- Lost luggage? Apple AirTag users can now share location with these airlines
- I prefer this Lenovo tablet over the iPad for watching movies, plus it's $80 off
- I still recommend this TCL TV model from last year - especially at up to $3,000 off right now
- This ThinkPad checks all my boxes for a solid work laptop. Here's why it stands out
- CISA and EPA Warn of Cyber Risks to Water System Interfaces
The Top 10 State of Security Blog Posts From 2024
As we approach the end of another exciting year in the world of cybersecurity, it’s the perfect time to reflect on the stories, insights, and guidance that resonated most with our readers.
2024 brought new challenges and opportunities with the rapid adoption of AI, evolving ransomware tactics, and an increased focus on proactive security measures. These trends shaped the conversations on Fortra’s State of Security blog as we explored emerging threats and practical solutions.
The ten blogs featured here were chosen for their relevance, depth, and the actionable insights they offered. Whether you’re an industry veteran or just beginning your cybersecurity journey, these posts have something for everyone.
Cybersecurity in the Age of AI: Exploring AI-Generated Cyber Attacks
AI is no longer just a tool for defenders—it’s a double-edged sword that attackers are wielding with increasing sophistication.
This blog by Dilki Rathnayake uncovers how AI-generated cyberattacks are changing the game, from automating phishing campaigns to crafting malware that learns from its environment. For example, imagine phishing emails so perfectly tailored to their recipients that even seasoned professionals fall victim.
With these advanced threats on the rise, organizations need to rethink their strategies. Are you prepared for the era of AI-powered cyber threats?
#TripwireBookClub: Black Hat and GraphQL Security
GraphQL is a developer’s dream but can be a security professional’s nightmare if left unchecked.
This blog by Tyler Reguly, featuring some of his colleagues at Fortra, explores how attackers exploit GraphQL APIs, leveraging their flexibility to uncover hidden vulnerabilities. Key mitigation strategies, such as input validation and query restrictions, are explored in depth.
With its growing popularity, understanding GraphQL security is more relevant than ever. Whether you’re a developer or security professional, this article ensures you’re equipped to handle the risks.
Key Findings from the Business Email Compromise (BEC) Trends Report
BEC attacks are far more than just email scams—they’re calculated, highly targeted, and incredibly costly.
In 2024 alone, BEC incidents accounted for billions in global losses, with attackers increasingly impersonating trusted vendors. This post by Anirudh Chand examines the tactics attackers are using to bypass traditional defenses, such as social engineering and supply chain infiltration.
Discover key statistics and trends that are shaping the future of BEC threats. Don’t miss the actionable insights to help you fortify your defenses.
The Past, Present, and Future of File Integrity Monitoring
File Integrity Monitoring (FIM) has been a silent hero in cybersecurity for decades, but do we truly appreciate its importance?
This blog by Amir Gerges takes you on a journey through FIM’s evolution, from simple checksum verification to advanced anomaly detection in hybrid cloud environments. It also highlights the challenges ahead, including adapting FIM to more dynamic, containerized workloads.
Learn why FIM remains indispensable in a world increasingly reliant on cloud and hybrid environments. The future of FIM is bright—are you ready to embrace it?
Qilin Ransomware: What You Need to Know
2024 saw the emergence of Qilin ransomware, a threat that’s redefining the ransomware playbook. What sets Qilin apart? Its advanced encryption techniques and targeted attacks on critical infrastructure.
This news article by Graham Cluely breaks down how it operates and, more importantly, how you can protect your organization. From robust backups to proactive endpoint monitoring, discover the strategies that can help you stay ahead. Don’t wait to read this—it’s a must-know for every cybersecurity professional.
Understanding the Key Differences Between FIM and EDR
Choosing between File Integrity Monitoring (FIM) and Endpoint Detection and Response (EDR) can feel like choosing between apples and oranges—but it doesn’t have to.
This blog by Wade Barisoff demystifies the key differences, showing you when and why to use each. For example, FIM excels at monitoring static configurations, while EDR shines in dynamic threat detection.
By understanding these tools, you can ensure your defenses are both efficient and effective. Security isn’t one-size-fits-all, and this post proves it.
Life in Cybersecurity: From Nursing to Threat Analyst
What do nursing and cybersecurity have in common?
Empathy, precision, and an ability to act under pressure. This inspiring discussion with Gina D’Addamio follows hertransition from the ER to the SOC, proving that cybersecurity is a field open to diverse skills and experiences.
Whether you’re considering a career change or simply love a good story, this articlewill leave you motivated. It’s a reminder that cybersecurity talent can come from the most unexpected places.
Bake Security Into Your Cyber Kitchen
Creating a secure environment is a lot like baking—every layer matters.
In this blog, Chris Hudson uses a fun and creative analogy to explore how security can be “baked in” at every level of your organization. With actionable tips and a pinch of humor, it’s a recipe for success.
Secure software development practices, like using “ingredients” from trusted sources, make all the difference. Grab your apron and get ready to bake some security!
Resolving the Top Security Misconfigurations: What You Need to Know
Misconfigurations may seem like small mistakes, but they often lead to big breaches. This article by Jeff Moline highlights the most common missteps, from open S3 buckets to overly permissive IAM roles. More importantly, it provides clear guidance on how to avoid these pitfalls.
Consider this: one poorly secured S3 bucket exposed over a terabyte of sensitive data in 2024 alone. Fixing misconfigurations is simpler than you think—start here.
Creating a Real-Time USB Monitoring Rule for Enhanced Security and Compliance
USB devices can be a blessing and a curse. While they’re convenient, they also introduce significant security risks.
This step-by-step guide by Paul Stewart shows how to create a real-time USB monitoring rule to safeguard your organization. With clear instructions and practical advice, this blog helps you reduce risks while maintaining compliance. It’s not just about compliance; it’s about peace of mind and protecting your endpoints from unforeseen threats.
From AI-generated threats to practical tools like USB monitoring, this year’s blogs reflect the dynamic and ever-evolving nature of cybersecurity.
As we move into 2025, we’re excited to bring you more insights, deeper dives into critical topics, and fresh perspectives on emerging trends. Stay tuned, stay vigilant, and let’s keep building a safer digital world together.
For more updates, insights, and resources, follow us on LinkedIn or subscribe to our newsletter here. Together, we can tackle whatever challenges the new year brings.
