New Service Offering – PHaaS

Phishing continues to be a burden for both the private and public sectors to deal with – attacks are ever evolving, becoming more complex and users continue to fall victim. Our clients have been looking for solutions to help them deal with phishing in a controlled manner that simulates real world attacks. To that end, […]

“Yes, all product lines are impacted.”

On Wednesday Anthem, formally Wellpoint, announced that they were the victims of a “very sophisticated external attack” affecting “all product lines”. The numbers aren’t clear yet but some estimates I have seen, on the Twitter buzz this has caused state the estimates could be as high as 80 million. Even half that is a huge […]


I received an email from a friend of mine the other day asking if he should change his passwords in response to the all the news from Heartbleed he was hearing. Before I respond let’s take a closer look ate the vulnerability and the risk. For those of you that haven’t heard OpenSSL 1.0.1-1.0.1f has […]

Full Disclosure comes to an end

In a post today by  John Cartwright, it’s been revealed that the Full Disclosure mailing list is being shut down. It’s a shame really, as a student of cyber security this was one of the first things I would check for interesting news on various security flaws found in a plethora of different areas. It […]

Twitter halts progress on encryption for the time being.

In an article over at The Verge it has come to light that for the time, Twitter has put a halt on it’s work towards encrypting direct messages. News of this was leaked back in an October article at The New York Times which detailed that fall out after the NSA revelations came to light of the snooping […]

University of Maryland falls victim to data breach

In news today it has come to light that University of Maryland has fallen victim to a database breach of over 300,000 records, dating back to 1998. UMB President Wallace Loh was informed by Brian Voss, the VP of IT at the university. “A specific database of records maintained by our IT Division was breached […]

Massive DDoS attack

A large DDoS attack hit US and Europe based servers, that some are reporting to have been larger in scale then the attack last year titled Spamhaus. These attacks again utilized the Network Time Protocol on compromised servers to launch the attacks while spoofing the IP addresses of the attackers to masquerade as their victims. […]

Healthcare website still vulnerable says experts.

In an article this Sunday over at Salon published this past Sunday it was exposed for the second time that the government healthcare site, being used for the Affordable Care Act, is still vulnerable. A panel of experts met with the House Science, Space and Technology Committee on Thursday and expressed concerns of just how easy it […]

Interns – Security R&D

I have the luxury of working at the local community college and while there I have met, and begun mentoring some great young minds. While they are still new to the information security environment they are full of ambition and drive to continuously learn. So, as a good mentor, I am opening up my site […]