SQL Injection

SQL-injection

What is SQL Injection? SQL Injection is a web security vulnerability that allows an attack to interfere with the queries that an application makes to its database. It generally allows an attacker to view data that they are not normally able to retrieve. This might include data belonging to other …

Read More

Log4j

Log4j-vulnerability

Log4j Vulnerability Explained The Log4j vulnerability allows malicious attackers to execute code remotely on any targeted computer. What is Log4j: Log4j an open-source software, a logging library for Java, is widely used by businesses and web portals. Earlier this month, this open-source software was in the news for its vulnerabilities. …

Read More

Vendor Security Assessment Questionnaire

security-assessment-questionare

Meeting security requirements to grow your business Maintaining cybersecurity and regulatory compliance for data privacy is of the utmost importance for businesses in almost every field—but doing it effectively is a moving target. Hackers are continually seeking new ways to gain unauthorized access to your systems, so the external threats …

Read More

Penetration Testing

penetration-test

Maintaining cybersecurity and regulatory compliance for data privacy is of the utmost importance for businesses in almost every field—but doing it effectively is a moving target. Hackers are continually seeking new ways to gain unauthorized access to your systems, so the external threats you need to guard against are constantly …

Read More

Securing your Database

Database-security-controls

During a customary search for vulnerable databases, the team at Comparitech discovered a vulnerable and unprotected MongoDB database belonging to FarFaira, a website designed to promote literacy for children as young as 2 years old. The information on this database includes user sign-in information, email addresses, and social media tokens. …

Read More

Cybersecurity Is A Great Career Option For Veterans

how-to-start-a-cybersecurity-career

When men and women leave the armed services, their next career steps may not be immediately obvious to them. Despite the skills they gain in their time serving the nation, military veterans are 37% more likely to be underemployed than nonveterans, according to The New York Times [i]. Whether this is due …

Read More

How To Start A Cybersecurity Career

how-to-start-a-cybersecurity-career

With ransomware attacks and data breaches in the news on an almost daily basis, businesses in every sector are on high alert. Even small organizations are heavily dependent on technology for normal operations, and the prospect of losing access to their systems or having hackers steal sensitive information is frightening …

Read More

Recovering Hacked Website

  Recovering hacked websites is a common term in Cyber security. Websites can be hacked for multiple reasons. Some of the most common reasons that we’ve seen are account compromise, insecure plugins, and non-restrictive file permissions. We’ve secured these weaknesses through simple steps such as implementing two-factor authentication, updating old …

Read More

5 Steps To Responding To A Vendor Security Questionnaire

To-responding-to-a-vendor-security-questionnaire

How to pass a vendor assessment test? During a previous job, I reviewed the security controls of many businesses that wanted to do business with a famous Hollywood Studio. We’d have an elaborate security questionnaire that we’d send out to vendors to fill up and submit. Having reviewed countless of these questionnaires, I …

Read More

Zero Trust Network

Zero Trust In The Time Of Covid19

What is Zero Trust Network? Zero Trust is somewhat like navigating through a high-security airport where we scan our ticket and validate our identity at multiple points of entry. It is about implementing and monitoring user-access control at a granular level. Zero Trust Network Access (ZTNA) ensures that only authorized …

Read More