A brief overview of out-of-band attacks that target and comprise Web systems administrators.
Watch more videos on my YouTube channel.
Archive for January, 2017
Stuck in Traffic – Automating PCI DSS Checks
Posted byA good security program blends people and machines. And machines are faster than people, at least at auditing settings.
Watch more videos on my YouTube channel.
Stuck in Traffic – Certificate Management at Scale
Posted by“Why don’t these companies update their certificates?” The young tech wizard asked. “It’s just click, click, next.” Well, there is just a bit more to it.
Watch more videos on my YouTube channel.
Stuck in Traffic – Hack Back Fail
Posted byHacking back rarely goes well. Here’s a historical anecdote from back in the day, when Recourse Mantrap and Manhunt were a thing.
Watch more videos on my YouTube channel.
Stuck in Traffic – The Human Animal
Posted byA good cyber security leader builds intuition within his team and organization by taming, rather than fighting, the human animal.
Watch more videos on my YouTube channel.
Stuck in Traffic – Procurement and SaaS on SaaS
Posted byVendor risk management goes up in importance as more business units use Software-as-a-Service. But there’s a problem. We’re really slow at vendor risk management.
Watch more videos on my YouTube channel.
Stuck in Traffic – Social engineering family trees
Posted byFamily ancestry websites, like http://ift.tt/1xvKzSp, provide a wealth of social engineering information. Pair that with password reset questions and, as today’s story will tell, things get a little interesting.
Watch more videos on my YouTube channel.
Poynter: Don’t want the public to see your newsroom’s gossip?
Posted byNewsroom instant messaging apps have only gained momentum since then, with Slack among the vanguard thanks to its ease of use and its cool-kid factor.
Excerpt from: Don’t want the public to see your newsroom’s gossip? Don’t put it on Slack.
Journalists should exercise more caution when it comes to digital tools like Slack, said J Wolfgang Goerlich, director of cyber security strategy at CBI, a risk management firm that provides security solutions for companies.
“As no chat system is immune to being misconfigured or misused, my advise is to limit any information over such channels,” Goerlich said. “Meeting in person for conversations remains the gold standard for the highest level of privacy.”
Goerlich’s advice for newsrooms is to select communication apps wisely, assume all exchanges are potentially public information and protect individual accounts of employees with good privacy and security measures.
Read the full article: https://www.poynter.org/tech-tools/2017/dont-want-the-public-to-see-your-newsrooms-gossip-dont-put-it-on-slack/
This post is an excerpt from a press article. To see other media mentions and press coverage, click to view the Media page or the News category.
Stuck in Traffic – Security Flaws Reported to Customer Service
Posted byTwo stories of researchers reporting security vulnerabilities and getting stuck in help desk hell. It begs the question: are we monitoring our customer service queue for vulns?
Watch more videos on my YouTube channel.
Stuck in Traffic – YARA Rules
Posted byA quick introduction to malware hunting with YARA rules.
Watch more videos on my YouTube channel.