Blogs & Articles
Cybersecurity News, Latest Vulnerabilities, Hacking Tutorials
Linux Isn’t Scary
Learning Linux is essential for aspiring ethical hackers. Start learning the fundamentals today and you will be well on your way to a career in cybersecurity.
Getting Started with Prototype Pollution
Prototype pollution allows an attacker to modify the prototype of an object. This means we can potentially assign new properties or methods to an object. Furthermore, we may be able to overwrite existing properties. If you’re unfamiliar with prototypes and...
Do You Need a Penetration Test or Red Team Engagement?
Understand the key differences between Penetration testing and Red Team engagements to ensure that you choose right course of action for your organization.
How to Improve Your External Penetration Testing Results
When on the cusp of receiving an external penetration test, clients want to prepare themselves for it. We often get asked what's the easiest way to improve their score before the engagement has begun. Below are the top 3 ways to improve your external penetration...
What is MFA? Understanding Multi-Factor Authentication
MFA stands for Multi-Factor Authentication. Microsoft helps clarify MFA as an additional step in the authentication process, "You need a second thing - what we call a second "factor" - to prove who you are." When logging into your online account, you prove who you are...
The Penny, the Match, and the Camera – OSINT
Our last blog post regarding OSINT and Recon briefly discussed some exciting topics. In this blog post, we will continue with that thread and discuss some tradecrafts used by investigators and Pentesters. Only some investigators and pentesters utilize these exact...
How Open-Source Intelligence Impacts You
OSINT OSINT stands for Open-Source Intelligence. It is the action of gathering information that is publicly available and analyzing it for intelligence purposes. First, let's look at what type of data can be considered Open-Source. Data or information that is...
How Hackers Target You
When creating a defensive plan against cyber-attacks, knowing your adversary is paramount. Often after the shock has worn off from a breach, the affected company will ask themselves, "Why us?". It's a valid question that organizations should ask before an incident...
Top 3 Ways I Broke Into Your Business On A Physical Penetration Test
Physical penetration testing is an assessment of the physical security controls of an organization. Much like traditional network penetration testing, you are measuring the security of a system, and in this case, it happens to be in the physical world. The consulting...
How Often Should You Schedule a Penetration Test?
In today's world, massive data breaches and sophisticated malware litter news headlines. Unfortunately, it often feels as though it's more when your organization will fall victim, rather than if. Still, many organizations choose to only meet baseline compliance...
Penetration Testing - PCI Compliance - Auditing
See How We Can Secure Your Assets
Let’s talk about how TCM Security can solve your cybersecurity needs. Give us a call, send us an e-mail, or fill out the contact form below to get started.