Your website is a huge part of your identity. When it comes to protecting your identity, is there ever enough security? Well, it depends. This article is going to explain how to add a host hardening layer of protection by password protecting the WordPress login script, the “wp-login.php” file — all for free. To better […]
Category Archives: Computer security
Computer Security Incident Response (NIST SP800-61r2)
Computer security incidents happen. Why? Because computer defense is reactive. Regardless of the expansive and proactive nature of any particular defensive team, the Computer Network Defense (CND) job must include Computer Security Incident Response. A properly running CND team includes a Red Team subgroup of Attack and Exploitation experts. The Red Team actively looks for […]
Help I’ve fallen and my identity has been stolen!
No matter where you live, you’ve probably heard about the many breaches of data that have occurred over the last few years. It is even worse than what you read: identity theft is on the rise. Just to name a few (and no, I’m not singling out any particular companies): Equifax 143 Million, 2017 Target […]
Phish for phun and profit
Phishing is a real problem, and that problem is only increasing in frequency. Phish attacks come in many different forms. Everyone is affected by phishing. Whether it be that a credit card number is stolen from your family member, or your friend gets their Facebook account hijacked, or you have your company web site blacklisted […]
Information Warfare (hackers) v the Software Developer
Attacking software is really attacking the software development process. The adversary is looking to take advantage of software defects before those defects are repaired. This paper explores the attack timeline.
How to prevent content filtering from affecting your web site
Content Filtering companies have gained quite a bit of traction in the Computer Network Defense (CND) industry. The goal of content filtering is to attempt to stem the carnage that malicious sites can wreak on unsuspecting individuals and companies by blocking access to malware and other forms of ransomware. The filtering engines work by way […]
Identity Theft
Our online identity IS our identity. Someone masquerading as you is potentially a dangerous situation, but it is at least creepy. The problem is, as sure as everyone will pay taxes this year, we will all have our online identity compromised.
What do you tell your colleagues who have had their identity stolen? What do you tell your family who have not *yet* had their identity stolen? What should they do? And what should they have done in order to reduce the vulnerability?
This paper will give you ideas on preventing problems in online identity theft, and also provide guidance on how to fix a problem if it happens.
Zero day, 0day, ohday, oh my!
Hackers have a few things in their favor when it comes to getting into your network and stealing data. One of those things is the elusive zero day. When it comes to hacking, a zero day is an “exploitation against a publicly unknown vulnerability”. But hackers don’t need a zero day. They only need a […]
Computer security hardening – safeguarding your computer
Putting your computer in chains is one way of hardening the system Computer Security. Kind of scary, actually. With the likes of Target going down to hackers in late 2013, and a large attack on Home Depot in 2014, what can the rest of us do? If Home Depot can be compromised, how can I protect […]