We’ve been saying that InfoSec isn’t about one person working alone in a basement. Today takes people skills. Likewise, InfoSec isn’t about one person with mad people skills and technical skills. It takes team work.
Watch more videos on my YouTube channel.
Ever since Neuromancer, hackers have dreamed about Artificial Intelligence in hacking tools. A team just announced one such AI for guessing password. (Too bad they didn’t name it ICE or Intrusion Countermeasures Electronics.) It works twice as fast as brute force crackers. Meanwhile, some claim AI is the next religion. Whelp, at least they can save us from forgotten passwords.
PassGAN: A Deep Learning Approach for Password Guessing
http://ift.tt/2ynY1fh
God is a Bot, and Anthony Levandowski is His Messenger
http://ift.tt/2k0LyuM
Watch more videos on my YouTube channel.
When we’re building a program to protect the organization? Follow the money. When we’re deploying controls to prevent crime? Follow the money. So today, three stories of hacks leading to money from the stock market.
Watch more videos on my YouTube channel.
Deloitte has reported a breach that includes its entire internal email system. What can criminals do? I have a couple ideas. What can we do when our auditors get popped? I’m open to suggestions.
Watch more videos on my YouTube channel.
Criminals broke into EDGAR and used the information to make money on the US stock market, the US SEC explains.
Watch more videos on my YouTube channel.
An anti-virus comes bundled with a virus. This cautionary tale reminds us of the importance of protecting the software build pipeline. That goes doubly so for DevOps.
Watch more videos on my YouTube channel.
On the importance of having communications with our Security Operations Center as part of contractor management. Otherwise, garbage in / garbage out.
Watch more videos on my YouTube channel.
All models are wrong. All plans are useless. But, turns out? We can learn a lot through the process.
Watch more videos on my YouTube channel.
https://youtu.be/YvSBF2oV5io
Equifax posted: “We know that criminals exploited a US website application vulnerability. The vulnerability was Apache Struts CVE-2017-5638. We continue to work with law enforcement as part of our criminal investigation, and have shared indicators of compromise with law enforcement.” Ouch. So. What’s Struts?
Watch more videos on my YouTube channel.
Word is, 95% of cloud security failures will be the customer’s fault through 2020. Let’s not try to solve this by building castles.
Watch more videos on my YouTube channel.