Penetration testing is becoming the vaccinations of the tech industry. Everyone is expected to get one; some don’t believe in them, and others only do it because they are told to. But what is really being purchased? A pen test follows four basic elements of security: It’s crucial to know ...
When we think about the impact of cybersecurity attacks, it’s easy to fall into the trap of believing that data is only as valuable as the ransom a company is willing to pay to retrieve it. We’ve seen this misconception challenged by the rising number of attacks on hospitals and ...
My First Year, First-Hand Experience Last year was my first year at DEFCON, and it was very different than what I was expecting. Yes, there were a lot of people, a lot of walking, some rambunctious Goons, and even a bomb scare. These were more than offset by the number ...
The mundane of cybersecurity rarely makes the news. Breaches and ransomware are typical news fare. Last week, that narrative changed. The often unnoticed, seemingly boring procedure of patching took center stage. Even people far afield from cybersecurity or IT heard about the massive outages caused by caused by the catastrophic ...
It’s almost summer, and you know what that means! Teacher appreciation weeks, Final exams, graduations, recitals, and burnout. But you know who works all year round and can’t afford to get burnout? Your school IT Team! While the rest of us wind down, their work in some ways winds up: ...
Do you know what is happening to your computers? Can you tell when someone is logged in snooping around? Do you know when they installed a program? Do you know when they take data from the computer and copy it out of the network? Each of these things can have ...
Last week cyberprofessionals and cyberenthusiasts celebrated National Password Day. Let’s be honest. The word for National Password Day for most people is “pass.” Most people will look at all the posts and articles (including this one) about the necessity of strong passwords and how to create them and think “I’ve ...
In the realm of cybersecurity, penetration testing (pen testing) stands as a critical tool for assessing and fortifying the security posture of organizations. However, not all pen tests are created equal, and ensuring their effectiveness requires attention to key principles. Understanding the purpose and conduct and having shared expectations between ...
In the world of high-profile hacks, the narrative often portrays threat actors as highly skilled and almost invincible adversaries. However, the reality we’ve encountered through our incident response (IR) work tells a different story. Not all threat actors are the criminal masterminds or uber 1337 hackers that they’re made out ...
