Social Engineering: Hacking the Human Brain

How do you hack a network with every modern safeguard and tool in place and a seasoned team of veteran professionals at the helm of your IT department? Surprisingly enough it doesn’t take that much. After all, who needs to be an all-star hacker looking for a small crack to wiggle through if they can … Continued

Organizational Requirements

About the Anatomy of a Cybersecurity Program Series In this blog series, I will be walking you through many of the specific controls that fall into the domains mentioned above. My goal is to give you some insight into the issues, and potential remedies we encounter daily while performing these assessments. Please utilize the suggestions … Continued

A Head in the Sand Approach Leaves Many Networks Vulnerable

Many responsible for networks security take a “Head in the Sand” approach to ‘Cybersecurity Risk Assessments’! Following a previous information security breach, I was speaking with an industry colleague who shared with me that he had been in discussions with the victim organization regarding a technology that would allow them to identify and address vulnerabilities … Continued

The Equifax Hack – A Huge Deal

Important Updates 9/13/17  – Since the last posting it was discovered that Equifax had the default login credentials of “admin” for user and password on an Argentina server which exposed the personal information of 14,000 employees. 9/14/17  – The actual exploit that disclosed the 143 million US credit records was CVE-2017-5638. It was announced/released March … Continued