Why You Need HTTPS on Your Website

Most any web user can tell you when they visit a website that uses HTTPS. They know this by the green lock in browser or the HTTPS (vs. HTTP) in the address bar. This indicates that you can generally trust your connection to the site… Continue reading

Social Engineering Examples

Social engineering is a threat that faces organizations from small business to large enterprises. As we’ve explored multiple times on this site, there are few organizations that are truly prepared to address these types of threats. Social engineering attempts to coax, cajole, and manipulate others… Continue reading

Why Security Awareness Training

Enterprises invest in all the latest security technologies but often neglect an absolute fundamental component of information security – end users. Organizations can employ the best technology practices of next generation firewalls, anti-malware and intrusion prevention system. Corporations these days understand security should be ‘baked… Continue reading

What is GDPR

What is GDPR? GDPR or General Data Protection Regulation is new European Union data protection legislation outlining the various data protections for EU citizens data. It replaces the 1995 EU Data protection directive and defines a variety of users or customers rights and responsibilities on… Continue reading

KRACK Attack – Secure Your Wireless

Wi-Fi Protected Access is a protocol which secures all modern WiFi networks. This month, Belgian researchers Mathy Vanhoef & Frank Piessens of the University of Leuven recently identified serious security flaws in the WiFi standard itself which are cause for concern. This attack, known as… Continue reading

Equifax Breach – What to Do

In July 2017 credit reporting giant Equifax suffered a data breach of epic proportions. Data breaches happen every day but usually not on this scale, magnitude and impact. This breach is very big deal. The data involved in this breach was highly sensitive personally identifiable… Continue reading

5 Open Source Security Tools You Should Use

Security on your desktop computing devices can be a hairy & unruly beast. It can often require a significant investment on your part to improve your security stance — but it doesn’t have to be that way. Herein we will explore some of the great… Continue reading

WannaCry Ransomware – 5 Lessons Learned

Unfortunately malicious software is an everyday occurrence. As of Friday May 12th a massive ransomware attack dubbed WannaCry infected over 230,000 Windows computers in over 150 countries. It’s spread was fast and furious. WannaCry ransomware held the victims computer/data for ransom by encrypting it. Among… Continue reading

What are Advanced Persistent Threats

APT or Advanced Persistent Threat is a continuous, stealthy and sophisticated process of hacking a particular target until a defined object is achieved. Herein we’ll explore in more detail of what an APT is as well as define the targets, methods and motivation of them.… Continue reading

Addressing the Insider Threat

Technology is a powerful tool in assuring the confidentiality, availability and integrity of your critical data – but it is no failsafe. Even the best of breed technology deployed in a layer approach (defense in depth) will have flaws. The most well meaning and resourced… Continue reading