A Look at Biometrics

biometrics The field of biometrics is rapidly growing and expanding. Whether we realize it or not, biometrics are prevalent in our everyday lives. Many consumers may wonder how biometrics work and how they are of use. In this article, a dive into the realm of biometrics will ensue, and explain how it all coincides.   What are Biometrics? To answer this popular question, biometrics are by definition, “the measurement and analysis of unique physical or behavioral characteristics (such as fingerprint or voice patterns) especially as a means of verifying personal identity” (1). Breaking this down, a biometric identifies unique personal features of a person. The retained information can then be… Read More

Continue Reading

What is Phishing?

    Introduction to Phishing   Phishing is one of the top tactics used to steal personal information (2). This scam occurs when someone posing as a legitimate business, person, etc. fraudulently solicits information from an unsuspecting user.(1). Often times scammers pose as bankers, technical support agents or an employee at a doctor’s office. This tactic is often times successful. This is due to the fact that most people wouldn’t think twice about answering a call from one a doctor’s office or a local bank. Regardless, the end goal is simply to steal information. But, who they target and how the scam executes varies between the different methods. To find… Read More

Continue Reading
the number one target for hackers

The Number One Target for Hackers

The Number One Target for Hackers The number one target for hackers. By Taylor Ritchey   Introduction Currently, hospitals and other healthcare related facilities are the number one target for hackers.  According to CBS News, almost every hospital in the US deals with some kind of cyber threat or attack (CBS News). Experts say that for as much information that the healthcare field is responsible for, cyber security standards should be a higher priority. Imagine how many patient records one hospital is responsible for. Then to think about the total number of patient files for every medical facility is almost hard to imagine. In hospitals, cyber security is not the… Read More

Continue Reading
Security Threat - Intentional vs Unintentional

The Biggest Security Threat to an Organization

The Biggest Security Threat to an Organization When we think about threats within an organization we always refer to an outside attacker, or natural disasters such as, fire, flood, earthquake, hurricane, tornadoes, etc. Below we will discuss which group of people are the biggest threats of an organization in more depth. The biggest threat within an organization is the insider; a threat can be intentional and unintentional. The bad news is that you don’t know who can intentionally harm your organization or not. Therefore, it is important to train your employees and give them something called Least Privilege. Least privilege is when you give someone no more and no less… Read More

Continue Reading

Handling Employees To Prevent Corporate Espionage

Handling Employees To Prevent Corporate Espionage  By Victor Joel Harvey Companies today must remain vigilant in order to prevent their trade secrets and other confidential information from being compromised by both outside sources and by sources inside the organization.  Increasingly common, employees often intentionally or unintentionally “leak” confidential information stored on company computers, laptops, or networks.  The following is a listing of measures that should be taken by companies in an effort to prevent breaches of data made by employees:   Education of employees regarding their responsibility to keep non-public company information confidential is essential. Monitoring of all electronic devices used to access information, including company computers, cell phones, and… Read More

Continue Reading
Types of Malware

User Awareness: Baiting, Vishing, and Social Engineering Attacks

User Awareness: Baiting, Vishing, and Social Engineering Attacks.  By David Pierre   Firewall, Antivirus, Patches, Intrusion Detection System (IDS), Intrusion Protection System (IPS) are not helpful if a user is not trained. Therefore, it is good to have a clue of the basic ways to protect yourself against the above mentioned attacks. With Baiting, Vishing and Social Engineering an attacker does not need any computer knowledge. Below is the definition of these attacks. Baiting is when an attacker leaves an infected device such as a USB thumb drive, a cell phone, or a memory card somewhere on purpose.  If you find one of these devices you may think that you… Read More

Continue Reading

Krack Attack and the History of Wireless

A History of Wireless Network Protocols By David Pierre We can’t get started with the history of WPA2 without talking about its predecessors, WEP and WPA.  In the following article, we are going to talk more about these wireless networking protocols. First, what is the reason a wired or wireless network needs to be encrypted?  Whenever you send a message or any data over the Internet, you have no power over it once you send it.  This means anybody can access the data while it is in transit.  As a result, you need a way to make your data unreadable to unauthorized users. WEP In September 1999, WEP was ratified… Read More

Continue Reading

Facebook Denies Possible Outbreak of Ransomware, LinkedIn Also at Risk!

Facebook Denys possible outbreak of Ransomware, LinkedIn also at risk! Out of all the possible malware and viruses you can get on your system, ransomware has the potential to be the worst. Ransomware is especially nasty due to the damage it can do to your system. This is especially true in enterprise level environments. I can speak from personal experience, that when the IT department finds a possible Ransomware infection we take it very seriously.  I have personally witnessed on multiple occasions a company bring an entire department offline to keep an infection from spreading. Ransomware can be identified through its trademark method of infection. A Ransomware program will encrypt… Read More

Continue Reading

Dumpster Diving Low Tech Hacking at its Finest

Social Engineering Awareness Part 1: Dumpster Diving Dumpster diving remains a prevalent security risk for almost every organization. Dumpster diving is a form of Social Engineering that takes very little technical knowledge. A potential hacker’s goal while dumpster diving is to look for any information hidden within the trash to help penetrate a network. A quick list of potential targets containing worthwhile information would look something like this. Hard Drives CD Drives Flash Drives SD Cards Floppy Disks Instruction Manuals Receipts Invoices Old Software Old Magazines from vendors like cisco Company Directory page or book Old Business Cards Diagrams of building or Network Anything with signatures Usernames and passwords Anything… Read More

Continue Reading

Replacement Note 7’s Still Exploding Samsung Recall

Samsung’s ongoing struggle  In the latest setback for Samsung it has been reported that yet another one of their Galaxy Note 7’s decided to explode during the boarding process of a plane at the Louisville international airport last Wednesday. Samsung has known for a while about its phones dangerous fault in its hardware and has recalled these devices sometime last month. The problem is that this phone happened to be one of the replacement devices. Nobody has been injured during this incident. However, smoke from the device caused more than 75 people to be evacuated from the plane. Samsung released a statement stating the following. “Until we are able to… Read More

Continue Reading