Measuring the Impact of a Security Awareness Program

November 29, 2022

Our goal in building a security awareness program is to embed security into our partners’ existing organizational culture. Impacting culture is a long-term process that can take years and requires executive support. If you are tasked with managing a security awareness program, it is your job to measure and show leadership that your program is…


Social Engineering Basics: How to Win Friends and Infiltrate Businesses

February 10, 2022

Technology changes and defenses get better, but some things stay the same—like human gullibility, which can be easily exploited through social engineering. What is social engineering? Social engineering, at its core, is taking advantage of human nature. Humans are innately trusting, often try to help, and want to avoid confrontation. A big facet of social…


They’re Watching You! Protecting Yourself From Hidden Cameras

September 30, 2021

Hidden cameras, spy cameras, nanny cams—whatever you call them, you are under surveillance much more than you may realize. While outdoor perimeter cameras and doorbell cameras are commonplace and have been used for quite some time to monitor property, other nefarious hidden cameras are popping up all over the place. Generally, any camera placed inside…


Securing a Remote Workforce: Top Five Things to Focus on For Everyone

March 25, 2020

Deploying a remote workforce is uncharted territory for some organizations, while others have been perfecting the model for years. Most security programs have different ways to handle their workforce. For on-premise users, which has traditionally used more of castle mentality where you attempt to prevent outsiders from penetrating the network perimeter (similar to a castle…


Rekt by the REX

January 9, 2020

The request-to-exit (REX) passive infrared (PIR) sensor. You know the one. Spray canned air or smoke in its face, it becomes disoriented and unlocks the door. Spit a mist of alcohol in its face, it gets a buzz and unlocks the door. The butt of many “jokes” for how easily it provides unauthorized entry, but…


A Message of Support: Coalfire Consultants Charged

October 30, 2019

If you haven’t been following recent news, two Coalfire employees, Gary DeMercurio and Justin Wynn, were performing a Physical Penetration Test against a Judicial Branch Building, the Dallas County Courthouse in the state of Iowa. The two employees were engaged by the Iowa State Judicial Branch to conduct the Physical Penetration Test, which is an…


Three Most Common Physical Security Flaws (and How to Fix Them)

August 27, 2019

When it comes to physical security, the most common things we see are hardware vulnerabilities or human error (through social engineering attacks, failure to follow security guidelines, or no knowledge of security protocols). We have successfully broken into everything from locally run neighborhood shops to banks, power plants, hospitals, factories, law firms, and everything in…

card cloner graphic

Let’s Build a Card Cloner

October 23, 2018

This post isn’t attempting to present new research or a new device—that work has already been done, a la Bishop Fox. While an overall design was created, and many others have discussed building such a device, doing so can prove to be challenging. This post will provide you with all that is needed to fully…


TSA Master Key Duplication & Why “Security Through (Not So) Obscurity” Fails

August 27, 2015

Every lockpicker knows that the TSA approved Travel Sentry/Safe Skies locks are garbage, but if you don’t want your normal checked bags to have their locks cut off, there are only so many options (that said, sometimes they still cut them off). While it’s common knowledge to locksport enthusiasts how weak TSA approved locks are,…

  • Browse by Category

  • Clear Form