Recent Posts
Living off the land – EFS Ransomware
Attackers have responded to improved security against malware in Windows environments by “living off the land” (LOTL) – using the tools already present in the…
Recognizing and dealing with insider risk
I came across an interesting white paper from the deep mists of the past (2011) which is as relevant today as it was back when…
Aging reports – new ammo for attackers
Another reminder that attackers are getting more sophisticated and taking the time to learn about their victims and their business processes before launching their phishing…
Boredom and security
We security management types would like to think that every task we give our minions is exciting and engaging. However, there are lots of security…
Can experience be a hindrance in making security decisions?
Some interesting insight from the Harvard Business Review’s January 2020 IdeaWatch section: A study looked at how people react to information which indicates that a…
Are passwords really the best we can do?
So by now, you have seen the news stories about the doofus hackers who are breaking into Ring cameras and scaring kids. And it turns…
Just how effective are Russian political social media ops?
There has been a lot of discussion (and hand wringing) over what seem to be concerted Russian “influence operations” aimed at US politics. Our Russian…
Juice Jacking – meh!
Lately, I have been seeing a number of posts and articles warning us all not to use publicly available USB charging points due to the…
Resource: AWS Security RampUp Guide
It seems like Amazon Web Services (AWS) is on every employer’s most wanted skills list. As more organizations make the decision to replace or augment…
Snail mail hacking
Some of the most effective hacks don’t require the attacker to touch your computer. This article from Flashpoint provides some insight into how criminals are…
