Cyber Security Awareness and Vulnerabilities Blog

RSS

We spend a lot of time talking around and about bad actors, but what if we sourced them to teach us about this industry instead? We know they exist and we know they’re working towards obtaining the sensitive data on our networks. But…

Read More

 1. Introduction In this blog post, we will cover the analysis and exploitation of a simple heap buffer overflow found in SAPCAR a few weeks ago. SAP published security note #2441560 classifying the issue as "Potential Denial of Service". This post is our attempt to show…

Read More

So I know that everyone was worried about WannaCry and the Ransomware epidemic that we just had. Though this type of attack isn’t new, this one particular instance got so much attention because it was such a large attack and affected many in…

Read More

Businesses are not prepared for advanced malware. This may seem like a harsh statement but as this week’s POS breach at Chipotle showed us, it is true. According to the 2017 Verizon Wireless Data Breach Report, over half (51%) of breaches included malware…

Read More

You may know that you need to penetration test your organization for the sake of compliance - but there is more to gain from a pen-test than just adhering to set regulations to avoid a fine.  We've compiled a list of reasons to pen-test…

Read More

There is no doubt about it, the Internet of Things (IoT) has made life better. I’m not just talking about the fact that I can be connected 24/7 through my laptop, tablet or phone. The rapid expansion of devices that are connected to…

Read More

Benjamin Franklin has been credited with saying, “time is money,” and I can’t think of a statement that’s more accurate than that for pen-testers. In today’s blog, we’re going to discuss three things to look for in a penetration testing tool that will…

Read More

WannaCry may be the latest outbreak or ransomware to hit the news, but it is not the 1st or the last. In 2016 alone, it is estimated that $1 billion dollars in cyber ransoms were paid out to cyber criminals. If this widespread attack…

Read More

According to the Anti-Phishing Work Group, 1.2 million individual phishing attacks took place in 2016 – a 65% increase from the year before. These attacks have been mentioned across all industries and the most recent Verizon Wireless Data Breach Report states that 95%…

Read More

Did you know that one of the top nine attack types consistently covered in Verizon’s Data Breach Report are insider threats and privileged misuse? According to this year’s report, 66% of insiders steal information in hopes of selling it for cash, 17% are…

Read More