Evan Morris

Evan Morris

Network Security Manager
Joined on June 27, 2018
Total Post Views: 195,243

About

Known for his boundless energy and enthusiasm. Evan works as a Cyber Security Analyst, an avid Blog writer, particularly around Technology, Cybersecurity and forthcoming threats which can compromise sensitive data. Having vast experience of ethical hacking.

Except where otherwise noted, all postings by Evan Morris on CircleID are licensed under a Creative Commons License.

Featured Blogs

The Role of Cloud Resource Provisioning in Web App CICD Pipelines

Thanks to wide adoption of the Infrastructure as Code (IaC) approach, programmatic provisioning of cloud resources is slowly transforming almost every aspect of computing, with administration of web apps having emerged as a key use case. With IaC, it's possible to streamline resource management tasks, shorten time-to-market, control costs, and scale at will. The adoption of continuous integration and continuous delivery (CICD) pipelines is already making a huge difference in web app deployment and cloud resource management. more

Today’s CISOs Are Contending With Oft-Changing Disclosure Standards

When it comes to breach disclosures, today's chief information security officers (CISOs) are struggling with an especially turbulent regulatory environment. Security teams are understaffed, and systems are more extensive, making them harder to monitor and defend, while threats are becoming more sophisticated, more frequent, and more varied. It's at precisely this difficult juncture that regulations and enforcement are rapidly changing, leaving CISOs feeling like they are running up the down escalator. more

Sensitive Data Discovery: The First Step in Data Breach Protection

Users are tired of hearing about data breaches that put their sensitive information at risk. Reports show that cybercriminals stole 6.41 million records in the first quarter of 2023 alone. From medical data to passwords and even DNA information, hackers have stolen a lot of sensitive information in 2023. more

3 Processes That Ensure IoT Cybersecurity Compliance

IoT devices have ingrained themselves into almost every aspect of modern life. From home assistants to industrial machinery, it's hard to find a device that isn't connected to a network and gathering data. Despite widespread adoption, IoT cybersecurity compliance remains surprisingly low. A big reason for this is the unique challenges IoT devices pose to operators. more

Damaging Malware Uncovered in the Google Play Store

Android users can choose from 3.718 million applications in the Google Play Store. When installing applications, the majority of consumers trust Google to keep their devices safe from hackers. However, the reality is different. Just back in May 2023, researchers discovered over 101 infected applications in the Android store. Many of these apps counted over 400 million downloads. more

Business Logic Vulnerabilities Are the Hidden Menace in Modern Software

The first things that usually come to mind when talking about software development risks are bugs and security issues that have not been detected or those that have been discovered but left unaddressed. Some may also point out poor code quality reviews and the use of third-party components and dependencies laced with malicious code. more

Biden’s National Cybersecurity Strategy Suggests Increased Website Security, Customer Protection

Phishing attacks have been rising over the past couple of years. Reports show that there was a 345 percent increase in phishing attacks between 2020 and 2021. In 2022, the number of advanced phishing attacks rose by 356 percent. Behind these alarming numbers, however, is an even uglier picture of digital fraud: a difficult-to-quantify prevalence of fake or spoof websites. more

Ensuring Patient Safety: A Concise Guide to Post-Market Surveillance for IoMT

A significant segment of the IoT ecosystem, the Internet of Medical Things (IoMT), is projected to grow at a compounded annual growth rate of 23.7 percent (forecast period: 2022 -- 2032). This fast growth is indicative of how rapidly IoTM is integrating into modern society, which has understandably attracted the attention of regulators. The widespread use of IoTM devices means that their malfunction or dysfunction can affect the health and lives of many. more

SIEM Alternatives; How Does OpenXDR Make Traditional SIEM Obsolete?

OpenXDR is one of the most cost-effective SIEM alternatives that help businesses detect and mitigate threats within hectic modern architectures. A single cyber incident impacts every aspect of a business -- from system downtime, revenue losses, and reputation damage to disrupted operations. more

Can Zero Trust Security Put an End to Human Security Weaknesses?

How bad is the human security weakness problem? Verizon's 2022 Data Breaches Investigations Report says 82 percent of data breaches have human involvement. This involvement can mean misconfigurations, poor security policy implementation, negligence, and falling prey to social engineering schemes. Essentially, a vast majority of data breaches have penetrated cyber defenses because of human carelessness, inconsistencies, and gullibility. more

How to Avoid Insider Threats Such as the Latest New York Post Hacking

New York Post has been "hacked" by an employee. To protect themselves from insider threats, companies can deploy zero trust and restrict access. On October 27, the New York Post published a string of racist and sexist articles on its website. Fabricated news about politicians, such as pieces concerning racist comments of a New York City mayor, has been headlining the publication. more

Businesses Beware: Cybersecurity Awareness Varies Based on Job Function

Businesses should consider bumping phishing as an urgent concern in their cybersecurity agendas. To those still unacquainted, "phishing" refers to the use of fake emails, messages, and websites that fool users into giving up access to accounts and information or into installing malware through attachments. It has become quite rampant over recent years. Attackers are using the method as a primary means to breach defenses, and with good reason: they work. more

Big Data’s Role in Helping Shipping Firms Weather the Supply Chain Crisis

When it comes to the economy, the global supply chain was one of the biggest casualties of the COVID-19 pandemic. Port closures and soaring infection rates hampered logistics providers' ability to schedule deliveries and predict risks. In turn, manufacturers' demand projections were challenged, leading to empty shelves worldwide. A lack of shipping containers has affected supply chains, with shippers scrambling to find usable containers before they disappear into service. more

3 Most Scary Attacks that Leaked Personally Identifiable Information (PII) of Millions of Users

Cybercriminals are increasingly targeting Personally Identifiable Information (PII). The reason being "data is the new gold" in this digital world, and the more sensitive some data is, the more value it has. There is no more sensitive data than personally identifiable information because it contains enough information to identify you digitally. Examples of personally identifiable information include name, email, contact number, address, social security number, tax file number, banking or financial information, and more such data that helps identify you. more

Overcoming Obstacles to Full-Scale Business Intelligence Adoption in 2021

Data analytics isn't just for large organizations anymore. As businesses and community collectives increasingly move their operations into digital spaces, the vast amounts of data being collected pose an opportunity for them to get to know their stakeholders better. While the security implications of this migration are hard to be taken lightly, the potential for game-changing insights is likewise enormous.  more

Do Your Analytics Efforts Expose Your SQL Data Sources to Attacks?

Structured Query Language (SQL) continues to be quite relevant today. Many organizations still use SQL database systems, and it still ranks as the top in-demand language in tech job postings -- even in 2020. Companies are also increasing their analytics and business intelligence efforts, where SQL skills come in as quite handy. SQL queries allow you to pull key information from databases quickly. more

Essential Cyber Security Steps for Your Business

Layered security is a concept that's important for anyone who wants to create a strong, successful defense strategy to understand. This is a strategy that relies on the use of multiple lines of defense in an attempt to repel any potential attacks. For this reason, it's based on the principle that says "no single form of protection is enough to stop a determined cybercriminal. more