Cyber Knowledge Featured Security & Convenience: Finding the Right Balance Too much security can lead to a decrease in convenience, causing users to bypass controls and leave sensitive information vulnerable. Too little security can result in critical information being accessible to unauthorized parties.
Cyber Knowledge Data Privacy vs Data Security Data security and privacy are popular within data security regulations that impose strict penalties on companies that ignore ongoing threats from cyber attacks such as malware and intruders. But even some IT professionals aren't clear about the difference between data privacy and data security.
Cyber Tips It Can Be Done: Preventing Data Breaches Infringement of sensitive information, whether personal information such as credit cards or proprietary information such as intellectual property or financial forecasts, can have serious consequences
Cyber Tips Password Spraying Attacks: Detection and Defense Mechanisms It is important to note that given the nature of password spraying attacks, you cannot prevent them, but you can detect and stop them in their tracks. This blog post describes how this type of attack unfolds, how to detect ongoing attacks, and how to reduce the risk of becoming the next victim.
Cyber Knowledge Watering Hole Attacks: What are they? In nature, predators hide next to watering holes, where prey gathers and wait for the opportunity to attack. Unfortunately, cybercriminals have found ways to emulate this predatory behaviour. They prey on unsuspecting victims browsing regularly visited websites. This is called a watering hole attack
Cyber Knowledge Stay Safe, Secure your Password When you think of password security, what comes to mind? For me, it is what can I do to keep my password safe. However, it is more than that.
Vulnerability Beginner's Guide: Understanding SQL Injections SQL injection (SQLi), is an attack on a web application by compromising its database through malicious SQL statements. As it's a common attack, let's examine what it is, how it happens, and how to defend yourself from it.
Career Development Featured CompTIA Feature: A Day in the Life of an Information Security Consultant CompTIA spoke with Lomar about his professional experience, and he offered direction to those interested in entering the cybersecurity field.
Cyber Knowledge Security Through Obscurity: The Good, The Bad, The Ugly Security Through Obscurity is based on the premise that the secrecy of specific details or functions of a system can ensure Security. Let's explore this concept in its entirety to expose the good, the bad, and the ugly.
Cyber Knowledge The 'S' in HTTPS is For 'Secure' Not 'Safe' "Ensure that the website you are browsing or entering confidential information such as usernames, passwords, or credit card information uses HTTPS." While this tip is vital to bear in mind when browsing the web, many misunderstand it, and this article seeks to set the record straight.
Cyber Tips Combating Insider Threats Insider Threats represents the primary vector for 60% of data breaches, organizations need to examine the threats walking through their door every day with as much thoroughness as they show when securing the perimeter from external threats.
Cyber Knowledge Cybersecurity is Everyone’s Responsibility 40% of employees believe that they assume no responsibility for securing information. This thought is why many organizations place the responsibility of cybersecurity on their IT departments' shoulders, but adequate security must be a companywide endeavor.
Cyber Knowledge Classifying Cybercriminals With law enforcement agencies continually challenged when finding, arresting, charging, and proving cybercrimes. This post will discuss five different classifications of these cybercriminals.
Cyber Knowledge Understanding The Cyber Kill Chain The cyber kill chain is a way to understand the sequence of events involved in cyberattacks from the early reconnaissance stages to data exfiltration.
Cyber Tips How To Prevent Your Phone From Getting Hacked There are many ways a hacker can get into your phone and steal personal and critical information. Here are a few tips to ensure that you are not a victim of phone hacking
Cyber Knowledge Wi-Fi Hacking Methodology Here are the steps an attacker or security professional might take when trying to exploit these networks.
Cyber Knowledge VoIP: Threats and Attacks Since VoIP shares the same infrastructure with a traditional data network, it inherits all security problems from data network. Furthermore, VoIP also has its own security problems coming from new protocols and network components.
Cyber Tips Maintaining WLAN Security It is easier for hackers to exploit the vulnerabilities of wireless networks to gain access to potentially secured networks. Without proper WLAN security, the integrity of valuable information can be compromised.
Cyber Knowledge Threats to IoT Devices In recent years, IoT has become embroiled in controversy related to security and privacy issues. Anything connected to the Internet is open to threats. Here are five significant threats that affect IoT devices.
Cyber Tips DDoS Attacks: Detection and Defense Mechanisms Distributed denial of service or DDoS is a well-known attack within the cybersecurity world. However, despite being around for a long time, it does not show any signs of slowing down
Cyber Knowledge These Search Engines are Great for Passive Information Gathering The Information Gathering phase is the most critical phase of any penetration test. It is the first phase of every security assessment. Information Gathering focuses on collecting as much information as possible about a target.
Cyber Knowledge 4 Wayback Machine Alternatives The Wayback Machine is not the only digital archive available today, and this post aims to highlight and discuss four alternatives and their key features.
Cyber Knowledge Types of Penetration Testing Based on the level of intrusion provided by the client, the most relevant type of penetration test is used to assess the target system. There are five main types of penetration tests.
Career Development Part 3: The New Beginning – My Journey to Infosec Today, I’m a Senior Information Security Consultant, still pursuing growth and certifications. Pursuing certifications, However, have taken on a different meaning for me.
Career Development Part 2: The Turning Point – My Journey to InfoSec I enrolled in the module, “Software and System Security,” which gave me hands-on experience in other areas of Security, such as system and network security. I credit a lot of my exposure and development to this module even though I enrolled in every Security related module the University had.