-
“Hello can you hear me”: Social engineering or part of the call?
Have you ever received a phone call where the caller’s first question is, “Can you hear me?” It is not likely what you’ve been told,
-
Watering Hole attack: Cybercriminals subvert your most vulnerable favorite websites
A watering hole attack is a type of cyberattack in which the attacker targets a website or online service that is known to be frequented by the victim’s target audience. The attacker then compromises the website or service and injects malicious code into it. When the victim visits the website or uses the service, they…
-
How to secure FDA approved medical devices from hackers
Medical devices present a unique cyber challenge for hospitals. Read these guidelines before deploying them to the hospital enterprise network
-
Unmasking The Future Of Malware with ChatGPT: A Comprehensive Analysis And Expert Commentary On The Evolving Threat Landscape
“The future of malware” is a trigger for most of us in computer security. Most cyber professionals have an idea of what they think malware looks like in the next few years, but truly few of us write about it or document it in a formal way. In 2013, I presented on the “future of…
-
Reviving Your Website: Dead Link Checkers for Seamless Online Experiences
The user experience is paramount to revisits. Dead links are frustrating for users, and reduces that “first” (or second!)_ impression. This article provides a few dead link checkers to validate a site’s internal and outbound links.
-
Breaking the glass: Mastering BreakGlass Techniques for Emergency Access
Breakglass access is a required component of business recovery. It should only be used in emergency situations.
-
Link Tracking: Unveiling the best Tracker websites with enhanced analytics
Looking to track who clicked your links, and when? This article will help with link tracking!
-
Enhancing Security: Protecting Networks with Outbound Firewall Rules
Reconfiguring firewalls in operational environments potentially breaks things. This article helps to develop a plan for implementing change.
-
Safeguarding your domain search: how to avoid ‘front runners’
Have you every had that perfect domain name, searched online, found it was available… only to have it taken away in the couple of days it took you to decide to buy? That’s the thievery of front runners. This article is for you!
-
Coronavirus special report: Separating your Work and Personal identities
We are our identity. Whether working from home or working in an office, separating your “Work Identity” and “Personal Identity” remains very important, both for your protection and for the security of your company. Read this article for more information.
-
The first rule of security: “Be aware” of your surroundings
How can you protect yourself on the internet? The same methods you use to keep you safe “in real life” will also keep you safe in the digital world. First thing? Be aware of your surroundings.
-
Vishing Scams: How to Safeguard Yourself from Deceptive Voice Attacks
The vish: Vishing and social engineering are nefarious confidence scams that pretend to be helping you. This article will help you avoid being a victim.
-
Protecting Your Personal Privacy at Work: Tips for Confidentiality and Security
In today’s world of privacy, you might be surprised that your company is recording every one of your keystrokes. Keep your private information private.
-
Bulletproof Your Website: Enhancing WordPress Security with File System Protection for Login
WordPress login hardening is a great step towards security. This article explains adding an additional password to the wp-login.php file. Every user will have to enter a secondary password before retrieving wp-login.
-
Computer Security Incident Response (NIST SP800-61r2)
The NIST Computer Security Incident Handling Guide provides a framework for creating a company focused computer security incident response plan.
-
Data Breaches Unmasked: The Devastating Reality of Identity Theft
Identity theft is terrifying. This short article will explore what you can do if your information is compromised, and give you advice even if it hasn’t (yet).
-
Phish for phun and profit
Phishing is a real problem, and that problem is only increasing in frequency. Phish attacks come in many different forms. Everyone is affected by phishing. Whether it be that a credit card number is stolen from your family member, or your friend gets their Facebook account hijacked, or you have your company web site blacklisted…
-
Exploiting the SDLC: Unleashing the Devastating Power of Cyber Warfare
Attacking software is really attacking the software development process. The adversary is looking to take advantage of software defects before those defects are repaired. This paper explores the attack timeline in the SDLC
-
Empower your website: Unlocking access with content filtering companies
Content filtering categorize domains based on reputation. Many companies block domains based on those filters. This article will show you how to register your domains so that they are not inadvertently blocked.
-
Identity theft
Our online identity IS our identity. Someone masquerading as you is potentially a dangerous situation, but it is at least creepy. The problem is, as sure as everyone will pay taxes this year, we will all have our online identity compromised. What do you tell your colleagues who have had their identity stolen? What do…
-
Zero day, 0day, ohday, oh my!
Hackers have a few things in their favor when it comes to getting into your network and stealing data. One of those things is the elusive zero day. When it comes to hacking, a zero day is an “exploitation against a publicly unknown vulnerability”. But hackers don’t need a zero day. They only need a…
-
Computer security hardening – safeguarding your systems
Computer Security. Kind of scary, actually. With the likes of Target going down to hackers in late 2013, and a large attack on Home Depot in 2014, what can the rest of us do? If Home Depot can be compromised, how can I protect myself? The bad news — you are a target. Why though? Well,…