After receiving a question from a client about a recent scam email, we thought it would be appropriate to address the topic of the “Nigerian Prince”, “Spanish Prisoner” or “419” letter and why it is still relevant in 2020. The type of fraud employed in these scams is known as an “advance-fee scam”. The scam… Continue reading Send me money! I’ve been kidnapped!
Category: Blog
Vulnerability in Linux “sudo” Command Permits Anyone to Run Commands as Root
OVERVIEW Yesterday (October 14, 2019), a vulnerability was disclosed in the Linux Sudo command (CVE-2019-14287) that permits any user to execute commands as root (the Linux superuser). A very good full analysis of the flaw and how to exploit it is located at https://thehackernews.com/2019/10/linux-sudo-run-as-root-flaw.html. Assura’s Take This is an easy one: update Linux systems so that it uses… Continue reading Vulnerability in Linux “sudo” Command Permits Anyone to Run Commands as Root
The recent Capital One breach has everybody wondering if they are next…
The recent Capital One breach has everybody wondering if they are next. The simple answer is most likely – Yes – if you do nothing to protect yourself. Local counties and cities are a top target for cybercrime in the U.S. right now, and even the smallest locality can be a target. Just look at… Continue reading The recent Capital One breach has everybody wondering if they are next…
The Decision to Build or Buy a Cyber Security Capability
This is part 2 of a series to teach small-to-mid-sized organizations how to navigate the complex world of cyber security, how to budget, plan for, and implement a cyber security program. This series will give you the tools to make the decisions needed that protects your reputation and your ability to do what you do… Continue reading The Decision to Build or Buy a Cyber Security Capability
What is a Penetration Test (in Plain English)?
Maybe you’ve been told you that your organization needs to conduct a Penetration Test. Maybe it’s your auditor that’s said it, maybe your IT folks are telling you that it’s needed, or maybe you are the IT director and you just don’t know what to ask for from a penetration testing provider. To use a… Continue reading What is a Penetration Test (in Plain English)?
You Don’t Have to Do Cyber Security
This is part 1 of a series to teach small-to-mid-sized organizations how to navigate the complex world of cyber security, how to budget, plan for, and implement a cyber security program. This series will give you the tools to make the decisions needed that protects your reputation and your ability to do what you do… Continue reading You Don’t Have to Do Cyber Security
Logos and Branding and Websites, Oh My!
Welcome to Assura’s new presence on the web! New logo, new brand, new web design, new Internet domain, and a move of our headquarters to a new location. Whew! And that’s just the stuff you can see! This marks a major milestone in our company’s history because this is the culmination of over two years of… Continue reading Logos and Branding and Websites, Oh My!
The Duel Factor Podcast – Coming Soon (We Promise!)
CEO and CTO. Husband and Wife. Welcome to Assura’s Cybersecurity Podcast hosted by Karen and Joshua Cole! Coming soon!
The Dark Web
The Surface Web is only 10% of the total size of the Internet. All sites on the surface web are indexed by search engines and are easily accessible. Examples of the surface web are Facebook, Twitter, YouTube, etc. The Deep Web and Dark Web contain the other 90% of the Internet. The Deep Web includes: Non-public… Continue reading The Dark Web
