Protecting Your Business From Your Remote Workforce

By |2020-04-07T12:26:28-04:00March 19th, 2020|

A significant portion of your workforce is currently moving to perform full- or part-time remote work as a result of COVID-19.  As you modify your business processes and workflows to accommodate this change, it’s important to understand how remote work affects your cybersecurity posture and what [...]

The reality behind hospital and medical device security.

By |2020-03-31T10:21:26-04:00December 5th, 2018|

We recently presented at the DeviceTalks conference in Boston Ma about the vulnerabilities that affect hospitals and medical devices (insulin pumps, pacemakers, etc.).  The goal of our presentation wasn’t to instill fear but sometimes fear is a reasonable byproduct of the truth.  The truth is that [...]

Retro: FACEBOOK – Anti-Social Networking (2008).

By |2020-03-31T10:21:47-04:00April 11th, 2018|

This is a retro post about a penetration test that we delivered to a client back in 2008.  During the test we leveraged personal data found on Facebook to construct and execute a surgical attack against an energy company (critical infrastructure).  The attack was a big [...]

We protect voters from people like us.

By |2020-03-31T10:21:57-04:00January 25th, 2018|

Dear Kris Kobach, We recently read an article published by Gizmodo about the security of the network that will be hosting Cross Check.  In that article we noticed that you said "They didn't succeed in hacking it." referring to the Arkansas state network.  First, to address [...]

What they are not telling you about the CIA leaks.

By |2020-03-31T10:23:13-04:00March 17th, 2017|

The CIA leaks are making huge waves across the world. In a nutshell, the documents claim to reveal some of the hacking capabilities that the CIA has. Many privacy advocates believe that exposure of secrets like these is a net benefit for citizens because it provides [...]

Enemy of the state

By |2020-03-31T10:24:19-04:00January 25th, 2016|

A case study in Penetration Testing We haven’t been blogging as much as usual largely because we’ve been busy hacking things.   So, we figured that we’d make it up to our readers by posting an article about one of our recent engagements. This is a story [...]

What real hackers know about the penetration testing industry that you don’t.

By |2020-03-31T10:25:45-04:00March 10th, 2015|

The information security industry has become politicized and almost entirely ineffective as is evidenced by the continually increasing number of compromises. The vast majority of security vendors don’t sell security; they sell political solutions designed to satisfy the political security needs of third parties. Those third [...]

Penetration Testing Vendor Comparison. How To Select The Right Vendor.

By |2020-03-31T10:25:54-04:00November 11th, 2014|

Video Overview: Not all penetration testing services are equal. This video discusses what to watch out for when selecting a penetration testing vendor. Penetration Testing Vendor Comparison Video Below. https://www.youtube.com/watch?v=dRrxNWVYL7E Not all Penetration Testing companies are created equal. In this video we walk through the right way to [...]