Cyber Security Awareness and Vulnerabilities Blog

Part 1 of the Improving Your Security-Efficiency Balance Series:   Organizations of all sizes today face a unique balancing act when it comes to user access. Employees require access to multiple organizational systems, applications, and data to successfully do their jobs—from human resource information systems…

Read More


With data breaches causing seemingly endless damage, from record breaking numbers of exposed records to millions spent on remediation, it’s clear that organizations must build stronger security portfolios than ever before. Security Event and Information Management (SIEM) solutions enable you to manage potential vulnerabilities proactively…

Read More



Insider threats are on the rise. Whether they come from accidental insiders who are prone to phishing attempts or malicious insiders who are seeking to expose sensitive data, insider attacks have significantly increased in recent years. According to the 2019 Insider Threat Report from…

Read More


Human element of pen testing

Science fiction novels, TV shows, and movies often demonstrate the possibility of, and perhaps the danger of, computers and machines taking over the day to day jobs that humans once completed. While this has come to fruition in some instances, like with many…

Read More


Identity Governance Improves Security

In the complicated, tangled web of managing user rights, permissions and accounts, keeping track of who has access to different resources can seem nearly impossible. Organizations today are facing increasing demands, mandates, and compliance regulations as they manage access and support countless devices…

Read More


False positive

The phrase “false positive” has become so ubiquitous in Information Security that we often don’t stop to consider what it means or how it is used. Many use the term to describe every alert generated by a tool that does not lead to…

Read More

This work was originally done on Windows 7 Ultimate SP1 64-bit.  The versions of the libraries used in the tutorial are: termdd.sys version 6.1.7601.17514 rdpwsx.dll version 6.1.7601.17828 rdpwd.sys version 6.1.7601.17830 icaapi.dll version 6.1.7600.16385 rdpcorekmts.dll version 6.1.7601.17828   The Svchost.exe process In the Windows NT operating system family, svchost.exe ('Service Host) is a system process that serves or…

Read More


Security teams are perpetually busy protecting their organization’s data, so with the incessant pings of relentless security notifications, it’s no wonder that they feel as though their ears are ringing. As organizations grow and add more and more tools, the danger of alert…

Read More


It was once hard to believe, but Linux users are now starting to understand that the malware-free experience they once had is quickly disappearing. And it’s a big wake-up call. Over the last several years, there has been an alarming increase in malware, ransomware,…

Read More


Phishing best practices

As long as you have an email address, you will forever be sent phishing emails attempting to lure you into some malicious activity. While we’re all familiar with the concept of these emails, it’s another thing entirely when it comes to designing one.…

Read More