Lightnews — Scholar-powered news

Reposted by Joe Pettit

ethicalhack3r

@ethicalhack3r.bsky.social

Since we started collecting data (around 4 months ago), the CyberAlerts KEV includes 6 vulnerabilities exploited in the wild, not listed in CISA KEV.

We expect this to be around 12 or more by the end of the year.

blog.cyberalerts.io/cyberalerts-...

CyberAlerts Known Exploited Vulnerabilities (KEV)

Since November 3rd, 2021, Cybersecurity and Infrastructure Security Agency (CISA) have published a public list of Known Exploited Vulnerabilities (KEV). Over that time, at the time of writing (April 9...

blog.cyberalerts.io

April 9, 2025 at 9:10 AM

Reposted by Joe Pettit

Wallarm API Security

@wallarm.bsky.social

Our CEO Ivan Novikov spoke at GISEC Global 2025! 🙌

Proud to bring the Wallarm voice to one of the industry’s key stages.

#CyberSecurity #APISecurity #GISEC

May 9, 2025 at 1:55 PM

Joe Pettit

@jpettit.bsky.social

The FBI, CISA, and MS-ISAC have issued a joint advisory warning about the Medusa ransomware gang, which has targeted over 300 organizations across critical infrastructure sectors, including healthcare, education, and technology.

Learn more from @grahamcluley.com: www.tripwire.com/state-of-sec...

Medusa Ransomware: FBI and CISA Urge Organizations to Act Now to Mitigate Threat

FBI & CISA warn of Medusa ransomware targeting critical infrastructure. Learn key mitigation steps to protect your organization.

www.tripwire.com

March 13, 2025 at 3:41 PM

Joe Pettit

@jpettit.bsky.social

Initial access brokers and ransomware-as-a-service platforms like Medusa are reshaping the cyber threat landscape.

@grahamcluley.com explains how Medusa operates and why prevention is critical: www.tripwire.com/state-of-sec...

#DataSecurity #ThreatIntelligence #Malware #Ransomware

Medusa Ransomware: What You Need To Know

Learn about Medusa ransomware: how it operates, its targets, and steps to protect your organization from this evolving cyber threat.

www.tripwire.com

January 21, 2025 at 12:33 PM

Joe Pettit

@jpettit.bsky.social

What makes Space Bears stand out in the crowded ransomware scene?

A corporate-style image with devastating impact. Read @grahamcluley.com's analysis and tips to safeguard your organization: www.tripwire.com/state-of-sec...

#CyberCrime #Ransomware #CyberSecurity

Space Bears Ransomware: What You Need To Know

Learn about Space Bears ransomware, its unique corporate-like tactics, and how to protect your organization from its threats.

www.tripwire.com

January 9, 2025 at 5:15 PM

Joe Pettit

@jpettit.bsky.social

SOC Scalability: How AI Supports Growth Without Overloading Analysts

securityaffairs.com/172831/secur...

#SecurityAffairs #Hacking #SOC

SOC Scalability: How AI Supports Growth Without Overloading Analysts

Scaling up a security operations center (SOC) is inevitable for many organizations. How AI supports growth without overloading analysts.

securityaffairs.com

January 9, 2025 at 1:32 PM

Joe Pettit

@jpettit.bsky.social

Compliance is more than avoiding penalties—it's about safeguarding critical infrastructure. Jim Whiting explains the seven key steps to NERC CIP audit readiness.

Learn more: www.tripwire.com/state-of-sec...

#NERC #Compliance #Cybersecurity

The 7 Stages NERC CIP Audit Preparation

Simplify NERC CIP audit prep with Tripwire’s tools. Learn the 7 stages to ensure compliance and protect critical infrastructure.

www.tripwire.com

January 7, 2025 at 12:20 PM

Joe Pettit

@jpettit.bsky.social

AI is vital for modern network security, offering lightning-fast data analysis, anomaly detection, and adaptability.

Bob Erdman of Fortra shows how combining AI with core security practices keeps you ahead of threats.

www.tripwire.com/state-of-sec...

#NetSec #Cybersecurity

Understanding AI in Network Security

AI transforms network security by detecting threats faster. Learn how to pair AI with best practices for robust defenses.

www.tripwire.com

January 2, 2025 at 3:34 PM

Joe Pettit

@jpettit.bsky.social

Cyber threats don’t wait, and neither should your response.

Chester Avey explores how combining Agile practices with incident response enables Exponential Organizations to adapt quickly and grow confidently.

www.tripwire.com/state-of-sec...

#CyberThreats #CyberSecurity #IncidentReponse

Advice for Exponential Organizations: Intersecting Agile and Incident

Align Agile & incident response to improve adaptability, scale cybersecurity, & drive exponential organizational growth.

www.tripwire.com

January 2, 2025 at 3:31 PM

Joe Pettit

@jpettit.bsky.social

What does the future hold for cybersecurity? 🤔

Fortra experts discuss disruption prevention, threat prioritization, and AI-driven innovation. 🗣️

www.tripwire.com/state-of-sec...

#Cybersecurity #DLP #EmailSecurity

What's Next for Cybersecurity in 2025 and Beyond? Fortra Experts Weigh

From AI to geopolitics, learn what’s next for cybersecurity in 2025 with insights from Fortra’s experts. Stay ahead of the trends.

www.tripwire.com

December 30, 2024 at 9:49 AM

Joe Pettit

@jpettit.bsky.social

Can AI innovation and regulation coexist? Antonio Sanchez explores California’s recent veto of an AI safety bill, the implications for tech companies, and principles for effective oversight

www.tripwire.com/state-of-sec...

#AI #Cybersecurity #ITsecurity

The Future of AI Regulation: Balancing Innovation and Safety in Silicon

Explore the debate over AI innovation vs. regulation in California. How should we balance safety and technological progress?

www.tripwire.com

December 30, 2024 at 9:46 AM

Joe Pettit

@jpettit.bsky.social

London’s digital infrastructure powers the city, but outdated systems and rising nation-state threats leave its critical infrastructure vulnerable to chaos.

Learn more in Darren Gale's blog: www.tripwire.com/state-of-sec...

#CyberSecurity #CNI #CriticalInfrastructure #CyberThreats

London’s CNI is Under Threat

London’s critical infrastructure is at risk. Learn how evolving cyber threats demand modern defenses and resilience.

www.tripwire.com

December 17, 2024 at 10:55 AM

Joe Pettit

@jpettit.bsky.social

Network security goes beyond devices—it's about processes, documentation, and growth. CIS Control 12 provides a guide to building a resilient foundation.

Read more: www.tripwire.com/state-of-sec...

CIS Control 12: Network Infrastructure Management

Discover essential steps for secure network infrastructure with CIS Control 12, including secure architecture, protocols, and device management.

www.tripwire.com

November 20, 2024 at 10:08 AM

Joe Pettit

@jpettit.bsky.social

When ransomware meets BitLocker, it creates a new kind of challenge. ShrinkLocker is using familiar tools to lock down data—leaving organizations in need of specialized solutions.

@grahamcluley.com has more details: www.tripwire.com/state-of-sec...

#CyberSecurity #Ransomware

ShrinkLocker Ransomware: What You Need To Know

Discover how ShrinkLocker ransomware uses BitLocker to encrypt data, demanding ransom payments and challenging security defenses.

www.tripwire.com

November 14, 2024 at 3:25 PM

Joe Pettit

@jpettit.bsky.social

CherryBlos is Android malware that steals sensitive information from photos such as screenshots of crypto wallet account recovery phrases, putting accounts at risk if the device is infected.

@grahamcluley.com has more information. ⤵️

www.tripwire.com/state-of-sec...

November 10, 2023 at 10:22 AM

Joe Pettit

@jpettit.bsky.social

Classiscam is a criminal organization that employs low-level phishers to carry out site scams and takes a cut from their profits.

Katrina Thompson explains how the scam works and looks at some stats. ⤵️

www.tripwire.com/state-of-sec...

November 6, 2023 at 9:32 AM

Joe Pettit

@jpettit.bsky.social

Phishing is a common tactic used by cybercriminals. Companies must educate employees and deploy anti-phishing solutions to safeguard against attacks.

Here are 6 common types of phishing attacks and tips to protect yourself. ⤵️

www.tripwire.com/state-of-sec...

#Cybersecurity #Phishing

October 30, 2023 at 10:14 AM

Reposted by Joe Pettit

Graham Cluley

@grahamcluley.com

For anyone who is interested (from a technical malware-level) about what is going on with all these Booking[dot]com scams, here's a good analysis by Akamai:

www.akamai.com/blog/securit...

www.akamai.com

October 26, 2023 at 1:41 PM

Joe Pettit

@jpettit.bsky.social

Packet sniffing is the act of monitoring data packets on a network using software or hardware device

Read Dilki Rathnayake's introduction to the benefits and risks of Packet Sniffing to learn more: https://www.tripwire.com/state-of-security/introduction-benefits-and-risks-packet-sniffing

July 13, 2023 at 9:45 AM

Reposted by Joe Pettit

Graham Cluley

@grahamcluley.com

Rogue IT security worker who impersonated ransomware gang is sentenced to jail.

https://grahamcluley.com/rogue-it-security-worker-who-impersonated-ransomware-gang-sentenced-to-jail/

#cybersecurity #insiderthreat #ransomware

Rogue IT security worker who impersonated ransomware gang is sentenced to jail

A British IT worker who exploited a ransomware attack against the company he worked for, in an attempt to extort money from them for himself, has been sentenced to jail for three years and seven…

grahamcluley.com

July 12, 2023 at 4:35 PM

Joe Pettit

@jpettit.bsky.social

What happens when a vulnerability stops being discussed, but is never fixed?

Tyler Reguly looks at why patch management and vulnerability management are different beasts.

https://www.tripwire.com/state-of-security/value-vulnerability-management

#vulnerabilitymanagement #cybersecurity

July 12, 2023 at 8:41 AM

Joe Pettit

@jpettit.bsky.social

Start preparing for NIS2 implementation now to avoid last-minute stress. Don't wait to disclose control information, begin the process ASAP.

Gary Hibberd explains how this directive will impact you and your organization.

https://www.tripwire.com/state-of-security/how-nis2-directive-will-impact-you

July 11, 2023 at 8:22 AM