Blog

Latest from our blog

The 12 Immutable Laws of Information and Computer Security

Posted by on 3:59 pm in Blog

As active technology security professionals, we regularly deal with a variety security issues that arise from various causes. While sometimes these security breaches are due to a product flaw – more often than not the real reason for a security breach comes from natural human error, or a lack of knowledge about good security practices (note: this isn’t an intelligence thing, it’s really more a perspective thing). Something we have noticed over the years is that we find certain commonalities among the causes of these security issues....

read more

The solution to a mathematical problem could render all public key cryptography obsolete – should people and businesses be worried about the “Cryptopocalypse“?

Posted by on 3:58 pm in Blog

Last month there was a presentation at the Black Hat conference that warned us of a “factoring cryptopocalypse” – where factoring numbers and solving the discrete log problem become easy, rendering two of the most common encryption methods currently used (RSA and DH) practically useless. The consequences of such an occurrence are profound, because any data encrypted with these methods (which is practically ALL encrypted data) would be easily exposable using simple methods. Public-key cryptography also underpins some very widely used Internet...

read more

Employing multiple security layers is now absolutely critical for all businesses – and here is why

Posted by on 3:55 pm in Blog

Employing multiple security layers is now absolutely critical for all businesses – and here is why

Enterprises earn failing grades for their cyber security efforts, and small businesses should take watch Some disturbing information coming from our friendly neighborhood anti-malware stalwarts Malwarebytes. It seems based on findings from a recent survey from the Enterprise Strategy Group (ESG) reveal that enterprise-class organizations (i.e. 1000+ employees) are still much too exposed to targeted attacks on their systems. While there have been improvements to the general security level of most large organizations, the research has shown...

read more

Hacking Your Printer – the One Security Weak Point No One Thought Of Before

Posted by on 3:54 pm in Blog

We discovered an interesting new development while attending the latest BlackHat conference. It seems that the guys at Red Balloon Security have discovered a way for hackers to get into your printer – and this is something of a game changer as far as information security is concerned.. Now it is important to note that this was a theoretical demonstration to “prove the concept” – and there is (so far) no evidence of this exploit being used in practice. Also this issue is more likely to affect businesses with networked printers, but there is...

read more

5 serious security issues to watch out for at the 2013 Black Hat Conference

Posted by on 3:52 pm in Blog

For those of you who don’t know – the BlackHat Conference is an annual event that brings together the best and brightest thought leaders from all facets of the information security world. From July 27 to August 1st – we will hear speakers from the corporate and government sectors, as well as various academic and even “underground” researchers. In short – this is where the elite infosec security practitioners go to talk shop, unveil amazing new hacks, and discuss what is really going on in the “seedy underbelly” of the information security...

read more

Java vulnerabilities still causing major security headaches despite efforts

Posted by on 3:49 pm in Blog

Though Oracle has tried very hard to better secure their still ubiquitous programming language (89 patches in their latest security update) – Java unsurprisingly remains the most targeted endpoint technology of 2013. A dubious honor that sees little chance of changing soon, with Apple being the latest victim of a Java exploit after Facebook and Twitter were also hacked earlier this year. According to the latest Java Vulnerabilities Report from Bit9 (requires registration) – the reasons that Java remains so vulnerable are abundantly clear, and...

read more

How to protect your online privacy: 11 simple tips to protect you and your business

Posted by on 3:47 pm in Blog

Online privacy has been pretty hot topic for some time now – from the latest NSA allegations over systematic public monitoring, to concerns over sharing of user activity data, to natural human concerns about what happens to their personal information. As security experts, we are often tasked to help improve privacy protection and secure access to personally identifiable information. In fact there are a lot of regulations that govern such actions like HIPAA, PCI-DSS etc. Accordingly we’ve put together this list of 11 simple privacy protection...

read more

4 key facts behind the Android Master Key exploit discovery

Posted by on 3:45 pm in Blog

It was recently revealed by BlueBox that they had found a serious vulnerability that affects up to 99% of Android devices. Unsurprisingly this has caused something of a stir in the media and technology industry. We thought that it would be helpful for some readers to look past the sensationalist headlines, and get right down to answering “how does this exploit really affect me – and should I be worried?” Let’s break this down shall we – you can confirm the facts in this article by reading through the original BlueBox post, and articles from...

read more

Android Malware Alert – Anatomy of the Most Sophisticated Mobile Trojan Ever Found

Posted by on 3:43 pm in Blog

Security firm Kaspersky has reported what they claim to be the most sophisticated Trojan ever found targeting a mobile platform. Google has already been informed of the details and a new fix can be swiftly expected. Nicknamed the “Backdoor.AndroidOS.Obad.a” – this Trojan has caused some serious concern among security professionals due to its complexity. What makes this particular Trojan so interesting is the sheer amount of (previously) unknown vulnerabilities that it exploits, the multiple functions it’s capable of performing, as well as the...

read more

Six Technologies That Will Make Your Business Safer

Posted by on 3:42 pm in Blog

There are many technologies out there that help businesses stay safe and secure from most threats. As we’ve said before time and time again – the best defense against suffering a security breach is to make yourself as difficult a target as possible. Always remember that cybercriminals in general tend to look for the easy opportunities to exploit, rather than spend extra time and effort trying to break into a relatively secure system. Sadly the major reason for this is because there will always be plenty of “low hanging fruit” out there to...

read more