Talk to a Security Expert Now: (800) 721-9177

IT Security Blog

Independent research and articles on IT security, healthcare security, and hacking techniques.

Contact Us

Vendor Management: are your vendors secure?

If you ask the 50 banks that recently had customer data exposed when their accounting firm lost a number of their audit laptops to theft, the answer is no. Incredibly, the accounting firm’s lost laptops apparently did not utilize data encryption even though they contained sensitive customer information. This left the banks in the un-welcomed position of having to notify customers of a data breach.


Anecdotally, our experience doing security audits across many industries indicates that much (maybe even most) of the risk of sensitive data loss in an enterprise is associated with their vendor’s lack of adequate security controls.


Ironically, when a company outsources a service they are also outsourcing much of the security risk. For example,

Read More

DoS-ing over Dial-Up

DoS, or Denial of Service attacks, are nothing new.  The main idea behind a DoS attack is to exhaust a devices resources (be it HTTP, some database backend, or any other form of  'service') until it can't respond to legitimate…

Read More

Honeytokens

I've been thinking about honeytokens a lot lately. While I've always been fascinated by honeypots, honeytokens are a little different spin on the same idea. A honeypot usually functions as a machine or device just begging to get hacked. It…

Read More

Mozilla Collections

If you are anything like us, you can spend hours tracking down Firefox add-ons.  Recently, Mozilla announced the release of 'Collections', which allows you to create and store all of your favorite add-ons and customizations in one central place. If…

Read More