Cyber Security Awareness and Vulnerabilities Blog



Insider threats are on the rise. Whether they come from accidental insiders who are prone to phishing attempts or malicious insiders who are seeking to expose sensitive data, insider attacks have significantly increased in recent years. According to the 2019 Insider Threat Report from…

Read More


Human element of pen testing

Science fiction novels, TV shows, and movies often demonstrate the possibility of, and perhaps the danger of, computers and machines taking over the day to day jobs that humans once completed. While this has come to fruition in some instances, like with many…

Read More


Identity Governance Improves Security

In the complicated, tangled web of managing user rights, permissions and accounts, keeping track of who has access to different resources can seem nearly impossible. Organizations today are facing increasing demands, mandates, and compliance regulations as they manage access and support countless devices…

Read More


False positive

The phrase “false positive” has become so ubiquitous in Information Security that we often don’t stop to consider what it means or how it is used. Many use the term to describe every alert generated by a tool that does not lead to…

Read More

This work was originally done on Windows 7 Ultimate SP1 64-bit.  The versions of the libraries used in the tutorial are: termdd.sys version 6.1.7601.17514 rdpwsx.dll version 6.1.7601.17828 rdpwd.sys version 6.1.7601.17830 icaapi.dll version 6.1.7600.16385 rdpcorekmts.dll version 6.1.7601.17828   The Svchost.exe process In the Windows NT operating system family, svchost.exe ('Service Host) is a system process that serves or…

Read More


Security teams are perpetually busy protecting their organization’s data, so with the incessant pings of relentless security notifications, it’s no wonder that they feel as though their ears are ringing. As organizations grow and add more and more tools, the danger of alert…

Read More


Phishing best practices

As long as you have an email address, you will forever be sent phishing emails attempting to lure you into some malicious activity. While we’re all familiar with the concept of these emails, it’s another thing entirely when it comes to designing one.…

Read More


How to Manage Identities for Contractors, Consultants, and Other Non-Employees

For years, organizations have recognized the need to pay close attention to and manage the access that their employees have with the help of identity governance and administration solutions.  More recently, organizations are also being faced with the reality that they need to…

Read More


Want to determine the safety of a car? Perform a crash test. One of the most common ways to test the strength of something, particularly when it comes to technology, is by putting it through a stress test. Naturally, this same principle is…

Read More


IT teams handle a great number of tasks that enable an organization to run smoothly. These include handling questions related to technical support for the company’s computer systems, software, and hardware, in addition to performing regular system updates and meeting periodic training needs.…

Read More