Cracking wifi passwords with Kali Linux

I haven’t really done a technical walkthrough type video and I now remember why I never did. These things are hard to do and involve two of my least favourite elements of video-making, screen captures and voiceovers. Which is why I always tip my hat to Vivek and his great tutorials over at SecurityTube.net The … Continue reading Cracking wifi passwords with Kali Linux →

The Cynic’s guide to ISO27001

Nearly every security practitioner is familiar with the ISO27001 standard for information security. A lot of companies base their internal security policies on it and third parties use certification to it as a gold standard. But, what do the statements, recommendations and controls actually mean? Working for very large organisations, I learnt them to mean … Continue reading The Cynic’s guide to ISO27001 →

(ISC)2 Congress 2014

This years (ISC)2 congress was held in Atlanta, GA. I’d heard of Atlanta being referred to as ‘Hotlanta’ and was warned of the humidity that prevails, but fortunately I caught it at the right time of year where the weather was quite pleasant. The conference itself appears to have grown over the last two years … Continue reading (ISC)2 Congress 2014 →

An Article about Information Security Articles

Edit: Despite almost qualifying as a senior citizen, my award-winning friend Thom Langford agreed to write me a guest post (seeing as he writes guests posts for everyone else). I did not impose any conditions except that the topic be relevant and not self-serving in the slightest. I found myself writing an article that I didn’t … Continue reading An Article about Information Security Articles →

Photos in the cloud

We put 'stuff' in the cloud all the time - and most of the time, that's perfectly fine because there aren't any state secrets or self-incriminating evidence contained. The convenience factor it offers typically outweighs the risks. Having said that, it's always worthwhile evaluating the risks - in particular when using photo backups from your … Continue reading Photos in the cloud →

Vegas from afar

One of the rules from our Infosec Rockstar video was that even if you can’t attend a con, you should tweet as if you’re there. Well, I kind of messed up on that tweeting part – but despite me not being at Bsides, Blackhat or Defcon this week, I’ve been living vicariously through the tweets … Continue reading Vegas from afar →

A recap for Eve and Gillis

I often shoot myself in the foot by agreeing to doing things and then realizing it eats up a lot more of my time than I’d originally anticipated which is why I haven’t been blogging or making videos much recently. Some of the things that have been consuming my life lately have included (cue fast-paced … Continue reading A recap for Eve and Gillis →

Interview with the BatCISO

With so many breaches occurring on a regular basis, perhaps it's time for a new kind of CISO. A Bat CISO!

Infosec conferences – client side vs server side

Because infosec has cured cancer, ended poverty and created a utopian paradise that the villain in Demolistion Man could only dream of – the industry often finds itself trying to fix the really big issues via twitter and other social media platforms as well as within the hallways of conferences as to what is wrong … Continue reading Infosec conferences – client side vs server side →

Security and the cobra effect

Some people just want to watch the world burn. Others just want to give bad security advice. Check out Troy Hunt's blog post on the matter.