Resources

Blog

How to Test for a DNS Leak with Legitimate Results

DNS or the Domain Name System is the connection between a device and the internet. It essentially works as the directory for the internet. The web address entered by a user is sent to the DNS server, which converts it into the IP address format. For instance, you enter a URL (www.example.com); your browser will then send the request to DNS server...
Blog

The FBI's 10 Most-Wanted Black-Hat Hackers – #10

Hackers all have different intentions. Some work to making computer networks more secure, while others develop malware and exploit software vulnerabilities. Of the latter group, there is a special subclass of criminals: those who make the FBI’s Cyber’s Most Wanted list. These individuals give a whole new meaning to black-hat hacking. The nature of...
Blog

5 PKI Trends to Expect in the Next Year

Public Key Infrastructure (PKI) is the glue that holds the internet together. As the internet has developed into a multi-faceted ecosystem with every single ‘thing’ now considered an internet-connected endpoint, PKI has also had to develop quickly in order to meet the demands of the market. Back in the early 2000s, there weren’t many regulations out...
Blog

SIEM Implementation Strategies

A SIEM or Security Information and Event Management is only as good as its logs. People can think of logs as the fuel for the engine. Without logs (log management), the SIEM will never be useful. Selecting the right types of logs to ingest in your SIEM is a complex undertaking. On one hand, it is easy to say “Log it all!” but you will inevitably...
Blog

VERT Threat Alert: March 2018 Patch Tuesday Analysis

Today’s VERT Alert addresses Microsoft’s March 2018 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-769 on Wednesday, March 14th. In-The-Wild & Disclosed CVEs CVE-2018-0808 This publicly disclosed CVE could lead to a successful denial of service against ASP.NET Core web applications due to...
Blog

What’s at Stake with NIST 800-171 and How to Ensure You’re Compliant

Over the past three years, The National Institute of Standards and Technology defined 800-171 security requirements. These requirements were designed to protect Controlled Unclassified Information in Nonfederal information systems, as well as organizations. When the DFAR (Defense Federal Acquisition Regulations) came out, most believed this mandate would finally create protection between...
Blog

The Current State of Connected Cars: Can we be Secure?

As certain as the changing of the seasons, the drive toward autonomous cars is gaining pace. Changes in the car industry clearly demonstrate that the way we use our vehicles is evolving. In an increasingly connected world, our cars are becoming an important part of our lifestyle. But a question mark keeps hanging over the process. Are we, and the...
Blog

Insider Enterprise Threats: Human Behavior

This article is part 3 of 3 in the “Insider Enterprise Threats” series, outlining effective policies and practices for combating insider cyber security threats (human behavior) to the modern enterprise. Over the course of this series, we’ve broadly examined the dangerous but highly-overlooked cybersecurity threat of malicious insiders. As...
Blog

How Foundational Prevention Fills in the Gaps of Threat Detection

Digital threat detection isn't as easy as it was more than a decade ago. The threat landscape no longer evolves slowly in pace with signature-based malware. It moves quickly and thereby complements the rate at which new software flaws are discovered and computer criminals exploit those weaknesses to compromise vulnerable systems. At the same time,...
Blog

Yahoo Agrees to $80 Million Settlement Over Data Breaches

Yahoo has agreed to pay $80 million to settle a federal securities class action lawsuit following the massive data breaches that compromised the personal information of three billion users. The suit was filed by several shareholders in January 2017, alleging the web services provider intentionally misled them about its cybersecurity practices, in...
Blog

Security Concerns and Risks Related To Bitcoin

Bitcoin is so far the most successful cryptocurrency. Nevertheless, just like other cryptocurrencies, Bitcoin has seen prices drop dramatically for the past few months. Price volatility remains one of the most significant challenges facing all cryptocurrencies, as they try to navigate a tricky ecosystem towards being recognized as a world currency....
Blog

Android P promises new security and privacy features

Android P, the next generation of Google's operating system, may not be due for release until sometime later this year - but that doesn't mean we don't already know some of the features it has in store for us. That's because the Android P is now available as a developer preview. That means this first preview of Android P is intended for developers...
Blog

Security Considerations for Cloud Migration

Cloud computing has revolutionized the way businesses operate, and it is growing exponentially. The main advantages provided by this technology include cost optimization where there is no need for a capital expenditure upfront anymore and costs being further reduced by using economies of scale where a large number of organizations are sharing service...