Team EthicalHat

Are Merchants Using Oracle’s Micros Retail POS Systems at Risk?

No comments

Meeting tight margins, pressing deadlines, Board and Customer expectations are the tasks of Retailers every single day. It is not easy to be competitive in this Market, whether you are a huge Enterprise, or a small to medium rapidly growing Business.

Team EthicalHatAre Merchants Using Oracle’s Micros Retail POS Systems at Risk?
Read More

The CISO Evolution

No comments

The Evolution of the CISO on paper seems to be something that is quite straight forward to  understand.  In reality, looks don’t always appear to be what they seem, especially at the surface.  Once you start to dig, pull, prye, and examine what is below, you will find much more than you bargained for.  The real story is what lies beneath.

It is believed that the first person who claimed the title as a CISO was an individual who worked for Citigroup, his name is Steve Katz back in 1995.

Team EthicalHatThe CISO Evolution
Read More

All you need to know about Ransomware

No comments

What is Ransomware?

Ransomware is a type of malware which encrypts your personal files and sells the decryption key back to you for a ransom, normally in the range of hundreds to thousands of dollars.Android Ransomware Trend

Although the earliest examples of what could be considered modern ransomware date back to the beginning of 2012, ransomware became a widespread phenomenon towards the end of 2013 with the release of CryptoLocker.

The dramatic rise of ransomware can be explained by a combination of several factors: the ease at which criminals can deploy a working system, an increase in the use of Tor and bitcoin, as well as its high and immediate return on investment.

Team EthicalHatAll you need to know about Ransomware
Read More

Lessons Learned From the Bank of Bangladesh

No comments

When I was younger, I had a habit of focusing in on one thing. It was my mother who told me to “look at the big picture.”  The same is true in the world of information security. There are more things going on than meet the eye when it comes to keeping systems safe. One needs to take a systematic approach in looking at each individual domain.

Team EthicalHatLessons Learned From the Bank of Bangladesh
Read More

Modern Computer Security Protections from an Attacker’s Perspective

No comments

Since the early ‘80s, computer hackers have employed increasingly complex exploits to gain total control over servers, access confidential data, and spread malware and botnets. To combat this, starting around the turn of the century, hardware and software vendors have been developing and shipping protections that try and harden your machines against hackers. While most commercial anti-virus attempts to identify viruses by comparing behavior of currently running software with pre-created lists of behavior of known malware, these hardware and software protections operate in a fundamentally different fashion. Normally an inseparable part of either the operating system, the physical machinery, or the compiler used to generate the commercial software, these protections restrict what applications can do at runtime in order to prevent hackers from gaining control over the program and subsequent computer.

This post is meant as a walk through how state-of-the-art computer security has evolved in recent years, as well as a discussion on where we stand now and what to look for in the years ahead.

Team EthicalHatModern Computer Security Protections from an Attacker’s Perspective
Read More

Password Security


Today, it’s almost impossible to have a normal routine that doesn’t depend on several online accounts. From Facebook to forums, from LinkedIn in to online banking, our globalized world is growing ever more dependent on the internet to stay connected and with October being National Cyber Security Awareness Month, it’s time to take a critical look at how people protect their online data.

sheepheartWith the rise of big-name bugs that made headlines within the past year: Heartbleed, Shellshock, and Poodle, cyber security has become a much more visible issue for both individuals and companies. But hacker’s aren’t limited to software exploits to further their nefarious agenda. In 2014, the second most common cause of data breaches was social engineering—using deception and fraud to trick users into revealing passwords and other sensitive data.
As famous computer hacker Kevin Mitnick put it,

Companies spend millions of dollars on firewalls and secure access devices, and it’s money wasted because none of these measures address the weakest link in the security chain: the people who use, administer and operate computer systems.

Team EthicalHatPassword Security
Read More