Category: Security

Harvesting Cb Response Data Leaks for fun and profit

Carbon Black’s Cb Response product is one of the more popular endpoint detection and response (EDR) tools available in an ever-growing marketspace. However, as a function of how the tool is architected, it is also a prolific data leaker. This threat report blog will help security organizations understand how our vulnerability assessment experts harvested data… Read more »

Finding Gaps Within Your Endpoint Protection Solution

With CIA Hacking Methods Leaked, Should You Worry?

The news that WikiLeaks released hundreds of documents revealing the CIA’s methods for hacking into smartphones and other Internet-connected devices has received global attention. So, what does the average person need to do to protect themselves if they are an Apple, Android or smart home gadget user? Some vendors have been proactive in publicly disclosing… Read more »

Passwords, The Need to Do Better

With today’s announcement of the FriendFinder Network website hack and the announcement that over 412 Million passwords were cracked, there is and will be a lot of discussion about the need for better protection of passwords at rest. While this is true, we caution that one of the most common issues that get lost in this discussion… Read more »

Information Security Challenges for 2017

So, as we come to the end of 2016, it is time to start looking ahead to the security challenges our customers will face in 2017. 2016 was full of security events from the hacking successes that made the news during the election year, to the deluge of ransomware that everyone is facing, to the… Read more »

October Is National Cyber Security Awareness Month

Can you believe it’s already October? We have to wait until the 31st to celebrate Halloween, but October 1st kicked off “National Cyber Security Awareness Month (NCSAM)”. National Cyber Security Alliance, in partnership with the Department of Homeland Security, runs this annual campaign in an effort to “engage and educate public and private sector partners… Read more »

The Onion Approach to Security

As penetration testers, through the years, we have learned one indisputable fact: There is no such thing as a 100% secure network. Sure, we have encountered wide variances in the maturity level and effectiveness of information security programs of various organizations, but we have yet to encounter an organization that is impenetrable – not even… Read more »

2016 – A Year for Change

It is that time of the year again, when we force ourselves to stop for a moment and reflect on the events and technologies that we have encountered over the past year then adjust our service offerings to better meet the needs of our clients and the information security industry as a whole. In our… Read more »