Stuck in Traffic – Industrial Controls are Okay

There was no major ICS in incidents in 2017. Why?

Watch more videos on my YouTube channel.

Base64 is the hottest way to secure passwords. Don’t agree? Change the defaults. But who changes defaults these days?

Watch more videos on my YouTube channel.

Your face is your password. Mostly. Penetration testers from SySS unlocked Windows 10 using a photo. The solution is running the latest Windows 10 build and enabling Enhanced Anti-Spoofing. This is also settable in Group Policy. But it’s a good reminder: authentication is important, but hard, and requires regular review to ensure bypasses haven’t popped up.

http://ift.tt/2BFg5WA

Watch more videos on my YouTube channel.

The sad story of TIO Networks. TIO gets bought. TIO gets hacked. TIO gets shutdown. Rough year for them.

Watch more videos on my YouTube channel.

The original penetration testing report, near as I can tell, was in 1972. For 45 years, we’ve been pentesting. What will the next 45 years look like?

Watch more videos on my YouTube channel.

Protecting WordPress takes more than just patching. Try WordFence.

Watch more videos on my YouTube channel.

Offense: adding Unicode to a name to sneak apps into the Google App Store. (See WhatsApp last month.) Defense: Damerau–Levenshtein distance.

Watch more videos on my YouTube channel.

Unified Compliance Framework (UCF) makes mapping controls from various standards and frameworks.

Watch more videos on my YouTube channel.

What 5,496 WordPress websites can teach us about criminal motivation, and how that factors into assessing risk.

http://ift.tt/2k2VD7v

Watch more videos on my YouTube channel.

Mecklenburg County is down from ransomware. Time to check with our NAS vendors for ransomware protection.

Watch more videos on my YouTube channel.