Cybersecurity


TechCrunch reported yesterday that New York payments startup, Paay, exposed millions of credit card numbers. The massive database storing millions of credit card transactions is now secure after spending close to three weeks exposed publicly to the internet. The report said, “because there was no password on the server, anyone could access the […]

Unsecured Paay Database Exposes 2.5m Card Transaction Records


New data from security firm Tessian found that 673 domains related to the $2T stimulus package have been registered since the U.S. government announced on March 19 it would issue checks.  The domains use common questions or keywords (such as whereismystimuluscheck or COVID-19-stimulus), banking on the fact that many will […]

Over 670 Stimulus-Related Domains Registered Since U.S. Gov Announcement


Following a routine iOS Digital Forensics and Incident Response (DFIR) investigation, ZecOps found a number of suspicious events that affecting the default Mail application on iOS dating as far back as Jan 2018. ZecOps analyzed these events and discovered an exploitable vulnerability affecting Apple’s iPhones and iPads. ZecOps detected multiple […]

Apple iPhone May Be Vulnerable to Email Hack




By Ian Lancaster, founder and former managing director of Reconnaissance International and lead author and editor of ‘Physical to Digital: A Revolution in Document Security’ A revolution is underway in the secured document field. Society is migrating from using physical secured documents, such as banknotes and identity cards, to the […]

Digital Document Revolution: A Cautionary Note





I want to introduce you to David. David is the Chief Information Security Officer for a sizeable financial institution. He is an educated career professional, a loving husband, and a devoted father. He takes his job as CISO very seriously. The responsibility of protecting his organization’s digital assets, including sensitive […]

A Security Patch for Your People


Security technology has not kept up with today’s accelerated move toward virtual infrastructure and disappearing network boundaries. Advanced hackers are quickly exploiting application vulnerabilities with fileless and memory-based attacks. A new security approach is needed to counter these sophisticated threats. Methods that do more than monitor the perimeter and that […]

Advanced Application Attacks Put Businesses at Risk



Despite notable investments in Privileged Access Management (PAM) technologies, privileged accounts are still overexposed. Historically, PAM providers have focused on controlling access to accounts and their passwords, not on the activities an administrator needs to perform. The result is an excess of privileged accounts and privileged access control groups with […]

A Task-Based Approach to Privileged Access Management


The use of encryption to protect against cyber threats is growing exponentially. Unfortunately, cybercriminals also leverage encryption to hide malware, ransomware, and other attacks.  Industry analyst firm Omdia estimates that as much as 70–80% of enterprise inbound network traffic is now encrypted, which is up approximately 20% from three years ago. As […]

Analyzing Encrypted Network Traffic


The Department of Defense (DoD) is taking new measures to increase IT security. To protect against cybercrime from all sources, the DoD has worked on a new standard for its contractors. The result is the Cybersecurity Maturity Model Certification (CMMC). The government’s made an effort to improve national cybersecurity for some […]

DoD Implements Cybersecurity Regulation to Protect Against Data Breaches