Cyber Security Awareness and Vulnerabilities Blog

Navigating Your Vulnerability Management Program

Nov 18, 2015
OK, I admit it. I use GPS to navigate some routes I’ve driven at least a hundred times. It’s a relief to hear that robotic voice helping me with every single turn on my way home. Here at Core, we asked-how can we make the vulnerability management journey easier for organizations to traverse to reduce the risk of a potential security breach? Ah, yes, a roadmap of sorts to follow to ensure a successful program!
Data Security

Why Use a Password Auditing Tool?

Mar 20, 2013
Why Audit Passwords? Harriet Beecher Stowe is credited with the quote "Human nature is above all things lazy" - while I prefer to think of myself as 'efficient' rather than lazy I think the principle is sound. When faced with the choice of executing a task in a difficult or simple way (with no difference in the outcome) then people will naturally choose the simple way. This leaves more physical and mental resources available for the truly challenging things in life.
IT Security

The Exponential Nature of Password Cracking Costs

Feb 11, 2013
Flavio De Cristofaro used to run our Security Consulting Services (SCS) group and long time password cracking enthusiast was recently asked to present at AppSecLatam2012 on Lessons learned from Recent Password Leaks. The following is his analysis on the exponential nature of password cracking costs.

Obligatory Java “zero-day” Blog Post

Aug 12, 2012
When my mother emails to ask if she should be worried about the Java vulnerability the saw on the news, you know a security issue has gone mainstream. And it seems you cannot be a security company without having a blog warning of the dangers presented by the Java exploit – and while it is important that users make sure they are protected against this danger, I wanted to take a step back and make some observations around all of this noise.

Core Ready to Put On its Black Hat

Jul 24, 2009
Core Security has more going on at Black Hat USA in 2009 than ever before, with the concept of helping customers improve their overall security standing at the center of everything we plan to do.