AppRiver Blog

Recent Posts by Jim Nitterauer

KRACK Attack: Major Wi-Fi Vulnerabilities Disclosed

What is KRACK?

Welcome to another manic Monday! Some might say, "welcome to the next dumpster fire." In any case, if you follow InfoSec security news feeds, you have probably heard of a newly released set of vulnerabilities in the WPA2 wireless authentication protocol. These collectively are know as the Key Reinstallation...

Read More

Password Reuse Attacks - Constant Security Concern

 

Read More

Spam and Virus Filtering For My Business? Why?

Complex Spamming Operation

Spam and virus filtering is a complicated operation. The other week, a friend of mine contacted me about an article he was writing that would be exposing the complexity of an international spamming operation he and another researcher uncovered. As I read through the layers of data and reviewed...

Read More

DNS Evil Lurking Around Every Corner

I came across a blog post that once again showcases the importance of properly managing DNS through its entire life cycle. The article entitled “Respect My Authority – Hijacking Broken Nameservers to Compromise Your Target” (sic) was written by Matthew Bryant (@IAmMandatory) can be found here. It’s a bit of long read,...

Read More

Highlights from BSides Las Vegas & DEF CON 24 – Part 2 – DEF CON 24

Now that summer is officially over, I'll take a moment to flashback to the dog days of August and the last event that makes up "Hacker Summer Camp." That event is DEF CON. This year, DEF CON 24 was held at Bally's & Paris convention centers starting on August 4th and ending on August 7th, 2016. This year, there were more...

Read More

Highlights from BSides Las Vegas & DEF CON 24 - Part 1 - BSides Las Vegas

While summer invokes nostalgia of beaches, volleyball, and sunscreen for many, white hats look forward to a different kind of trip every summer. Every summer brings the anticipation of what is known as "Hacker Summer Camp" to mind. This year did not let us down. For those of you who are not familiar with this, Las Vegas is...

Read More

Securing the Enterprise - The ABCs of a Network Security Policy

In a previous post, I discussed the importance of security policies and how the likely impact of not having a well-defined corporate security policy. Today, I want to get a little deeper and layout what a security policy should contain as well as describe some of the accompanying documentation that supports that policy. In...

Read More

Web Developers & Hosters Beware!

A couple of days ago, we monitored this phishing email. This request had a subject line "web site install" and nothing more. The message is shown in the image below:

Read More

Securing the Enterprise - Why A Security Policy Matters

According to a 2012 survey of 1015 U.S. small business owners, many have a false sense of security when it comes to their IT infrastructure. More than three-fourths (77 percent) believe their company is safe from cyber threats like hackers, viruses, malware or breaches. The problem with this is that 83 percent of the...

Read More