Today’s VERT Alert addresses Microsoft’s February 2025 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1143 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2025-21391 A vulnerability in Windows Storage could…
Tag: Blog RSS Feed
Building a Vulnerability Management Program from Scratch
Building a vulnerability management (VM) program from the ground up is no small feat. It requires technical expertise, organizational buy-in, and a clear roadmap. In recent months, I’ve been working with a client who had to discard their legacy approach…
Key Takeaways from the NCSC Annual Review 2024
In early December 2024, the UK’s National Cyber Security Center (NCSC) released its eighth Annual Review. While the report’s primary focus is to recap the NCSC’s activities over the past year, it also offers invaluable insights into how the UK…
“Quishing” – The Emerging Threat of Fake QR Codes
QR codes have revolutionized digital interactions, offering quick access to websites and services and adding a layer of security to many apps. These quick and seemingly innocent codes are everywhere — however, their widespread use has made them a prime…
Research Reveals Data Breaches On The Rise at UK Law Firms
British legal professionals have seen a “significant surge” in data breaches, according to new research from NetDocuments, a firm that provides a cloud-based content management platform for the legal sector. The firm has described how it analysed data from the…
How CISOs Can Build a Cybersecurity-First Culture
Creating an enterprise security-first culture is one of the most impactful things a CISO can do to protect their organization. Sure, high-tech solutions and fancy tools are important, but they are largely ineffective when staff are unable or unwilling to…
Man Sentenced to 7 Years in Prison for Role in $50M Internet Scam
A California man has been sentenced to seven years in prison for his involvement in a fraudulent scheme that saw over 50 individuals and organisations lose millions of dollars. 59-year-old Allen Giltman, of Irvine, California, pleaded guilty to charges that…
CIS Control 03: Data Protection
Key Takeaways for Control 3 At the heart of a strong data management plan is awareness surrounding the ‘ Five Ws’ of the enterprise’s data: What data does the enterprise store or handle? Who should have access to it? Where…
Zero Trust Principles for Critical Infrastructure Security
The cyber threat to critical infrastructure has never been greater. The growing sophistication of cybercriminals, deteriorating geopolitical relations, and the convergence of operational technology (OT) and information technology (IT) have created unprecedented risks for critical infrastructure organizations. Fortunately, resources are…
What Is a Security Operations Center (SOC)?
Data breaches continue to cost organizations millions of dollars each year, with costs rising steadily. According to IBM’s 2024 Cost of a Data Breach Report, the average cost of a data breach has surged to $4.88 million globally, reflecting the…