9 QUICK TIPS TO IMPROVE WEAK AUTHENTICATION
Over years of penetration testing, HALOCK has seen some enduring security vulnerabilities. They are so common, in fact, that we have come to expect to see them in the field. Many information security breaches occur because authentication vulnerabilities permit unauthorized access to applications, systems and data. If you were to follow these tips, our penetration tests would be much less fruitful (and (more…)
THE FEDERAL TRADE COMMISSION IS COMING TO GET YOU
The Third Circuit Court of Appeals announced on Monday, August 24, 2015 that the Federal Trade Commission is acting within its authority when it takes action against companies for poor data security practices. Take heed. You may be doing exactly what the FTC is complaining about. (more…)
SIX THINGS TECH START-UPS CAN DO TO IMPROVE THEIR SECURITY POSTURE
The Internet of Things (IOT) and Cloud Computing has provided business and consumers with unimaginable tools and functionality, not to mention immense entrepreneurial opportunities. Along with the connectedness of these solutions comes increased security risks that many entrepreneurs, start-ups, and venture capitalists need to be aware of before either launching into the tech industry or (more…)
HOW TO CREATE A REALLY STRONG PASSWORD: A PEN TESTER’S PERSPECTIVE
CREATE A REALLY STRONG PASSWORD: A PEN TESTER’S PERSPECTIVE.
Attackers have figured out how to crack even what you and I think are the toughest passwords. HALOCK pen testers almost always find passwords as a weak spot in every investigation. With so much at stake, it’s a wonder why password safety still isn’t being (more…)
HOW TO PROTECT YOURSELF FROM SOCIAL ENGINEERS IN SOCIAL MEDIA
The use of social media like Twitter, Facebook, Instagram, Tumblr, Google Plus, LinkedIn and others have been steadily growing. It is used not only between individuals connecting with their “tweeps,” but also for businesses connecting with their customers, and even politicians with their constituents. Social (more…)
DON’T BE A SUCKER ON VALENTINE’S DAY
Valentine’s Day is February 14. Traditionally it’s the one day of the year when people express their love for each other by sending flowers, candies and love notes. But we’re not here to talk about love and candy and flowers… we’re here to talk about how hackers use holidays like this to compromise your security.
Hackers and other thieves are looking to prey on those they (more…)
PREPARING FOR YOUR DATA BREACH
PREPARING FOR YOUR DATA BREACH.
Most InfoSec professionals don’t want to think about becoming the next victim of a major data breach to make the headlines. And yet when faced with another major data breach it is a time when Executive Management and security teams reflect on their own insecurities. The latest breach is being reported as the largest data breach of (more…)
IT Pros: 4 Tips to Help Friends & Family Protect their Mobile Devices this Holiday Season
As the holidays approach, you’ll probably be seeing many relatives and friends. Many will pull you aside and ask you about the latest security news, myths and rumors. While preparing for a Thanksgiving visit, one relative asked me about a hoax security alert warning that her iPhone’s flashlight was listening to her conversations. (more…)
All Done with Shellshock? Get Ready for the Next One.
Why read another article on the Shellshock bug when there have been a number of well-written articles and blog posts on it? Because almost all of the articles and blogs are talking about the bug itself, how it can be exploited, and how much of the Internet is open to it. However, what you should really be interested in (more…)
Code Spaces Spaced Out On Data Security
The information security community is abuzz with the news of Code Spaces closing its doors after having all of its client’s data erased by an attacker who gained access to their environment. Code Spaces offered their clients a “code repository” service – think Subversion-as-a-Service – and convinced their clients that their code was safe from data loss when stored there. The failure is (more…)
