Happy Star Wars Day – May the fourth be with you. Celebrate by protecting your data, terminals, code, and technology from bad slicers (hackers). Get your security awareness reminders for your team, especially now when it seems you are galaxies away.
Organizations are facing a lot of change with remote work set ups – in both physical location and operational shifts. Especially challenged are businesses that manage credit card information electronically and over the phone. These new working conditions unearth new risks for sensitive data. Social distancing can also bring about more social engineering attempts. According […]
COVID-19 – Social distancing, remote working, telecommuting, staying-at-home – changes to our working environment can expose security vulnerabilities, especially social engineering. Bad actors view our increased digital activities as an opportunity to attack. Remind your teams of your cyber security policies and procedures.
Since 2017, the Verizon Database Investigations Report repeatedly shows that more than 80 percent of hacking related breaches each year are tied to passwords.
“Cipher stuffing modifies the fingerprint of communications encrypted with secure sockets layer (SSL) and transport layer security (TLS).“ – Dark Reading
Even with advanced technology and security, your data is still at risk. Studies indicate that hackers are focusing on your teams to gain access to your networks and information. Social engineering is on the rise. This is a method of manipulating your teams into performing actions in order for an unauthorized person to get access […]
Evolution of Phishing Attacks and the Billions it is Now Costing Corporations AUTHOR: Terry Kurzynski, CISSP, CISA, PCI QSA, ISO 27001 AUDITOR It was 23 years ago that the first Nigerian phishing attacks appeared in the inboxes of users across the world. Known today as the Nigerian 419 scams, these emails of deceit were cleverly crafted around […]
What kind of security assessment do I need? It’s a question we at HALOCK Security Labs hear all the time. Every regulation and information security standard in existence tells us that we must undergo some kind of regular assessment. But the security field has not been consistent in advising what kinds of assessments fit which purpose […]
Over years of penetration testing, HALOCK has seen some enduring security vulnerabilities. They are so common, in fact, that we have come to expect to see them in the field. Many information security breaches occur because authentication vulnerabilities permit unauthorized access to applications, systems and data. If you were to follow these tips, our penetration […]
Some companies test once a year. Some test several times a year. So what frequency is correct for your organization? Well that all depends on how frequently your environment changes and other unique factors affecting your organization. When determining how often to conduct network penetration tests, consider the following: