Though data breaches have the potential to expose corporate secrets, finances, and intellectual property to prying eyes, a more insidious problem for the enterprise is the issue of leaked credentials. Email and network usernames, passwords, and related information may also form a major part of the corporate data leakage that follows a serious breach. And since these identifiers may be … Read More
Employee Security Awareness Training – Management Side
As many organizations have learned to their regret, a policy for cybersecurity – however comprehensive, proactive, and technologically sound it may be – is doomed to failure if its terms aren’t adhered to by stakeholders of the enterprise, across the board. This emphasizes the need both for eliciting buy-in to the concept and culture of security awareness, and for management … Read More
Microsoft Implementing JavaScript In Excel: What Are The Potential Threats?
Since its arrival on the computing scene in 1995, JavaScript has emerged as a “consumer level” programming language capable of powering common website features like multimedia modules and form submissions. And given its long history, JavaScript code snippets are currently available across the internet, in a number of freely accessible libraries and resource bases. It provides convenient automation – for … Read More
What is WireGuard? A Closer Look at a New VPN Technology
A new VPN (Virtual Private Network) technology called WireGuard that’s being billed as perhaps “the most secure, easiest to use, and simplest VPN solution in the industry” is currently gaining traction. It’s especially popular among application developers working for companies that are looking to build their backend infrastructure (administration, archives, and other non-customer facing business units or applications) on the … Read More
The Benefits of Real-Time Cyber Threat Intelligence
To protect their personnel, assets, and sensitive information from being compromised, hijacked, or stolen by malicious actors, organizations are often advised to adopt security best practices, and to deploy the latest in secure technologies. But these things can’t be pulled out of thin air, or identified and adopted without knowledge of what they are, how they should be used, and … Read More
What is Domain Fronting?
A little-known software feature called domain fronting has become the central issue in a worldwide dilemma now facing internet users wishing to gain access to websites and online resources that their governments have deemed off-limits. Censorship of internet access and content has been very much in the news in recent months, as the global debate over data rights and privacy … Read More
Best Practices to Prevent DLL Hijacking
Though we routinely use computer programs to perform our daily tasks, few of us actually know or tend to consider the implications of how this software is constructed, and any weaknesses it might be vulnerable to before it starts its work. But hackers and the malicious tools employed by cyber-criminals don’t only target applications once they’re up and running. It’s … Read More
How will GDPR Affect Social Media Marketing?
The May 25th, 2018 deadline for its formal introduction has passed and organizations across the globe are scrambling frantically to ensure that they’re prepared to meet the demanding terms of the European Union’s (EU’s) General Data Protection Regulation or GDPR. It’s a legal and compliance framework designed to safeguard the privacy and data rights of EU citizens and residents – … Read More
Browser Extension Sniffers – How Do Bad Actors Use Them?
Web browser extensions are those little applets you can add to your Firefox, Chrome, Edge/Internet Explorer or other desktop, to increase the functionality of the main program, and spice up your online experience in any number of ways. For the desktop browser environment, extensions are pretty much the equivalent to mobile apps. In fact, many of them also come in … Read More
How Honeytokens Are Used To Track Cybercriminals
Proactive methods of cyber-defense, including the use of “honeytokens”, have been growing in popularity recently, as commercial and other organizations seek ways of “bringing the fight” to hackers and cyber-criminals, rather than just sitting back and waiting for something to happen. Ironically, one of those ways involves just that: Sitting back and waiting for something to happen – but only … Read More