The SANS six-step Incident Handling Methodology are preparation, identification, containment, eradication, recovery, lessons learned. According to SANS, preparation, identification and lessons learned phases are most affected by company size. In terms of planning for the long term, the steps I would take depends on the size of company. The smaller the organization, the less formal...Read More
Since 3 years have gone by already, the following is my personal opinion on the infamous Ashley Madison Hack of 2015. Many families were affected by this hack as well. Therefore, I will attempt to be a bit more sensitive with this post. Background Ashley Madison is a online data service that encourages its users...Read More
This article is to help readers understand the differences/similarities between XSS and CSRF attacks. These are attacks that are common in the application security realm. This information may be useful for a job interview one day. I hope you enjoy! The main difference between Cross-Site Scripting (XSS) and Cross Site Request Forgery (CSRF) is in...Read More
The topic of “Hacktivism” is one of importance. Hacktivism is a term that can be “credited to the Cult of the Dead Cow”, a hacker group that argued that universal access to the internet is a human right. Hacktivist aim to cause social change, just as many others have done in the past, through the...Read More
The following is a quick description on Encoding, Encryption and Hashing. This post is to quickly help anyone understand these concepts and the differences with each. Encoding is the act of transforming data from one form into another. This type of transformation does not require a key, as it should be able to decoded by...Read More
The following below is my personal opinion on what the three most significant threats are in regards to the information we are sharing today. Data sharing and data privacy dominate the news these days as companies are being investigating for their policies and people are beginning to crack down on their habits. This is my...Read More
Modern Challenge To Information Security Statistics show that a large percentage of security breaches by malicious insiders or compromises resulted from attackers leveraging exploits on mobile devices to launch attacks on more sensitive internal resources. Thus, protecting cell phone usage for companies has to be a priority. Additionally, relying on everyone to secure their smart...Read More
