Security Worm Targets Design Documents
I thought this was an interesting article out of Dark Reading lately – “AutoCAD Worm Targets Design Documents in Possible Espionage Campaign”. (more…)
Would You Bet on the IT Security of Your Network?
This was from an article published on Dark Reading recently. It was from a survey of 300 IT professionals, conducted by PhoneFactor, an authentication tool vendor. (more…)
I challenge you to do some Social Engineering tests!
As a follow up to Security Awareness Training, I challenge you to do some Social Engineering tests! (more…)
Advanced Malware – Assume the Worst
With advanced malware these days, you’ve got to assume you’re probably already infected. Typical testing methods, though good for spotting vulnerabilities, may not find the malware already lurking in your environment. (more…)
Penetration Testing
Why Penetration Testing is Essential. Servers, applications, remote users and other services, once connected to your network, pose a risk to your organization. Hackers and malicious users, both internally and externally, may attempt to exploit security weaknesses to gain access to sensitive information assets. (more…)
Social Engineering
Is everyone familiar with social engineering testing? It’s a test of the natural tendency of a person to trust another person’s word, rather than exploiting actual computer security holes. (more…)
2011 – Security Hacks
Dark Reading had another great article recently on the “7 Coolest Hacks of 2011”. This was by Kelly Jackson Higgins. (more…)
The Weakest Link Part II
Continuing on with the employee security awareness thought: the weakest link – the WSJ article discusses other areas. (more…)
The Weakest Link in Cyber Security
Another great article by WSJ – this one on information security and employee cyber security awareness. Because hackers today are so advanced, applying all the security solutions at our disposal and shoring up the perimeter isn’t enough anymore. (more…)
Security Testing Terms — Are we talking about the same thing?
Sometimes when I’m talking with organizations about their security testing needs, there is some confusion between what constitutes a vulnerability scan, a penetration test, and a web application assessment. (more…)
