Title Image


  • There's a new network security threat to be aware of, and it affects one of the world's most widely used operating systems, VXWorks. In fact, VxWorks is so commonly used, it powers more than 2 billion devices around the world, including firewalls, printers, elevators, Boeing 787s, and more. Armis, a Califonia-based enterprise IoT security company, describes it as "the most widely used operating system you have likely never heard about." They recently discovered 11 zeroday vulnerabilities within it, with an estimate that more than 200 million devices or networks can

  • In late June 2018, the Wi-Fi Alliance announced the most significant update to the Wi-Fi Protected Access standard in 14 years: WPA3. The Wi-Fi Protected Access 3 protocol brings significant security updates to the ubiquitous but aging, WPA2 protocol which was first introduced back in 2004. WPA3 will operate in two distinct modes consistent with WPA2 before it: WPA3-Personal and WPA3-Enterprise. Most significant points of Wi-Fi Protected Access 3: Increased protection against brute-force attacks: WPA3 introduces a new handshake method that according to the Wi-Fi Alliance, "delivers robust protections even when users choose

  • Delap is pleased to announce the launch of our new website showcasing Delap’s growing cybersecurity service offerings! Delap has been serving the industry as trusted experts in information security since 1992, from active participation in developing domestic and international payment security standards (ANSI and ISO) to supporting customers in achieving their security and compliance objectives. Every week seems to bring with it news of another security breach, from Chipotle and the DNC to the latest Equifax breach impacting at least 143 million people! A quick search of ‘company hacked’ or ‘data breaches’ reveals

  • Intel confirmed that a critical vulnerability exists in computers running an affected version of the Intel Active Management Technology (AMT), Intel Standard Manageability (ISM) and Intel Small Business Technology. This is a hardware-level vulnerability and undermines security or controls implemented at the operating system or application levels. In brief, it allows an attacker to gain administrative privileges to system memory (even worse, access is not logged [no audit trails] from this attack vector). If you haven't already, please review systems in your environment to validate whether any are vulnerable. If they are,

  • With the inevitable rise in chatter regarding the recent rollback of FCC privacy rules related to internet service providers (ISPs) handling of consumer data, it's crucial to understand the role privacy plays in our own lives. To read the original FCC ruling and the Congressional joint resolution signed by the President on April 3rd, 2017, see the reference detail for 'S.J.Res.34' at this end of this article. The initial question to answer is, "How do internet browser sessions actually work?". At a high level, it all starts with DNS (Domain Name System).

  • It's that time of year again; fraudsters are out in droves looking for ways to obtain data about you and your employees in order to cash in on filing fraudulent tax returns! So what are a few steps you can take as an employer to reduce the risk of unknowingly providing fraudsters with the very information they desperately want (e.g., W-2 forms)? For starters, implement a policy to require a validation step for any request for employee data or completed W-2 forms. The formal control term is 'out of bound'