It was the fall of 2016, and I winced at the title of the article: “Is YOUR Organization Ready for GDPR?” I thought to myself, what was GDPR again? It sounded like a device used on CSI to lift fingerprints from a moving ceiling fan. Turned out the General Data Protection Regulation (GDPR) was a new… Read More
In the hospital setting, there is no tolerance for poor hygiene. Frequently washing your hands and using hand sanitizer can drastically decrease the chances of contamination, the spread of disease, and infection rates. It’s just as important to commit to cyber hygiene to slow down attackers who are looking to infect your mission-critical systems. In… Read More
In our previous blog in the series, “5 DIY Cyber Security Skills Every IT Professional Needs to Master,” I discussed the importance of nmap as a critical command line tool that improves network visibility and overall security. Today, I’ll cover some concepts related to translating coding and programming structures. Being a resident cyber handyman isn’t easy. Not… Read More
There’s no doubt that bank data breaches cost businesses money, but there are costs associated with breaches that add up beyond a round dollar figure. Most studies that calculate the costs from breaches focus on short-term quantifiable costs such as discovering and mitigating the breach and recovering assets. But the long-term, indirect breach costs — costs such as hits to… Read More
Accessing Clear Text Administrative Passwords In our last blog post, we showed how pen testers can use misconfigurations within Active Directory group management to escalate privileges. However, that technique is heavily dependent on having access to privileged or misconfigured accounts in the first place. This week, we discuss another finding that we frequently take advantage of… Read More