It seems like such a short time ago that the Security Standards Council released the newest version of the Payment Card Industry Data Security Standard (PCI DSS). It has been a full year, and version 4.0 is now in effect.…
Tag: Blog RSS Feed
RansomHub Ransomware – What You Need To Know
What’s RansomHub? Despite first appearing earlier this year, RansomHub is already considered one of the most prolific ransomware groups in existence. It operates a ransomware-as-a-service (RaaS) operation, meaning that a central core of the group creates and maintains the ransomware…
Navigating Compliance: A Guide to the U.S. Government Configuration Baseline
For cybersecurity professionals tasked with defending the public sector, tackling the U.S. Government Configuration Baseline (USGCB) is just another hurdle to a safer federal tomorrow. Part of a wide collection of necessary federal government compliance requirements, it hones in on…
Sextortion Scams – How They Persuade and What to Watch for
“Sextortion” scams represent some of cybercriminals’ most brazen attempts to extract money from unwitting victims. These extortion techniques rely on fear and shame to get targets to pay up. Similar to individualized ransomware attacks, if the party refuses to pay…
VERT Threat Alert: July 2024 Patch Tuesday Analysis
Today’s VERT Alert addresses Microsoft’s July 2024 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-1114 as soon as coverage is completed. In-The-Wild & Disclosed CVEs CVE-2024-38112 A vulnerability in the Windows MSHTML…
A Deeper Dive into DISA’s Cybersecurity Initiatives
The Defense Information Systems Agency (DISA) is a Department of Defense (DoD) service provider that supplies a global information-sharing architecture for all DoD members “from the President on down.” Their cybersecurity measures are among the best in the world. As…
Guarding Health: Errol Weiss on Protecting the Healthcare Sector from Cyber Threats
Each day, it seems that we hear of another healthcare organization being compromised by a cyber attack. It is clear that the healthcare industry is the new favorite target amongst cybercriminals. Fortunately, vigorous efforts are available to combat these threats.…
GAO Urges Stronger Federal Cybersecurity Measures Amid Rising Threats
The IT and OT systems that support not only federal governmental agencies but also national critical infrastructure must be protected, but developing a security strategy effective against threats is no easy feat. It can be difficult to cover all of…
Volcano Demon Ransomware Group Rings Its Victims To Extort Money
What’s happening? Security researchers have warned that a new ransomware group has taken an unusual twist on the traditional method of extorting money from its corporate victims. So what’s different this time? Whereas many ransomware attacks see a company’s company’s…
IoT Security Regulations: A Compliance Checklist – Part 2
In Part 1, the existing global regulations around IoT were introduced. In this part, the challenge of complying with these rules is examined. The IoT Security Challenge Securing the Internet of Things (IoT) presents complex challenges that stem primarily from…