Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The US Government employs more than 1.8 million individuals, and a large group of those employees was recently exposed by a serious data breach. This breach impacted government employees that use the TRANServe transit benefits program from the government to cover some of their commuting costs to and from work. Over 237,000 current and past members of the program were exposed during this breach.

RSA is a popular and secure cryptographic algorithm that encrypts and decrypts data. It provides a secure method for transmitting sensitive data over the Internet. While RSA has some vulnerabilities, it is still utilized for various applications, like digital signatures to authenticate the source of a message. This article describes RSA, how it works, and its major applications. It also explains the security vulnerabilities of RSA and how to mitigate them.

“Who you gonna call?” - Ghostbusters Before we get to the main topic of this blog, I would like to provide some historical background on how I got to the topic. Hopefully, this context will be both informative and useful as we try to use call detail records (CDR) for doing good things.

OSINT stands for open-source intelligence. It is the collection, analysis, and dissemination of information from publicly available sources, such as social media, government reports, newspapers, and other public documents. OSINT is commonly used by intelligence agencies, private investigators, and law enforcement to gather information about an individual or organization. The OSINT framework showcases the multiple ways in which organizations can gather intelligence.

From the beginning of the computer revolution, there has been a smorgasbord of devices and peripherals, with some DOA and others innovative and groundbreaking. Thumb drives or USB Flash Drives were created in the early 80s, with the first commercially available drive holding 128MG. Cutting-edge USB drives of today hold 20Terabytes and up.

Breakthrough innovation arises primarily in response to two conditions. One, when new technology emerges that creates new demand by fulfilling needs customers didn’t know they had. Think smartphones. A generation ago, people didn’t know they needed to be tethered to a phone the size of their palm that was also a camera, a bank, an encyclopedia and a shopping mall. Two, when new challenges arise that require innovation to address them.

Privileged Access Management (PAM) is a critical component of any organization's cybersecurity strategy. Privileged accounts provide access to the most sensitive data and systems within an organization. As such, it's essential to manage them carefully to prevent unauthorized access, data breaches and cyberattacks. Here are some best practices for implementing PAM in your organization to ensure that your privileged accounts are secure and protected.

Protection methods for sensitive data have evolved to encompass new forms of thinking to combat constant threat vectors and attacks. Protecting against malware, brute force attacks, and malicious code, data engineers at Cisco, Microsoft, and others craft unique methods to counter the never-ending aggression. Data Masking and data encryption are two similar technologies with different characteristics, purpose, and technique.

A Social engineering attack is the process of exploiting weaknesses in human psychology to manipulate and persuade others to perform in a way that is harmful. Prior to the digital age, criminals would carry out these attacks in person, in what was known as a confidence game. The perpetrators were referred to a “con men”, regardless of their gender.

When I try to join a new Windows workstation or server to an Active Directory (AD) domain, I sometimes encounter the following error: “An Active Directory Domain Controller (AD DC) for the domain ‘domainname’ could not be contacted.” This error can occur due to any of several reasons, from a simple incorrect DNS server IP address to a much more complex issue.