Victim-blaming by any other name still smells just as bad

One of my favourite bloggers Troy Hunt posed a question on Twitter yesterday asking whether a user should share responsibility for a weak password that they reuse across multiple services. There was a lot of great discussion and debate, and I found myself opposing Troy’s views. It was getting late in the night and despite … Continue reading Victim-blaming by any other name still smells just as bad →

The Queen Agrees

Around 2006 / 2007 I began blogging and tried to get into video blogging. Although I’d been working in information security for 7 years up to that point, I wasn’t well-connected in terms of what conferences ran, who the influencers were, or who the editors of any of the numerous security magazines or websites were. … Continue reading The Queen Agrees →

I think I’ve been hacked

A lot of individuals and companies of all sizes often use the phrase where they 'think' they've been hacked or breached, or had some form of unwanted event. There is usually a lack of conviction in this statement, and in hindsight it's not easy to validate. Sure, one could use a service like haveibeenpwned.com to … Continue reading I think I’ve been hacked →

Analyst Vendor Briefings

Fuelled by a twitter conversation both Adrian Sanabria and Anton Chuvakin posted articles here and here, sharing some good tips on what makes a good briefing and common pitfalls to avoid. As a former (recovering?) analyst, I thought it only right that I jump on the bandwagon and share my thoughts on the topic. What … Continue reading Analyst Vendor Briefings →

The attitudes of credential sharing

My staff log onto my computer on my desk with my login everyday. Including interns on exchange programmes. For the officer on @BBCNews just now to claim that the computer on Greens desk was accessed and therefore it was Green is utterly preposterous !! — Nadine Dorries (@NadineDorries) December 2, 2017 This tweet by member … Continue reading The attitudes of credential sharing →

Undermining security and weakening Android

I have Amazon Prime, I quite like their shows, and whenever I have some time to kill I’ll watch an episode or 3. A couple of weeks ago, I thought it would be a good idea to install the official Amazon video app on my android device, so that I could download episodes and watch … Continue reading Undermining security and weakening Android →

Making Sense of WannaCry

Whenever a calamity befalls, it's only natural for people to try and rationalise and identify the problem. As is now happening with the WannaCry ransomware outbreak that affected the UK's NHS service, and other services in over 100 countries. People are discussing what should have been done to prevent it. On one hand, there’s a … Continue reading Making Sense of WannaCry →