Who’s next? Shift focus and detect network attackers
Who will be the victim of the next major breach? Nearly all enterprises and organizations are sitting ducks for a targeted network attack. Maybe it’s time to take some …
The future of ICS security depends on OT-centric security solutions
New cybersecurity operational technologies are emerging to protect industrial control systems (ICS) against impending IT threats and attacks. ABI Research indicates that …
How to automate a custom password dictionary for your pen test
When doing penetration testing, security professionals regularly have to deal with words that are specific to the task at hand, and many are not found in common wordlists. …
Why a layered defense is your best protection against malware
As long as there is software there will be vulnerabilities and those vulnerabilities will be exploited. It’s a bold statement, and oddly enough technically incorrect. In …
Solutions for the hijacked websites problem
According to a group of researchers from Google and University of California Berkeley, roughly 16,500 new sites get hijacked each week and start serving drive-by-malware or …
Spring network cleaning: Quick tips to reduce risk
Spring is here, which means many people will be cleaning their workspace and getting rid of the clutter on their desks. If you’re in charge of your organization’s security, we …
3 steps to embracing NIST 800 security controls
One proven path to improving any organization’s security posture is to embrace the National Institute of Standards and Technology’s risk management framework set forth in its …
Software tools and services used to achieve ISO 27001
With high profile breaches becoming almost a daily occurrence in the media, many organizations are now turning to the ISO 27001 information security standard to help them stay …
Why ICS network attacks pose unique security challenges
Attacks on industrial control systems (ICSs) are increasing in frequency – and have become a reality we can no longer ignore. Securing these networks poses unique …
GoPhish: Free phishing toolkit for training your employees
Too many system and network breaches today start with a well-designed, persuasive phishing email, and organizations and businesses would do well to continually train their …
Identify the ransomware you’ve been hit with
Michael Gillespie, a coder that has created a password generator for unlocking the files stashed in a password-protected archive by the CryptoHost ransomware, has also created …
How to prepare for your first infosec job hunt
You’re new to the information security industry and you’re wondering what to expect during an interview. A quick online search will bring up horror stories …