Collaborate Disseminate
This is post 6 in our series on making infosec jobs easier and covers threat hunting. You can read the previous 5 posts at one of the links below. Improve overall security posture Assess and report on breach risk Keep systems patched How to adjust to … Continue reading Making Infosec Jobs Easier: Threat Hunting
In April 2019, a tiny credit union in Greenville, Pennsylvania, Bessemer System Federal Credit Union, filed a lawsuit against Fiserv, a 24,000 employee financial services behemoth, for breach of contract. After more than a year of delays, a Federal ju… Continue reading David vs Goliath: Are 16,000 Banks Insecure?
This is post 2 in our series on making infosec jobs easier. The first post (here) covered the job of improving overall security posture. Assessing and reporting on enterprise breach risk is an important part of the CISO’s role. This holds true w… Continue reading Making Infosec Jobs Easier: Assessing and Reporting Breach Risk
In the July 2020 Patch Tuesday release, Microsoft has patched 13 critical and 83 important vulnerabilities, but one CVE in particular is getting the lion’s share of the attention. CVE-2020-1350, nicknamed “SIGRed,” targets DNS compon… Continue reading Patching SIGRed: Windows CVE-2020-1350
Hacking group, Shiny Hunters, has gained quite a bit of notoriety in recent months by stealing, and then selling, credentials for a broad range of organizations. In total, the group’s user record haul stands at just over 174,000,000 accounts… Continue reading Your Login Credentials Are Worth $0.00005
If you’ve never read, Freakonomics, by Stephen Dubner and Steven Levitt, I highly recommend that you check it out. If ever it was possible for economics to be made highly entertaining, Freakonomics accomplishes that feat. Written in 2005… Continue reading Why Hackers Live With Their Moms
8 characters, special symbol, lower, upper, no repeating and a 90 day max. Try singing the de facto standard password policy and it sounds remarkably similar to the popular McDonald’s Big Mac song of the 80’s (for those too young, or too old, to r… Continue reading Why NIST Wants You to Remove Complexity from Your Password Policies
In my last post, I provided 5 reasons why your vulnerability management solution might need to be fired. If you need to improve your enterprise security posture, the outdated approach of traditional vulnerability management tools likely isn’t fitt… Continue reading 5 Signs It’s Time to Hire Balbix for Vulnerability Management
It may sound strange, but when we purchase a product or service, we do so because we expect it to do a job. We “hire” it. As long as it fulfills the need, it continues in our employ. If, at some point, the product no longer fulfills that need, or … Continue reading 5 Signs it’s Time to Fire Your Vulnerability Management Solution
An attack vector is defined as the method or way by an adversary can breach or infiltrate an entire network/system. There are numerous ways that adversaries can exploit system vulnerabilities, and attack vectors enable that exploitation.
The post… Continue reading 8 Most Common Attack Vectors