Resources

Blog

What Is RFID Skimming?

Security breaches are increasingly affecting organizations across various domains as they heavily rely on technologies to reduce the operational costs and improve the work efficiency. The United States is the world leader in data breach incidents. According to a report shared by the Identity Theft Resource Center in 2017, the security breach...
Blog

LA Times homicide website throttles cryptojacking attack

Whoever hacked the LA Times' interactive county murder map probably hoped to make a killing mining cryptocurrency - but swift action from a security researcher has put paid to their plans. Security researcher Troy Mursch, whose blog has focused on cryptomining threats in recent months, raised the alarm on Twitter, after discovering that an Amazon...
Blog

Smart Contracts May Be Smart, But Are They Contracts?

With distributed ledger technology (such as blockchain), there is growing interest in automating routine commercial transactions. But how will these smart contracts be interpreted under existing commercial contract laws? Although there is no federal contracts law for private commercial transactions in the United States, there is a widely adopted...
Blog

How to Secure Your Outlook Emails and Microsoft Accounts

Living in today’s society, it is almost impossible to meet someone without an email account. For almost everything you do online, you need to have an email ID whether for work, education, or socially. Many of us hold multiple accounts, each for a different purpose; however, you need to protect yourself. If you are using Outlook as your email...
Blog

The Role of the CISO in Preventing Data Breaches

In these times of unabated data breaches, the typical Chief Information Security Officer (CISO) must feel like a moving target in a shooting gallery. It’s not a matter of whether an attack and possible breach will occur, it’s a matter of when. Being a CISO is a fascinating and important job. Often, though, it’s a thankless one. Unfortunately for...
Blog

US DOE Introduces New Cybersecurity Office to Protect Energy Sector

The U.S. Department of Energy (DOE) has announced the establishment of a new cybersecurity office to help protect and prepare the energy sector, including the oil and gas industry. Named the Office of Cybersecurity, Energy Security, and Emergency Response, or CESER, the new office received nearly $96 million in funding for the 2019 fiscal year....
Blog

Cyber Breaches: The Game of Shifting Liabilities

Let’s face it: it is a matter of when your company is going to get hit by digital attackers and how hard, not if. This causes a lot of pain and overall damage, both of which are not good for business. Cyber attacks are at the forefront of news headlines and are plaguing C-Level executives' thoughts; unfortunately, these attacks are going to get more...
Blog

Tips for Staying Secure When Using Dating Apps

Mobile online dating apps are popular among adults looking to find their ideal partner. According to the Pew Research Center, 15 percent of U.S. adults said they had used matchmaking sites in 2015. Following Valentine’s Day, many dating sites may offer promotions, coupons, and discounts to encourage new users to enroll, meaning new users will be...
Blog

Attackers Abused Indian Bank's SWIFT System to Try to Steal $2M

Digital attackers abused the SWIFT system of an Indian bank in an attempt to make off with approximately $2 million in stolen funds. On 18 February, City Union Bank disclosed the attempted heist in a statement (PDF): During our reconciliation process on 7th February 2018, it was found that 3 fraudulent transactions were initiated by the cyber...
Blog

The Financial Fallout of a Cyber Attack on a Business

There were 978 million victims of cybercrime last year and these people lost a combined $172 billion, according to Norton. Those numbers alone should be enough to make businesses sit up and take notice. It’s important, too, to stress that it isn’t just the large corporations that suffer at the hands of online criminals. About half of small...
Blog

Cybersecurity in 2028: Looking a Decade Ahead

It's mid-February, which means IT security executives' and industry analysts' plans for 2018 are really starting to gather momentum. Every year, this personnel faces the difficult task of deciding what security investments they should make given current developments in the cyber threat landscape. Google Trends and other services can help...
Blog

Criminals Abused SWIFT to Steal $6M from Central Bank of Russia

Unknown criminals abused the SWIFT network to steal 339.5 million rubles ($6 million) from the Central Bank of Russia in 2017. The bank's Financial Sector Computer Emergency Response Team (FinCERT) revealed the attack in its report on illegal transactions that occurred in 2017. As quoted by Sputnik International: Bank of Russia has been informed...
Blog

UK Government Publicly Attributes NotPetya Outbreak to Russia

UK government officials have publicly attributed the NotPetya malware attacks of June 2017 to actors in the Russian government. Foreign Office Minister Lord Ahmad made his thoughts known in a statement released on 15 February: The UK Government judges that the Russian Government, specifically the Russian military, was responsible for the...
Blog

Don’t Get BuckHacked: What Are You Doing to Keep Your AWS S3 Data Private?

Leaky AWS S3 buckets have been spilling confidential information onto the public internet for years, and now anonymous hackers have created a search engine to make finding those exposed secrets even easier. New on the scene is “BuckHacker.” The name is a portmanteau, stemming from the fact that it allows the hacking of “buckets,” which is the name for containers of data within Amazon Web Services...
Blog

Overcoming the Blame Game – Improving Security without Destroying Careers

Today, I was sitting in an awesome class being held at @BSidesHSV, and it got me thinking. The class entitled “Fundamentals of Routing and Switching for Blue and Red Teams” put on by Paul Coggin was a deep dive into layer two and layer three configurations, and possible means of compromise. The content was outstanding, and Paul did a great job communicating a very difficult topic. Throughout the...
Blog

Top 10 Mobile App Security Best Practices for Developers

App security isn’t a feature or a benefit – it is a bare necessity. One breach could cost your company not just millions of dollars but a lifetime of trust. That is why security should be a priority from the moment you start writing the first line of code. While you were busy developing the most intuitive, innovative and exciting apps, security...