Monday, March 20, 2017

Insiders: The often forgotten threat

Insider threats are of particular concern to organisations as the impact of a rogue insider can be catastrophic to the business. The 2016 Verizon Data Breach Investigations Report showed that 15% of data breaches were a direct result of insider deliberate or malicious behaviour.  Given...

The "Five Stages" of being breached

https://eclosure.com.au/5-stages-grief/ Doing data breach investigations in the commercial sector introduces you to many new people.  One of the nice things that people have said to me is "Great to meet you, but I hope to never see you again".  A few people that have been through a data...

Thursday, July 7, 2016

Ransomware – a wake up call for effective security controls

“The digital canary in the digital coal mine” https://share.america.gov/wp-content/uploads/2014/11/canary_art22.jpg A “canary in the coal mine” is an idiom that refers to an early warning sign for upcoming trouble.  This comes from the day when there was no technology to detect leaks from...

Wednesday, April 9, 2014

Exploiting Heartbleed vulnerability

Seems the whole InfoSec world is talking about the Heartbleed (CVE2014-0160) vulnerability in OpenSSL the last 24 hours.  Being an empirical person I wanted to try it out for myself.  There is a patch available, but they take a long time to get deployed to many web servers. The vulnerability...

Monday, January 20, 2014

Preventing POS data breach

Background Espresso? Sure why not! With so many people talking about Point of Sale (POS) data breaches and so many of them happening over the known history of computer crime you have likely been lead to believe that POS is a hard thing to secure and that sophisticated crooks are chasing POS systems...

Friday, January 17, 2014