Installing fad software off the Web is always a surprise. Sometimes, we get in on the latest cryptocurrency. Other times, we get held up for ransom. Guess which one Spritecoin is.
Watch more videos on my YouTube channel.
Archive for the ‘Blogs’ Category
Stuck in Traffic – CIS Critical Security Controls and Internal Audit
Posted bySay we have a Critical Security Control. That’s the easy part. But it gets murky quick. Are we doing some or all? Are we doing it in one system or everywhere? And how to be prove it?
Watch more videos on my YouTube channel.
Stuck in Traffic – File Inclusion Attacks
Posted byA Trend Micro report on 13 million website defacement attacks finds file inclusion to be the number one cause. What to do? And don’t just say, “run linux”.
Watch more videos on my YouTube channel.
Stuck in Traffic – Automating Vulnerability Management
Posted byThe three (no, wait, four) crucial systems we need to have in place for effective vulnerability management.
Watch more videos on my YouTube channel.
Stuck in Traffic – World of Warcraft Multi-factor Authentication
Posted byHere’s a crazy idea. What if we give people something if they’re more secure?
Watch more videos on my YouTube channel.
Stuck in Traffic – OWASP Dependency Checker
Posted by“Using Components with Known Vulnerabilities” is one of the OWASP Top 10. Of course, we all do it. There’s simply too much that goes into an app to do it all ourselves. That’s where dependency security checks come into play.
Watch more videos on my YouTube channel.
Stuck in Traffic – Finding Security Champions
Posted byChampions are people within other teams who help promote cyber security. Sounds great, you say. How do you find them, you ask. Here’s one tip.
Watch more videos on my YouTube channel.
Stuck in Traffic – Clouds Melting Down
Posted byCloud providers, from Amazon to Microsoft to Google, are deploying the Meltdown and Spectre patches. This is causing slowdowns across the board. But PaaS and micro services are least hit, due to the ability to scale out. Perhaps DevOps is a mitigating security control?
Watch more videos on my YouTube channel.
Stuck in Traffic – Meltdown and Spectre
Posted byAll Intel processors everywhere on all operating systems ever were just found vulnerable to kernel timing attacks. And the world Googles speculative execution. So, how fast is the sky falling?
Watch more videos on my YouTube channel.
Stuck in Traffic – Ad Networks Misuse SSO
Posted byAdthink and OnAudience are misusing Web browser single-sign-on feature to track visitors. The built-in login managers happily hand over end-user’s information.
Watch more videos on my YouTube channel.