The SolarWinds debacle has reminded us all of one crucial aspect of vital infrastructure: human error. Standards, procedures, and processes are in place to ensure the implementation of a secure baseline. These plans and mechanisms are developed so that organizations have clear instructions to follow for best security practices. The challenge with technology is it is developed … [Read more...]
Phishing Deep in the Amazon
Find an online store you trust, pick an item with reliable reviews, enter your payment details and/or sign-in to the websites account, and finally, click ‘Purchase’. This process is all it takes to purchase gifts this holiday season. There is one final step: Receive the package. Though this may not feel like a step, the seemingly simple process of tracking and receiving your … [Read more...]
Concerns Over Apple’s New Privacy and Security Decisions with Big Sur
Apple is a very polished company, both in how it designs and advertises its products. The latest macOS release of Big Sur, however, was anything but smooth. This can be partially attributed to Apple’s decision to use Online Certificate Status Protocol (OCSP) for certificate authentication and certificate revocation tracking. The issue is not only due to using OSCP, but that … [Read more...]
Open RAN Will Define the Future of 5G Expansion but Security Questions Remain
The decoupling of hardware and software in the telecom industry has opened several technological possibilities while concurrently introducing new threats. An exciting change to the industry, with the opportunity to make Radio Access Network (RAN) architecture more dynamic in terms of vendor choice and software upgradability. The need for structure and compatibility for future … [Read more...]
Data Breaches, A Thorn in Both Your Side and Mine
Green fingered individuals looking to share tips or expand their knowledge on growing the “Kind Bud” on the website GrowDiaries may be disappointed to discover their data was left vulnerable. The information left exposed by two Kibana applications, each connected to an Elasticsearch database, risked exposure of account credentials and IP addresses. GrowDiaries … [Read more...]