by John Verry | Sep 2, 2015 | Penetration Testing
Recently I’ve noticed that a longstanding trend in security attestation is taking on a new twist. For some time, CPA firms, qualified security assessors (QSAs) and similar entities that focus on security attestation have been including penetration testing as part of...
by John Verry | Apr 16, 2015 | ISO 27001 Certification
Throughout 2014 and into 2015 with the recent Anthem Blue Cross breach, every few weeks with distressing regularity there has been a new breach or exploit of epic proportions. But the “shock and awe” surrounding December’s Sony Pictures hack has been unsurpassed:...
by John Verry | Oct 21, 2014 | ISMS Consulting
Recently we blogged about rogue cell towers (also called IMSI catchers, stingrays or GSM interceptors) and the potential risk they pose of intercepting cell phone calls. An ongoing investigation into the proliferation of these devices has found rogue cell phone towers...
by Michael Gargiullo | May 28, 2010 | ISMS Consulting
Ever need to work on a remote computer which is behind a typical firewall. Well if there is no inbound connectivity, you can play a bit of leap frog using ssh in order to gain access to that server. Here’s a quick example. For this example we’ll assume you...
