It’s been over a decade that I’ve worked primarily in the world of File Integrity Monitoring and Secure Configuration Management, helping to ensure that hundreds of different companies are able to detect unauthorized or unexpected changes to their configurations.Security has changed a lot over that period, and yet there’s been some surprisingly consistent experiences in the field that I will often...

As more enterprises expand their business through an increasingly wide web of vendors, applications, and software supply chains, risk exponentiates. Find out how to build safely—without taking on unnecessary third-party risk.

Security teams don’t suffer from a lack of data. They suffer from a lack of clarity. Every scan, every alert, every dashboard shouts for attention. The result? A wall of red. Thousands of vulnerabilities. Hundreds marked critical. Dozens hitting the same system. Teams are left staring at the mess, asking the only question that matters: Which one do we fix first? That question doesn’t get enough...

Countries don’t restrict cyber threats; they cross borders in milliseconds, exploiting gaps in governance, visibility, and readiness. As the global cost of digital failure surges, so does the urgency to confront what can no longer be delegated or denied. In Latin America, one country is stepping out in front. Chile isn’t sitting around waiting for disaster to strike; it’s building a legal firewall...

There is good news for any organisation which has been hit by the Phobos ransomware. Japanese police have released a free decryptor capable of recovering files encrypted by both the notorious Phobos ransomware, and its offshoot 8Base. What is Phobos Ransomware?Phobos first emerged in late 2018, as a ransomware-as-a-service (RaaS) operation, working with affiliates to demand payment from victims...

Two in three financial institutions faced cyberattacks in 2024, and that trend shows little sign of letting up. Because of their valuable data – hooked conveniently to direct financial information – FinServ organizations are perennial targets for hungry attackers. But this isn’t news to anybody. Financial institutions understand the threats, and for the most part, they are some of the most...

Learn about CVE-2025-1727, a high severity vulnerability that impacts railway systems, its impacts on critical infrastructure, and how federal compliance regulations can help defend against the threat of exploitation.

It’s no revelation to say that compliance and security are not synonymous, but recent events have reinforced the maxim. Adhering to even the strictest data protection standards is no longer enough to protect retailers from increasingly sophisticated cyber threats.Instead, complete compliance needs to be paired with strategic, resilience-focused cybersecurity practices to combat risks facing retail...

"Operation Elicius", a joint international law enforcement operation involving Europol and police forces in Italy, France, and Romania, has successfully dismantled a Romanian ransomware gang that targeted network-attached storage (NAS) devices and arrested its suspected leader.The so-called "DiskStation Security" ransomware group has targeted and compromised NAS devices - particularly those...

APWG’s quarterly Phishing Activity Trends Report analyzes phishing trends and insights reported to APWG by their member companies and research partners. This blog provides a high-level overview of the latest phishing trends to watch out for, in addition to quotes and insights from Fortra experts.

India's digital transformation has been profound. Online payments, smart technologies, and digital services have all changed the way its citizens live and conduct business. There are many opportunities, but as many risks. Millions of citizens now use platforms that didn't exist a few years ago, and with this shift has come a slew of new cyber threats.In fact, a recent study predicted that...

Once a niche discipline, cybersecurity has become about national security, business continuity, and risk management. Around the world, governments are tightening controls, redefining accountability, and pushing for operational readiness. Australia is no exception, but it is taking a uniquely pragmatic path that is sector-aware yet in line with global frameworks.Understanding Australia's...