Category: best practices

Orvis data leak and the need to monitor ‘paste’ sites

Fishing retailer Orvis had a serious (and embarrassing) data breach recently. Independent security researchers found a posting on text snippet site Pastebin with what appeared…

Continue Reading

US DoJ guidance on responding to and reporting cyber incidents

When thinking about how to respond to cyber security incidents, you need to think about how your organization will engage with law enforcement – and…

Continue Reading

OWASP API Top 10 Security List

If your organization is developing software, chances are that your developers are building application program interfaces (APIs) to allow interoperability between your code and code…

Continue Reading

Insider threat reporting by the numbers

I don’t normally take security advice from goats, but I think I need to make an exception for Red Goats. A recent report on insider…

Continue Reading

Great resource for configuring TLS

OK, let’s admit it – issues around cryptography are the most complex and confusing part of information security. Aside from all that math, there are…

Continue Reading

How authentication methods stack up

Here’s a nice resource from iDaptive’s blog on the relative merits of various common types of authentication technologies – interesting quick read.

Continue Reading

NIST & Microsoft partner for patching pointers

The US Government’s National Institute of Standards and Technology and 8,000,000 pound gorilla Microsoft are working together to provide industry with definitive guidance on keeping…

Continue Reading

An example of a clear and concise incident report

This incident report from the Australian National University is definitely worth a read, both as an interesting look into the mechanics of a systems compromise…

Continue Reading

Good security advice from down under

For many organizations, especially small businesses, the thought of starting any kind of cyber security program can seem daunting. With all of the threats out…

Continue Reading

WordPress wants sites to eat their (patching) vegetables

Apparently. over a third of the web sites on the Internet (including this one) run the WordPress content management software package. Natch, this makes WordPress…

Continue Reading