The National Institute of Standards and Technology (NIST) has recently issued updated guidance recommending simplified password practices to increase password security.
‘Hacking Back’, launching attacks back at the source of incoming attacks on an organization, is a manner of recourse that has oft been discussed by cybersecurity professionals, legal scholars and law enforcement — but will it work and is it a good idea?
Recently a researcher working with the Independent Security Evaluators (ISE) discovered flaws in several popular password managers that allow an attacker with local access to obtain the master password. Read on for why this isn't a big deal and why you shouldn't throw your password manager away.
Both vulnerability assessments and penetration tests are necessary to build Cyber Resilience in an enterprise, and you should include both as part of your security program. However, most organizations aren't receiving penetration tests that fill the need of simulating a cyber attack which actually tests the defenses in place and their overall security posture.