Feb 12, 2018 4:34:11 PM

The New Theft: Drive-By Cryptocurrency Mining

You may be able to wrap your head around the concept of a cybercriminal stealing money from your bank accounts, or monetizing your customers’ personal financial information, but have you considered that an attacker might be able to steal money from you through your utility bill, and maintenance budget for computer hardware? Cryptocurrency mining through malicious advertising on popular sites like YouTube is the new theft and could put your organization's bottom line at risk.

Topics: Penetration Testing, cybersecurity, advanced penetration testing, incident response, Malware, Attack Surface

Sep 6, 2016 10:00:00 AM

Lessons Learned from Exploiting IoT in the Enterprise

Over the past year, the HORNE Cyber penetration testing team conducted advanced penetration tests of organizations in many different sectors: from healthcare, financial services, and manufacturing to food production and retail. A constant theme across every tested organization was the proliferation of IoT devices that allowed our team members to infiltrate, observe, and move around target networks.

Topics: Penetration Testing, IoT Security, IoT

Aug 15, 2016 11:22:51 AM

Delta Airlines and the Security of Critical Infrastructure

Last week, I had the pleasure of joining Elizabeth Wharton on her radio show, Buzz Off with Lawyer Liz, to talk about the security of critical infrastructure, specifically as it relates to the significant downtime Delta Airlines experienced last week. Liz had asked me to be a guest on the show for a couple of reasons: the research I have been involved with with regards to critical infrastructure security and my personal connection to last week's incident.

Topics: Penetration Testing, cybersecurity, critical infrastructure

Aug 4, 2016 10:00:00 AM

Secure Penetration Testing Operations

Just a few months ago, my team found the back door of a network left open by a previous penetration tester for one of our clients. Unfortunately for this client, they thought they were taking the necessary steps to protect their data, but they learned a valuable lesson: not all penetration testers are created equal.

Topics: Penetration Testing