penetration testing

(get it in RSS or Atom)

Here's what bugging your own office NSA-style can reveal

Eavesdropping. Image courtesy of Shutterstock.

A US reporter for National Public Radio found that NSA-style broad surveillance enabled by a pen-testing device and software crunching picked up on his research (in spite of Google's default search encryption), intercepted uncut interview tape, ferreted out his interview subjects' phone numbers and email addresses, and more.

Bank of England to hire penetration testers to attack financial firms

Bank of England to hire penetration testers to attack financial firms

The Bank of England this year will hire penetration testers to poke and kick at the computer-system defences of more than 20 major UK banks and other financial players.

Teenage white-hat hacks site, reports security hole, gets reported to police

Teenage white-hat hacks site, reports security hole, gets reported to police

The site, Australia's Public Transport Victoria, didn't respond, so the 16-year-old hacker's next move was to report it to the media, who in turn contacted PTV, who in response reported him to the police. Ungrateful? Yes. Unfair? Well, no, given that the hacker didn't ask permission to poke into a sensitive database.

Hackers throw 16 attacks at HealthCare.gov plus a DoS for good measure

Hackers throw 16 attacks at HealthCare.gov plus a DDoS for good measure

None of the attacks have been particularly damaging, and the DDoS tool, dubbed "Destroy Obama Care", was never actually triggered. Now, the government's doing pen testing, which likewise hasn't come up with any egregious holes in the site's defense.

Facebook hacks its workers into Hacktober smithereens

Facebook hacks its workers into Hacktober smithereens

Slimy worms! Disguised as Facebook news! Unleashed on unsuspecting Facebook employees - by its own engineering team! This was the second year that Facebook celebrated Hacktober, a month-long feast of self-inflicted cyberattacks designed to tune staff's threat perception.

Practical IT: Passwords 101 for businesses

Practical IT: Assuring strong enterprise password security

We all know good passwords are key to protecting against attack. So here's how to do it and not lose friends and alienate people.

Practical IT: how to manage cost-effective penetration testing

resultsoftest

Penetration testing is a valuable but tool but can quickly get expensive. Focusing on testing the right things in the right manner is key to getting the best bang for your buck.

Practical IT: how to assess a third-party provider's security (part 1)

measuring_up_250

There are many security implication we as IT guys need to think about when we host applications externally. Here is a list of things to ask your provider to reduce the risk of a data or malware breach.

Penetration testing for the home computer user

Penetration testing for the home computer user

It's not just big companies who can benefit from penetration testing - you can even apply the principles to your home computer.

Would you know where to begin with a security audit of your home PC?