At RMISC I got a chance to catch up with the infamous John McAfee. Prior to meeting John, I only knew him through what I'd read about or watched of him in the media. I'm not sure I'm much wiser about the man behind the mystery after this brief meeting. What I can say though, … Continue reading Building a billion dollar security company, with John McAfee →

With infosec around the corner, the European Security Blogger Awards is imminent. If you're a blogger, you're eligible to nominate your favourite security blogger, podcast, and corporate security blog here. If you're wondering what kind of people I'd want to see nominated, I'd say, Holly Graceful, Stuart Winter-Tear, Steve Lord's Raw Hex, Ryan Dewhurst, Robin … Continue reading Don’t vote for me →

We often hear of the latest and greatest malware that targets android phones. However, many can be avoided by following simple steps such as not rooting your device or downloading files from dodgy sources. Matt Roxburgh inspired this video with this tweet on a common way malware gets on android phone with this image.   I felt … Continue reading Android Malware →

In my younger days, I’d enjoy reading many books. I went through a phase where I really enjoyed Stephen King stories. One of my favourites being ‘Christine’, the story of a car that was possessed by a demon or something. I’d often come across new words that I didn’t understand. And being before the days … Continue reading Defining Threat Intelligence →

Hola! I'm rather excited to have been invited to speak at Tactical Edge in Colombia this October. It will be the first time I'll get to see that part of the world and am really looking forward to visiting. Unfortunately, I don't know any Spanish, so wasn't able to make a video addressing my Colombian peers … Continue reading Going to Colombia →

Another year, another RSA is in the bag. From a filming perspective – it was pretty much static. Sure, I could have walked around the expo floor or the winding streets of San Francisco, but the footage would have been virtually indistinguishable from previous years. Instead, I took time out on my last day before … Continue reading RSA 2016: Selfies and Alcatraz →

Working in IT security means that more often than not you'll be delivering bad news. Conduct a risk assessment and you'll have to explain all the risks that exist. If you're a QSA, you'll have to break the news of how the client isn't PCI compliant. And if you're a penetration tester, then... well, there's … Continue reading Delivering bad security news →

One could argue that life is all a series of risks. Sometimes we remain in a state of ignorant bliss. Other times, we are aware of risks and take measures to mitigate it. But sometimes we choose to accept the risk. Accepting risk is not a bad thing. Quite the opposite. Without risk acceptance, there … Continue reading Accepted the Risk →

I found myself driving to meet someone I only knew from the internet. You never can be sure how these things will pan out. Luckily for me, I was meeting Troy Hunt. If you don't know of Troy, he is a super cool guy from Australia. Which means he uses the word "mate" a lot … Continue reading A day with Troy Hunt →

The wind howled on a cold evening . The only thing missing was the crackle of lightening to foreshadow the impending ominous news. Another website had suffered a breach. Emails, passwords and some other details stolen. It was becoming a regular occurrence, except this time it was different. My details were amongst the ones breached. … Continue reading Why I use a password manager →