Blog Archive
supply chain hacker attacks

Are You Ready for Hackers Incoming Supply-Chain Attacks?

Are you ready for hackers’ incoming supply-chain attacks? A recent report released by 401TRG (the Threat Research & Analysis Team at ProtectWise) reveals that Chinese hackers, who have abundant experience on APTs, are now getting prepared for software supply-chain attacks. Are your ready? What is software supply-chain attack? Hackers usually insert a backdoor to a […]
normshield supply chain

Supply Chain Cyber Risk are Finally Part of the NIST Cybersecurity Framework!

Recently, National Institute of Standards and Technology (NIST) released new version of its Cybersecurity Framework (v. 1.1), which includes several additions such as cyber risk originated from supply chains. The version 1.1 is a risk-based framework to improve cybersecurity of critical infrastructure in the US. However, it is used by many companies as a guideline […]
iot devices security

Add Your IoT Devices to your Third-Party Cyber Risk Assessments

Internet of Things (IoT) is a new concept surrounding us every day. But security of IoT devices is defined by S in the abbreviation of the term. You may say “but there is no S in IoT”. Well, that is exactly my point. In April, a casino was hacked through a thermometer, an IoT device […]
cyber security risk brief 2018

How hackers leverage your IP addresses? IP Reputation as a Cyber Risk Assessment Metric

IP Reputation can be used as a cyber risk assessment metric to better understand how hackers leverage and exploit your IP addresses listed in websites used by hackers. What is IP Reputation? Employees may download applications that compromise computers and network. As a result, IP address can become part of a hacker’s network and hosting […]
Malicious JavaScripts

Malicious JavaScripts: How Can You Get Hacked?

Malicious JavaScripts: How Can You Get Hacked? Detecting the vulnerabilities and leaking are of the essence in hacking. That’s why maintaining cyber security is quite crucial for individuals and corporations. In 2017, even a big firm like Yahoo was hacked by a simple phishing e-mail. Equifast -one of the largest credit bureaus- was hacked through […]
Cyber Insurance GDPR

General Data Protection Regulation (GDPR) and Cyber Insurance

The countdown has begun: the General Data Protection Regulation (GDPR) will be applicable  as of May 25th,2018, aiming to strengthen the rights of the citizens of EU on the internet. This regulation will be implemented by the European Union, but it is also interest of  companies located in other countries, including the United States, which […]
memcached ddos attack

Are your assets at risk of being victimized or weaponized in a Memcached DDoS attack?

Two record-breaking DDoS attacks, which used misconfigured Memcached servers for amplification/reflection, created 1.35 Tbps and 1.7 Tbps bogus traffic towards GitHub and an unnamed US-based company, respectively. Even though amplification/reflection DDoS attacks are not new to the cyber security world, the amount of traffic created is terrifyingly huge thanks to misconfigured Memcached servers’ amplification by […]
cybersecurity technology summit

Cybersecurity Technology Summit

Cybersecurity Technology Summit; Winners from five Shark Tank Events all come together for the final round of presentations and judging. The 8th Annual Cybersecurity Technology Summit reflects the DC chapter’s longstanding commitment to supporting the armed forces’ on-going development of cybersecurity strategies and tactics. As before, the summit will provide attendees with insights into emerging innovations from the government […]
bitcoin exchange safe

Are Bitcoin Exchange Sites Safe?

Are Bitcoin Exchange Sites Safe and What Are the Vulnerabilities? Bitcoin Mania is all over the world. Bitcoin interest has expanded from Wall Street habitues to housewives in South Korea. Bitcoin trading became so popular that several major websites had to pause the admittance of new accounts. Cyber security is naturally a significant part of this […]
deep web, dark web, bitcoin

Deep Web and Black Market

WHAT IS DEEP WEB? The deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by standard search engines for any reason. The opposite term to the deep web is the surface web.  What is inside the deep web? Let’s take a look at the figure […]