The Proper Role of Cyber Insurance in Enterprise Risk Management

In AT&T’s 2017 Global State of Cybersecurity survey, 28% of respondents saw cyber insurance as a replacement for cyber defenses. Part of the issue is frustration with the apparent lack of effectiveness of cyber spend in reducing the prevalence in incidents, while part of the issue is a desire to make this problem someone else’s problem. But the fundamental issue is actually a misunderstanding of risk management.

The Economics of Data and Information

“The Most Valuable Commodity I Know of is Information.” -Gordon Gecko, Wall Street (circa 1987) It is true that the initial basis of this blog is quoting a fictional character from the 1980’s. However, is Gordon Gecko right? Is information the most valuable commodity? According to the Economist, the world’s most valuable commodity is no longer oil, but data. There are all kinds of claims about what actually is the…

Hiring Top Cybersecurity Talent | Addressing the IT Skills Gap Part 2

By Jeremy Wittkop, InteliSecure CTO “The secret of my success is that we have gone to exceptional lengths to hire the best people in the world.”  – Steve Jobs The first instinct of many executives is that they want to hire the talent they need in all aspects of their business. This approach gives the organization maximum flexibility and control with respect to those resources, but it comes at a…

Reverse DOM XSS

I came recently with an idea about how to exploit a DOM XSS vulnerability that it might be worth sharing here so others can use this trick, adapt it and defeat some poor filters with a little of JavaScript and some creativity. During an engagement I found a piece of code similar to this one: <a href=”#” onclick=”goToWebsite(this, ‘url’,  ‘/ShowInfo.php?id=[INJECTION]&category=CARS’);”> The code behind goToWebsite was something like this: function goToWebsite(e,…

My Robot Has WiFi!

Wireless communication using Bluetooth! Thanks to the Adafruit EZ-Link!  Basically that tiny board sticking out on top is a Bluetooth Serial-Link, allows me to remove the cable that binds the robot to my PC / MAC.  Now I cannot only program the robot wirelessly, but if I choose to, I can send it commands wirelessly over the air – thus completing Asimov’s second rule of robotics (if you don’t know the…

It Can See; Giving Your Bot Sight!

Previously we unveiled our love for the Arduino and the Zumo Shield that gives us a massive head start to building our own robot army.  The basic shield has a Zumo reflectance sensor array for primarily line following, and an LSM303DLHC accelerometer & magnometer (magnet-o-meter) for navigation.  But a lot of the remaining Arduino pins are not used, so this gives us the capability to add more tech or sensors so our robot can…

Pocket EMP’s; On Sale $5

Introduction A new tool is allowing criminals across the world to break into cars without leaving a trace, and now that device has made its way to the Canada. The Police don’t know how they are doing it, and there is a lot of speculation.  The latest theory is a new device can be purchased online for about $5 and sends an electromagnetic pulse through a car’s key area to…

[SOLVED] Arduino UNO – Can’t Upload Sketches Larger than 30KB

Introduction Relating to the previous Gamby post, many people may have trouble uploading some of the game sketches to their UNO board as they are over 30KB.  The ATMEGA 328P (chip on the UNO) should allow upto 32KBytes of memory; but then people forget there is the addition of the bootloader which in older models occupies 2KB of memory. The bootloader is a special piece of software that makes reflashing…