by Terry Crowley | Mar 16, 2017 | InfoSec Strategies
How devastating might it be for your business if a hacker was able to hang out on your virtual private network (VPN) and monitor the traffic at will: login credentials for applications, sensitive data from clients, emails to and from your C-level executives, you name...
by Bhaumik Shah | Oct 20, 2015 | InfoSec Strategies
In recent network penetration testing we’ve been seeing a lot of vulnerabilities around companies’ Domain Name System (DNS) servers. With nearly all networked applications (including web browsing, email, eCommerce and IP telephony) relying heavily on DNS, and more and...
by John Verry | Jun 14, 2011 | InfoSec Strategies
Comprehensive vs. Holistic: Not the Same A comprehensive approach to an information security assessment sounds like a good thing, correct? After all, comprehensive means “Complete; including all or nearly all elements or aspects of something.” Having uniquely focused...
by Scott | May 20, 2011 | Phishing
LinkedIn has certainly become one of the most popular business-to-business social networking tools. Not surprisingly, it is becoming a target for phishing attempts. Before I share screenshots and notes on how to determine if the email is real or fake, I want to...
by Scott | Jan 7, 2011 | Penetration Testing
Do you use an ATM? Does your business have a freestanding ATM? Barnaby Jack, Director of Security Testing at IOActive Labs, presented at the Black Hat Conference in Las Vegas. In his presentation, Jack hacked into two freestanding ATMs. The first was done remotely...
