Category: Computer security
“The future of malware” is a trigger for most of us in computer security. Most cyber professionals have an idea of what they think malware looks like in the next few years, but truly few of us write about it or document it in a formal way. In 2013, I presented on the “future of […]
The user experience is paramount to revisits. Dead links are frustrating for users, and reduces that “first” (or second!)_ impression. This article provides a few dead link checkers to validate a site’s internal and outbound links.
Break glass access is a required component of business recovery. It should only be used in emergency situations.
Reconfiguring firewalls in operational environments potentially breaks things. This article helps to develop a plan for implementing change.
Have you every had that perfect domain name, searched online, found it was available… only to have it taken away in the couple of days it took you to decide to buy? Then this article is for you!
Whether working from home or working in an office, separating your “Work Identity” and “Personal Identity” remains very important, both for your protection and for the security of your company. Read this article for more information.
In today’s world of privacy, you might be surprised that your company is recording every one of your keystrokes. Keep your private information private.
This presentation will help you understand the risks, recognize when you have been compromised, and avoid credential theft
This article explains adding an additional password to the wp-login.php file. Every user will have to enter a secondary password before retrieving wp-login.
The NIST Computer Security Incident Handling Guide provides a framework for creating a company focused computer security incident response plan.
This short article will explore what you can do if your information is compromised, and give you advice even if it hasn’t (yet).
Phishing is a real problem, and that problem is only increasing in frequency. Phish attacks come in many different forms. Everyone is affected by phishing. Whether it be that a credit card number is stolen from your family member, or your friend gets their Facebook account hijacked, or you have your company web site blacklisted […]
Attacking software is really attacking the software development process. The adversary is looking to take advantage of software defects before those defects are repaired. This paper explores the attack timeline.
Content filters categorize domains based on reputation. Many companies block domains based on those filters. This article will show you how to register your domains so that they are not inadvertently blocked.
Our online identity IS our identity. Someone masquerading as you is potentially a dangerous situation, but it is at least creepy. The problem is, as sure as everyone will pay taxes this year, we will all have our online identity compromised.What do you tell your colleagues who have had their identity stolen? What do you tell your family who have not *yet* had their identity stolen? What should they do? And what should they have done in order to reduce the vulnerability?This paper will give you ideas on preventing problems in online identity theft, and also provide guidance on how to fix a problem if it happens.
Hackers have a few things in their favor when it comes to getting into your network and stealing data. One of those things is the elusive zero day. When it comes to hacking, a zero day is an “exploitation against a publicly unknown vulnerability”. But hackers don’t need a zero day. They only need a […]
Computer Security. Kind of scary, actually. With the likes of Target going down to hackers in late 2013, and a large attack on Home Depot in 2014, what can the rest of us do? If Home Depot can be compromised, how can I protect myself? The bad news — you are a target. Why though? Well, […]