity—Insights from Cyentia’s Latest Report
Ransomware has evolved into one of the most devastating cyber threats of modern times, creating previously unimaginable financial and operational hardships for entities in every sector. As malicious actors employ increasingly sophisticated tools, honing their tactics and spreading their tentacles,…
Monitoring Applications vs. Operating Systems: Why It Matters
In today’s dynamic IT environments, securing and maintaining the integrity of your systems is critical. Fortra’s Tripwire Enterprise is a robust tool designed to help organizations ensure compliance and security by continuously monitoring the configuration and behavior of their IT…
#TripwireBookClub – Black Hat Bash: Creative Scripting for Hackers and Pentesters
Up Next from #TripwireBookClub is Black Hat Bash: Creative Scripting for Hackers and Pentesters by Dolev Farhi and Nick Aleks. This duo previously published Black Hat GraphQL, which we reviewed in March 2024. This book did not disappoint. I think…
Advanced Ransomware Evasion Techniques in 2025
Ransomware has become more than a threat—it’s a calculated assault on industries, wielding AI-driven precision to bypass traditional defenses. Attackers adapt faster than ever, turning cybersecurity into a high-stakes race where falling behind isn’t an option. As we step into…
US Coast Guard Urged to Strengthen Cybersecurity Amid $2B Daily Port Risk
The US Coast Guard has been urged to improve the cybersecurity infrastructure of the Maritime Transportation System (MTS), which includes ports, waterways, and vessels essential for transporting over $5.4 trillion worth of goods annually. The Government Accountability Office (GAO) has…
IIoT Security Threats Reshape Factory Protection Strategies
Modern factories are increasingly relying on Industrial Internet of Things (IIoT) solutions. This shift is beneficial in many regards, including higher efficiency and transparency, but it also introduces unique cybersecurity concerns. Better vulnerability management for IIoT systems is essential if…
Holding the Tide Against the Next Wave of Phishing Scams
By now, we should all be pretty well acquainted with phishing scams. They’ve been around for a very long time—nearly 30 years, in fact—and are the primary focus of most security awareness training programs and initiatives. Despite this, phishing remains…
CIS Control 02: Inventory and Control of Software Assets
Today, I will be going over Control 2 from version 8.1 of the top 18 CIS Controls – Inventory and Control of Software Assets. I will go over the seven safeguards and offer my thoughts on what I’ve found. Key…