July 8, 2013

Fear, uncertainty, and doubt (better known as FUD) has been a marketing and sales tactic since people have been buying things from each other. Why? Because it works. I don’t care how logical or methodical we think we are, we have all bought things based on emotions and...

May 31, 2013

Article written by: Jonathan Lampe, a security researcher for the InfoSec Institute.

The OWASP Top 10 list publicizes the most critical web application security flaws as determined by Open Web Application Security Project (OWASP), a nonprofit, vendor-independent IT secu...

May 29, 2013

As an information security consulting firm, we’re often asked what kinds of web application penetration testing tools are available. For clarification, we’re not talking about ‘tools’ as in people. We understand the confusion, because there is a fair amount of web appl...

April 9, 2013

I’m not going to lie, I love Yoo-hoo drinks, to the point that I have at least one a day and get grumpy if I don’t have one available when I want it. Don’t judge me; some people drink, smoke, do drugs, etc. My addiction of choice is Yoo-hoo and I make no apology.

It’s p...

April 5, 2013

I love helping security teams measure control performance (metrics) and improve risk analysis and management programs. Providing visibility into current performance and putting the data in context of business goals helps improve decisions. What happens when the executi...

March 25, 2013

I've decided to republish an article I wrote in 2009 about security awareness. 
__________________________________________

There are a lot of opinions about security awareness programs, what they should look like, what they should cover, whether they work at all, etc. I...

March 22, 2013

..Or How I Learned To Stop Blaming Hackers and Started Blaming Gamers

I recently read an article on the eWeek site, titled Cyber-Attack Wipes Data from Hard Drives at Major South Korean Firms.

In it the author briefly describes the destructive impact that a piece of malw...

March 20, 2013

There's been a lot of hype all of a sudden about a paper published back on February 28th of this year by a security company known as [Re]Vuln. In the paper, found here, researchers claim that attackers can use EA's Origin software, specifically the way it handles...

March 6, 2013

Does your company produce, publish, or host games? Could those games be accessed by children when they shouldn’t be?  Do you collect or ask for personal information from those children? If so, then you probably know that the protection of personally identifiable inform...

February 20, 2013

Have you ever decided to buy a particular make, model, and color of vehicle and then all of a sudden you see dozens of them on the roads where before you rarely saw any? This is colloquially termed “red (or any color really) car syndrome.” It has also been linked to co...