Here’s a crazy idea. What if we give people something if they’re more secure?
Watch more videos on my YouTube channel.
Archive for the ‘Videos’ Category
Stuck in Traffic – OWASP Dependency Checker
Posted by“Using Components with Known Vulnerabilities” is one of the OWASP Top 10. Of course, we all do it. There’s simply too much that goes into an app to do it all ourselves. That’s where dependency security checks come into play.
Watch more videos on my YouTube channel.
Stuck in Traffic – Finding Security Champions
Posted byChampions are people within other teams who help promote cyber security. Sounds great, you say. How do you find them, you ask. Here’s one tip.
Watch more videos on my YouTube channel.
Stuck in Traffic – Clouds Melting Down
Posted byCloud providers, from Amazon to Microsoft to Google, are deploying the Meltdown and Spectre patches. This is causing slowdowns across the board. But PaaS and micro services are least hit, due to the ability to scale out. Perhaps DevOps is a mitigating security control?
Watch more videos on my YouTube channel.
Stuck in Traffic – Meltdown and Spectre
Posted byAll Intel processors everywhere on all operating systems ever were just found vulnerable to kernel timing attacks. And the world Googles speculative execution. So, how fast is the sky falling?
Watch more videos on my YouTube channel.
Stuck in Traffic – Ad Networks Misuse SSO
Posted byAdthink and OnAudience are misusing Web browser single-sign-on feature to track visitors. The built-in login managers happily hand over end-user’s information.
Watch more videos on my YouTube channel.
Stuck in Traffic – Industrial Controls are Okay
Posted byThere was no major ICS in incidents in 2017. Why?
Watch more videos on my YouTube channel.
Stuck in Traffic – Docker Secures Passwords with Base64
Posted byBase64 is the hottest way to secure passwords. Don’t agree? Change the defaults. But who changes defaults these days?
Watch more videos on my YouTube channel.
Stuck in Traffic – Windows Hello Face Recognition Hacked
Posted byYour face is your password. Mostly. Penetration testers from SySS unlocked Windows 10 using a photo. The solution is running the latest Windows 10 build and enabling Enhanced Anti-Spoofing. This is also settable in Group Policy. But it’s a good reminder: authentication is important, but hard, and requires regular review to ensure bypasses haven’t popped up.
http://ift.tt/2BFg5WA
Watch more videos on my YouTube channel.
Stuck in Traffic – Cautionary Tales of Breaches
Posted byThe sad story of TIO Networks. TIO gets bought. TIO gets hacked. TIO gets shutdown. Rough year for them.
Watch more videos on my YouTube channel.