Sign in Subscribe

Mike Lisi

5 Practical Security Improvements For Small Businesses

5 Practical Security Improvements For Small Businesses

Small businesses are increasingly becoming targets for cybercriminals. More often, attackers target smaller organizations because they're perceived as easier targets with fewer resources dedicated to security. The good news is that improving your businesses cybersecurity doesn't have to be complicated or expensive. Today, we’re discussing

Business Email Compromise: Fortifying Your Business Against Email Deception

Business Email Compromise: Fortifying Your Business Against Email Deception

In today's digital-first business world, one of the most subtle yet devastating weapons cyber adversaries employ is Business Email Compromise (BEC). It's a sophisticated scam that preys not on the weaknesses in technology but on the trust within human relationships. BEC is an attack where a

Go Ph*sh Yourself

Go Ph*sh Yourself

Security awareness assessments are an effective means of gauging your employees susceptibility to clicking on suspicious links or engaging in less-than-ideal actions when it comes to handling received emails. While Maltek Solutions provides Security Awareness assessments, not every organization may have the budget to enlist an external resource. If you

Findings Series: Weak Password Policy

Findings Series: Weak Password Policy

Contents * Description * Classification * Examples * Remediation * References Description Applications and environments are often only as secure as their weakest user account password. To prevent initial compromise from occurring through account takeover, it is common to enforce complexity, length, and renewal requirements for passwords across an application or network. When these requirements

Findings Series: Cross-Site Scripting (XSS)

Findings Series: Cross-Site Scripting (XSS)

Contents * Description * Classification * Examples * Remediation * References Description Cross-site scripting (XSS) is a code injection attack caused by improper input sanitization of user input in web applications. Attackers submit malicious input to a web application and run JavaScript functions that can dump cookies, hijack sessions, or even log keystrokes from a

Maltek Solutions and APIsec University Present: ASCP Certification

We have been working closely with APIsec University and are excited to announce the release of the API Security Certified Professional (ASCP) examination. The ASCP exam is a practical, hands-on evaluation designed to test a participant's knowledge of API security vulnerabilities by identifying and exploiting weaknesses in the

Findings Series: User Enumeration

Findings Series: User Enumeration

Contents * Description * Classification * Examples * Remediation * References Description User Enumeration occurs on web applications when there are discrepancies in responses received from the application when sending a valid versus invalid username. User enumeration is typically found in authentication and password reset processes. When an authentication attempt on a web application fails,