Collaborate Disseminate
I am a hacker. I get hired by companies to break into their systems, a job commonly referred to as pentesting. I’m a “good guy” hacker. My definition of “good guy” versus “bad guy” is that good guys only hack with permission and they get paid less. 😉 I LOVE my job! Often times I […]… Read More
The post Is Hacking in Your Blood? appeared first on The State of Security.
Implicit deny and explicit allow were two core fundamentals from the start of the information security discipline. However, as the scale and complexity of infrastructures grew, it became evident the list of things we should allow is exponentially smaller than the list of things we should deny. Say “no” to everything unless it is known […]… Read More
The post Whitelist Relationships as a Path to Better Security appeared first on The State of Security.
Continue reading Whitelist Relationships as a Path to Better Security
“By sitting in the alcove, and keeping well back, Winston was able to remain outside the range of the telescreen, so far as sight went. He could be heard, of course, but so long as he stayed in his present position he could not be seen.” The above quote is a snippet from George Orwell’s […]… Read More
The post Alexa, Are You Keeping My Information Private? appeared first on The State of Security.
Continue reading Alexa, Are You Keeping My Information Private?
The Russian hacking fiasco we’ve been following over the past weeks – hysteria, which is due to the flawed Grizzly Steppe report and subsequent haphazard news reporting – has done a grave disservice to the serious issue of national cybersecurity. If the world is going to ever turn the corner from its current state of […]… Read More
The post 10 Questions that Need to Be Asked about Every Cybersecurity Story appeared first on The State of Security.
Continue reading 10 Questions that Need to Be Asked about Every Cybersecurity Story
Most organizations are overwhelmed, understaffed, and/or underfunded when it comes to cybersecurity. These constraints create a critical need to prioritize on the most critical cybersecurity measures. However, often these priorities are unclear or hard to determine, leading to less-than-optimal cybersecurity product purchases and/or activities. This is because the metrics about which overarching cybersecurity priorities matter […]… Read More
The post The Need for Better Cybersecurity Prioritization Metrics appeared first on The State of Security.
Continue reading The Need for Better Cybersecurity Prioritization Metrics
Typically, security risks and challenges coming from your IT security team are only realized after there is an actual cyber security event. Things such as ransomware or DDoS attacks quickly become a priority for executives and place them in a responsive mode. Being proactive is sometimes difficult to quantify in the IT security world with a […]… Read More
The post On Bringing the Board and IT Security Pros Together to Address Risk appeared first on The State of Security.
Continue reading On Bringing the Board and IT Security Pros Together to Address Risk
Online extortionists closed 2016 with a spike in ransomware activity. The statistics for December were alarming: 32 new samples emerged and 33 existing strains got updated. The fact that security researchers released nine decryption tools is quite promising, but it is still a weak countervailing factor. The report below explores the ins and outs of […]… Read More
The post December 2016: The Month in Ransomware appeared first on The State of Security.
In recent years, Wi-Fi networks are usually secured with the Wi-Fi Protected Access II (WPA2), a security protocol which leverages a strong cryptographic hash function (PBKDF2 with the network’s ESSID as salt) to protect the pre-shared key (PSK). Breaking into a WPA-2 network can be a great challenge during a penetration test. A modern GPU […]… Read More
The post Efficient Wi-Fi Phishing Attacks: Would You Fall for That? appeared first on The State of Security.
Continue reading Efficient Wi-Fi Phishing Attacks: Would You Fall for That?
‘Twas just the season when millions of unsuspecting consumers unwittingly courted disaster by gorging their digital appetites on gadgets, gizmos, and whiz bangs that delight kids of all ages with their digital magic. Which is the point of this nearly bah-humbug introduction. Because Arthur C. Clarke was right when he formulated his three laws, the […]… Read More
The post Security and Technology Literacy Go Hand in Hand appeared first on The State of Security.
Continue reading Security and Technology Literacy Go Hand in Hand
In recent years, we have seen a huge spike in consumer interest in the dark web. News reports, lucrative deals, and various illegal enterprises have lured all kinds of people into the underground network. In this article, we will illuminate how sometimes curiosity when it comes to the dark web can be damaging to naive users. […]… Read More
The post Curiosity of The Dark Web And Its Dangerous Effects appeared first on The State of Security.
Continue reading Curiosity of The Dark Web And Its Dangerous Effects