by Mike Gargiullo | Oct 21, 2019 | Application Security
Reading Time: 3 minutes
The OWASP Application Security Verification Standard (ASVS) Version 4 updates and extends the previous ASVS 3 release. We’ve been using ASVS 4 in our practice and gaining experience with how changes in the current standard impact...
by Mike Gargiullo | Nov 6, 2018 | ISMS Consulting
Reading Time: 2 minutes
A media buzz is building around an initiative by the “big 4” US mobile phone carriers (AT&T, Verizon, Sprint, T-Mobile) to replace mobile app passwords with a universal authentication service that leverages mobile phone data....
by Mike Gargiullo | Jul 19, 2018 | ISMS Consulting
Reading Time: < 1 minuteThe US Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, ICS-CERT, just published a medical device security advisory for products from Silex Technology and GE Healthcare. These products are the...
by Mike Gargiullo | Apr 25, 2018 | InfoSec Strategies
Reading Time: 2 minutes
A number of threat researchers are now reporting a massive and sustained spike of almost 500% in the volume of illicit cryptocurrency mining transactions on corporate networks. Trend Micro is hypothesizing that crypto mining...
by Mike Gargiullo | Oct 5, 2017 | InfoSec Strategies
On September 13th, the threat intelligence group Cisco Talos discovered that a hugely popular free software, CCleaner, had at some point in the last month been compromised during development. A malicious “backdoor” (an entryway into the software that allows...
