The Shodan blog posted some trends in internet exposure, which like most of the Shodan research is very interesting. One part that caught my eye was this. The number of devices exposing RDP to the Internet has grown over the past month which makes sense given how many organizations are moving to remote work. It's … Continue reading Tech debt of remote working
Category: Security
Lost All The Money
After a several year hiatus, many creative differences, multiple instances of rage-quitting, and several occasions of ghosting so good that Patrick Swayze would have been proud - the group I founded, Host Unknown, has released it's much-awaited third song. We've covered security certifications, and we've tackled risk management. But this time, we've locked on to … Continue reading Lost All The Money
Writing Better Risk Statements
I found this post on my computer. I can't remember where it originally was posted (if it was at all), but I found it useful and thought I'd repost it again. Articulating risks in a clear and concise manner can greatly assist your company in making the right decisions. A typical example of poor communication … Continue reading Writing Better Risk Statements
The RSA 2019 Shortlist
Last week, Thom Langford wrote a post on his RSA 2019 itinerary, which featured some of the sessions he'd shortlisted to visit. I found it to be a useful list, and thought I'd try compiling my list of vendors I'd put on my shortlist to find out more about. My employer AT&T Business - 5545 … Continue reading The RSA 2019 Shortlist
The attitudes of credential sharing
My staff log onto my computer on my desk with my login everyday. Including interns on exchange programmes. For the officer on @BBCNews just now to claim that the computer on Greens desk was accessed and therefore it was Green is utterly preposterous !! — Nadine Dorries (@NadineDorries) December 2, 2017 This tweet by member … Continue reading The attitudes of credential sharing
Undermining security and weakening Android
I have Amazon Prime, I quite like their shows, and whenever I have some time to kill I’ll watch an episode or 3. A couple of weeks ago, I thought it would be a good idea to install the official Amazon video app on my android device, so that I could download episodes and watch … Continue reading Undermining security and weakening Android
When culture eats awareness for breakfast
European startup CLTRe founded by Kai Roer has spent the last couple of years examining the security awareness and user behaviour problem through the lens of security culture. Based on findings over the course of 2016, CLTRe has produced its first annual Security Culture report, co-written by Roer and Gregor Petric, Ph.D., an Associate Professor … Continue reading When culture eats awareness for breakfast
The Growing Impact of Security Researchers
I've followed Scott Helme's work for a while now and have been impressed with his approach. So was interested to find out that he had teamed up with BBC Click and Prof Alan Woodward to comprehensively dismantle a vendors claim to total security. Scott has published the whole story on his blog and The BBC Click … Continue reading The Growing Impact of Security Researchers
Make your vote count
The prestigious European Security Blogger awards are upon us. For those unfamiliar with the European Security blogger awards, it's an award ceremony for bloggers who specialise in security and reside in Europe - at least that what I hope it means. I am fortunate enough to have made it into the finals in five of … Continue reading Make your vote count
How to Fake Monitoring
You're the new guy in the security ops team, they're giving you training and put you on a very crucial and important job… Monitoring. You'll be told how important the job is and how it is essential to be done correctly to ensure the ongoing safety of the company. But you notice that nobody really … Continue reading How to Fake Monitoring