17

Jan 2017

Building the Culture to Support a Social Engineering Awareness Program

Sword & Shield Enterprise Security Consultant Joe Gray pens the first of a five-part series for CISOcast, an online resource that publishes peer-reviewed content to help information security leaders meet the challenges of real world problems. Today, companies are investing more than ever before on protecting their IT infrastructure. As a response, hackers and, in turn, penetration testers are using a different vector to gain access...

Read More


12

Jan 2017

From 1999 to 2017: PCI Continues to Evolve

The origins of the Payment Card Industry Data Security Standard (PCI DSS) go back to the late 1990s – the dawn of the Internet era, but despite its humble beginnings, the PCI DSS has come a long way. What began as a customer security program at VISA is now a regulatory body for nearly all retailers who want to use credit cards. Sword & Shield Enterprise...

Read More


03

Jan 2017

Sword & Shield’s Mike Mangione Makes Business Journal’s Top 40 Under 40

Sword & Shield Director of Business Development Mike Mangione has made the Greater Knoxville Business Journal’s 40 Under 40. This marks the 10th year that stand-out young professionals have been honored in the journal, a publication of the Knoxville News Sentinel. Throughout the years, artists, engineers, CEOs, nonprofit leaders and entrepreneurs have been among the honorees. According to the newspaper’s article: Mike Mangione can’t think of many...

Read More


03

Jan 2017

Joe Gray Discusses Dyn DDoS’s Effect on Supply Chain Security

Sword & Shield Enterprise Consultant Joe Gray guest posts on Tripwire’s State of Security blog. WHAT IS SUPPLY CHAIN SECURITY? In the most conventional sense, when we think of Supply Chain Security, we immediately equate it to Target and the HVAC vendor that was used to pivot into Target’s network and perform the attack on the Point of Sale (POS) systems that exfiltrated 40 million...

Read More


19

Dec 2016

Begin the New Year with a New Knoxville Cyber Sessions

Sword & Shield Managing Consultant for Enterprise Solutions Scott Partelow will start 2017 with a discussion on Cloud security at the next Knoxville Cyber Sessions Thursday, Jan. 19 from 11:30 a.m. to 1 p.m. at the Square Room in Market Square Mall. In “Migrating your Data to the Cloud – How to Decide,” Partelow will discuss the pros and cons of migration. Cloud services are now a standard method of delivering...

Read More


16

Dec 2016

Russel Van Tuyl Joins WATE News 6 to Discuss the Latest Yahoo Breach

Sword & Shield Managing Consultant of Security Assessments Russel Van Tuyl talks with WATE News 6 about how to protect yourself after the latest Yahoo! breach. Yahoo says it believes hackers stole data from more than one billion user accounts in August 2013. The California company says it’s a different breach from the one it disclosed in September, when it said 500 million accounts were...

Read More


12

Dec 2016

SOC Warning: Stealthy Stegoloader Can Evade Analysis Tools

By Lee Tibbals and Brian Lowe An interesting relic from the past came to visit recently in the form of a threat called Steganography. Steganography is a well-known and ancient practice of concealing a file, or a message inside of another file or message. The first recorded uses of steganography are accepted to have been around 440 BC in ancient Greece, where a message was...

Read More


09

Dec 2016

Experts: IoT Will Be Hacked Again in 2017

It was nearly two weeks before Halloween and nearly three weeks before Election 2016 when millions were denied access to such popular websites like Twitter, Reddit, The New York Times and PayPal. Some thought it was the Russians attempting to hack the election. Others thought it might be an early seasonal prank, but the event that blocked Internet access for large sections of the country...

Read More


01

Dec 2016

What Direction Will Trump Take on CyberSecurity?

Last week, President-Elect Donald Trump signaled that cybersecurity is an imminent challenge that requires immediate attention by announcing the creation of a Cyber Review Team to provide recommendations during the first 100 days of his presidency. In addition to a focus on trade, energy, regulations, national security and immigration, Trump plans to include cybersecurity as a top priority, but many in the industry believe Trump...

Read More


28

Nov 2016

Slack Shell Bot

By Russel Van Tuyl I really, really, really like shells. Nothing is better than that feeling you get when a shell comes in. There are many ways to get a shell, but some of them take a while to produce. A phishing campaign that leverages malicious payloads is a good example where there might be delayed gratification on receiving a shell. The emails might be...

Read More



Page 1 of 4312345...102030...Last »