JavaScript cybersecurity threats

January 26, 2021 | Kim Crawley
Kim Crawley

Kim Crawley

Kim Crawley spent years working in general tier two consumer tech support, most of which as a representative of Windstream, a secondary American ISP. Malware related tickets intrigued her, and her knowledge grew from fixing malware problems on thousands of client PCs. Her curiosity led her to research malware as a hobby, which grew into an interest in all things information security related. By 2011, she was already ghostwriting study material for the InfoSec Institute’s CISSP and CEH certification exam preparation programs. Ever since, she’s contributed articles on a variety of information security topics to CIO, CSO, Computerworld, SC Magazine, and 2600 Magazine. Her first solo developed PC game, Hackers Versus Banksters, had a successful Kickstarter and was featured at the Toronto Comic Arts Festival in May 2016. This October, she gave her first talk at an infosec convention, a penetration testing presentation at BSides Toronto. She considers her sociological and psychological perspective on infosec to be her trademark. Given the rapid growth of social engineering vulnerabilities, always considering the human element is vital.

January 26, 2021 | Kim Crawley

JavaScript cybersecurity threats

This blog was written by an independent guest blogger. JavaScript is a very useful programming language. Netscape developers invented JavaScript in 1995, and it revolutionized the web. Before JavaScript, webpages could pretty much only contain text, images, and hyperlinks. JavaScript empowered web developers to make webpages interactive, dynamic rather than static. Think of picture menus that animated when your mouse cursor…

November 9, 2020 | Kim Crawley

SecTor 2020, Canada’s Biggest Cybersecurity Event: Day Two

This blog was written by an independent guest blogger. Even though SecTor had to be entirely online this year due to our unusual international circumstances, there have been plenty of excellent talks from many experienced cybersecurity professionals. The talks took place over the course of two days, October 21st and 22nd. Last time I covered the talks I attended on…

November 2, 2020 | Kim Crawley

SecTor 2020, Canada’s biggest cybersecurity event: Day one

This blog was written by an independent guest blogger. I live in Toronto, so I always try my best to get to SecTor, Canada’s most important cybersecurity event, every October. Most years, SecTor has taken place in the Metro Toronto Convention Centre. But because of the unusual circumstances affecting the world in 2020, this year the event took place…

October 15, 2020 | Kim Crawley

What is threat modeling?

This blog was written by an independent guest blogger. A lot of cybersecurity terminology can sound complex and esoteric. You may hear defensive security specialists, the people who work to secure computers and their networks, talk about threat models and threat modeling a lot. So what is threat modeling? It’s actually pretty simple, and it’s a…

September 8, 2020 | Kim Crawley

6 Crucial password security tips for everyone

This blog was written by an independent guest blogger. These days, everyone has passwords. Lots and lots of passwords! When I think of how many user accounts with passwords that I have, I probably have dozens. A few for social media platforms like Twitter and LinkedIn, a few for my favorite media streaming services, one for Nintendo Switch and another…

September 1, 2020 | Kim Crawley

PCI DSS logging requirements explained

This blog was written by an independent guest blogger. As a consumer, I feel more confident about using my credit card online and in brick-and-mortar stores when I know retailers are being careful about PCI DSS compliance. Breached financial credentials can wreak havoc not only on the lives of consumers, but also on the well-being of merchant businesses. I think…

June 29, 2020 | Kim Crawley

WPA security explained: what is Wi-Fi Protected Access?

This blog was written by an independent guest blogger. An overview on Wi-Fi security standards WiFi signals can be put into two different categories, unencrypted and encrypted. Unencrypted WiFi, sometimes known as open WiFi, can be connected to without a password. Anyone with a phone, tablet, PC, video game system, or Internet of Things device within range of the open…

June 11, 2020 | Kim Crawley

Bluetooth security risks explained

This blog was written by an independent guest blogger. What would we do without Bluetooth these days? Our earbuds and headphones would have to use annoying wires. We would have one less way to transfer files between your laptop and your phone. And how would you connect your phone to your car? But as a wireless data transfer standard, of…

May 31, 2020 | Kim Crawley

Explain how a Virtual Private Network (VPN) works

This blog was written by an independent guest blogger. Global health events in 2020 have accelerated a trend. Office workers are working from home more frequently. This is great for many reasons. Companies can save money on office space. People are often more productive in the environment they’re most comfortable in, their homes. Rush hour can be mitigated with…

May 21, 2020 | Kim Crawley

How SSH works: Secure Shell explained

SSH, otherwise known as Secure Shell, is a common TCP internet protocol that can be used to securely connect a computer to an outside computer or network. The physical locations of the computers on both ends of an SSH connection don't matter provided that the computers are connected to the accessible network and have SSH set up properly.…

May 6, 2020 | Kim Crawley

Web application firewalls explained: what is WAF?

Websites, web applications, and web servers are prime cyber-attack targets. Some of the most common types of attacks on web servers include SQL injection attacks, cross-site scripting (XSS) attacks, and DDoS attacks. So how can you defend against these? There are two main approaches that can help: developing applications to make them more resistant to attacks, and protecting applications using…

May 5, 2020 | Kim Crawley

Cybersecurity budgets explained: how much do companies spend on cybersecurity?

It’s less expensive to prevent cyber attacks than it is to repair the damage when they happen. Companies and institutions across industries lose money from cyber attacks all the time.  There are the more obvious ways like piracy, data breaches, and litigation. There are also ways that accountants can’t quite put a dollar figure on,…