Closing Critical Gaps in the Defense Industrial Base

Every organization has gaps in its security posture. There is simply too much surface area and too few resources for organizations to perfectly cover all the gaps. Given enough time, attackers will find and exploit these gaps. Below is a high-level case study of one such incident that occurred a year ago at a mid-sized United States defense contractor. […]

Medical Records are an Attractive Data Theft Target

While news about data breaches is growing disturbingly common, coverage is often focused on financial data – especially credit cards.  An event with direct impact to a large group of victims makes for a popular news topic, of course.  However, another major theft is gaining attention as well.  Personal data – notably medical records – has become […]

Are Rogue Code Signing Keys in Your Environment?

Although this specific example has been exposed as part of a joke, the threat is real – code signing keys are often targeted by advanced attackers.  Keys stolen during other breach operations have been used to sign malicious software. Perhaps this was inevitable – it appears the attackers behind the Sony breach are using stolen code signing keys […]

Point of Sale Compromises: Security at the Speed of Business

Getting your credit card data pilfered at a point-of-sale system (e.g. cash register) is something that happens to someone else. YOU don’t go to dingy restaurants staffed with shifty wait staff and dodgy card-swipe machines; you go to reputable establishments that use systems built by people who know what they’re doing, right?  Consider this: A remote-access attack […]