Poorly protected authentication requests from privileged automated tasks (e.g. vulnerability scanners, health checks) could ...

Two cybersecurity drills needed annual to test readiness.

PCI DSS is complex and challenging Review the 12 top level controls Arm yourself with this checklist to help you navigate it PCI DSS v4.0 is challenging for a number of reasons: increased complexity, ...

Determine your role: Merchant or service provider Determine your level and requirements Identify your validation method: SAQ or RoC Use the PCI website The Payment Card Industry Data Security Standard ...

Onsite ICS testing is risk averse Laboratory ICS device testing uncovers more A blended approach is key How that works Demonstrable benefits For safety’s sake onsite ICS testing adopts a risk averse ...

This is a story of that process, but with a twist at the end. It serves as a lesson that pen testing can never be automated.

Body-worn cameras are typically used in public safety situations (e.g. by police officers or private security) and have an interesting cyber threat model. These cameras are frequently used to capture ...

Cyber threats aren’t just a problem for large shipping organizations, small maritime fleet operators are also at risk. Anything from phishing emails to ransomware attacks, these threats can disrupt ...

Related to my last post which detailed forensic techniques for recovering data in smart watches, this post looks specifically at Garmin watches. This time, we’ll explore how data can be accessed much ...