Resources


LEARN MORE




Blog Posts

Critical Security Alert: CVE-2024-10924 and the “Really Simple Security” WordPress Plugin

Hello everyone, As a penetration tester and security engineer, I want to bring to your attention a critical vulnerability that demands immediate action. CVE-2024-10924 impacts the “Really Simple Security” WordPress plugin, and addressing it should be your top priority if this tool is active on your website. Key Information CVE-2024-10924 ...

The Price of Business – Pen Testing vs. Vulnerability Assessments

Penetration testing is becoming the vaccinations of the tech industry. Everyone is expected to get one; some don’t believe in them, and others only do it because they are told to. But what is really being purchased? A pen test follows four basic elements of security: It’s crucial to know ...

World Class Service on a Local Scale

When we think about the impact of cybersecurity attacks, it’s easy to fall into the trap of believing that data is only as valuable as the ransom a company is willing to pay to retrieve it. We’ve seen this misconception challenged by the rising number of attacks on hospitals and ...

Why Vegas Needs CISOs

My First Year, First-Hand Experience Last year was my first year at DEFCON, and it was very different than what I was expecting.  Yes, there were a lot of people, a lot of walking, some rambunctious Goons, and even a bomb scare.  These were more than offset by the number ...

To Patch or Not To Patch? That Is The Question

The mundane of cybersecurity rarely makes the news. Breaches and ransomware are typical news fare. Last week, that narrative changed. The often unnoticed, seemingly boring procedure of patching took center stage. Even people far afield from cybersecurity or IT heard about the massive outages caused by caused by the catastrophic ...

Appreciate Your IT

It’s almost summer, and you know what that means! Teacher appreciation weeks, Final exams, graduations, recitals, and burnout.  But you know who works all year round and can’t afford to get burnout?  Your school IT Team! While the rest of us wind down, their work in some ways winds up: ...

Managing Alert Management: Safeguarding Against Cyber Threats

Do you know what is happening to your computers?  Can you tell when someone is logged in snooping around?  Do you know when they installed a program?  Do you know when they take data from the computer and copy it out of the network? Each of these things can have ...

Passwords, Policies, People

Last week cyberprofessionals and cyberenthusiasts celebrated National Password Day. Let’s be honest. The word for National Password Day for most people is “pass.” Most people will look at all the posts and articles (including this one) about the necessity of strong passwords and how to create them and think “I’ve ...

Maximizing the Impact of Penetration Testing: 5 Key Principles

In the realm of cybersecurity, penetration testing (pen testing) stands as a critical tool for assessing and fortifying the security posture of organizations. However, not all pen tests are created equal, and ensuring their effectiveness requires attention to key principles. Understanding the purpose and conduct and having shared expectations between ...

Hackers’ Hall of Shame: The Top 5 Cybersecurity Facepalms

In the world of high-profile hacks, the narrative often portrays threat actors as highly skilled and almost invincible adversaries. However, the reality we’ve encountered through our incident response (IR) work tells a different story. Not all threat actors are the criminal masterminds or uber 1337 hackers that they’re made out ...

L33T or Lame: A Hacker Tool Review

“Top 10 Gifts for the Hacker in Your life” articles are incredibly common. But how do you know if some of the tools listed are actually worthwhile?  We recently sat down with two of our security engineers to talk about different gadgets and tools of the trade on this week’s ...

Hacking the Holiday: A Hacker’s Gift Guide

Are you looking for the perfect gift for the hacker in your life? We’ve scoured our amazon purchase histories and here’s what we think would be great gifts for any hacker in your life. Just click on the images or the titles for a direct link to the amazon listing. ...

How To Create A Threat Model in 7 Easy Steps With Our Template

How To Create A Threat Model in 7 Easy Steps With Our Threat Model Template Our team here at Alias is made up of hackers turned security professionals. In fact, they probably learned how to type before learning how to write. When you hire us for a pen test, we’re ...

Learn to prevent and respond to ransomware

Ransomware has been a problem since 1989, and it’s not getting better. In fact, every eleven to fourteen seconds, a new company falls victim to this problem. Ransomware costs organizations around $20-Billion annually. But it’s not just a company problem, individuals fall victim to this threat as well. You need ...

What is digital forensics? Your new fingerprint.

When you think forensics, you probably imagine fingerprint and blood sample analysis. Which is pretty close to what digital forensics is. Change out the fingerprint for a computer and you’ve basically got it. Digital forensics is the scientific approach to performing data recovery and analysis of a digital device. A ...

Why Your Business Needs Cyber Security Awareness Training

Ever wonder if you should bother with the cost and time needed for security awareness training? Some industries are legally required to host security awareness training (like banking); but quite a few industries aren’t required to have employee training. Here are a few reasons why you should host cyber security ...



Listen to our podcasts for all things boardroom to back alley cybersecurity.