by Mike Gargiullo | Dec 9, 2021 | Network Security
Reading Time: 3 minutes
Twitter and various InfoSec outlets just blew up over a CVE (Common Vulnerabilities and Exposures) database entry CVE-2021-38759 published on December 7, 2021, noting that Raspberry Pi OS utilized a default password...
by Mike Gargiullo | Oct 21, 2019 | Application Security
Reading Time: 3 minutes
The OWASP Application Security Verification Standard (ASVS) Version 4 updates and extends the previous ASVS 3 release. We’ve been using ASVS 4 in our practice and gaining experience with how changes in the current standard impact...
by Mike Gargiullo | Nov 6, 2018 | ISMS Consulting
Reading Time: 2 minutes
A media buzz is building around an initiative by the “big 4” US mobile phone carriers (AT&T, Verizon, Sprint, T-Mobile) to replace mobile app passwords with a universal authentication service that leverages mobile phone data....
by Mike Gargiullo | Jul 19, 2018 | ISMS Consulting
Reading Time: < 1 minuteThe US Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team, ICS-CERT, just published a medical device security advisory for products from Silex Technology and GE Healthcare. These products are the...
by Mike Gargiullo | Apr 25, 2018 | InfoSec Strategies
Reading Time: 2 minutes
A number of threat researchers are now reporting a massive and sustained spike of almost 500% in the volume of illicit cryptocurrency mining transactions on corporate networks. Trend Micro is hypothesizing that crypto mining...