Apple, again, having to defend it’s decision not to include backdoors in Apple products to Justice Department

Right now, the US Justice Department is trying to compel Apple to help them in break into an Apple device to assist in the investigation into the Pensacola terrorist attack. They [the Justice Department] also want Apple to include backdoors in their products moving forward to make it easier for law enforcement and other government […]

Attackers are leveraging legitimate file sharing sites to increase phishing effectiveness

We are seeing a new variation of phishing attack that’s leveraging a users trust of legitimate file sharing services (Dropbox and Egnyte specifically) to increase the effectiveness of their phishing campaigns.  We have included similar techniques in a number of recent phishing engagements for clients and have seen a significant increase in the number of […]

Data protection for humans. What are the basics (and how can you protect your data with stuff you already have)?

I recently had a conversation about data protection, specifically protecting the confidentiality and integrity of sensitive data.  Over the course of that conversation, realized that there is a LOT of confusion on the topic. How do we protect data? When does the data have to be protected? What constitutes protected?  Ultimately, we discovered that the […]

Pen tests and baby pictures

I had a conversation a few days ago that highlighted an interesting similarity between offensive security and, oddly enough, baby pictures. The conversation was with a photographer who worked extensively with families (family portraits, baby pictures, etc.). The photographer mentioned that they offer a package for parents to get pictures of their babies at newborn, […]