Lessons from Securing Internal Applications WebappSec Link Building a Security Platform Engineering Team “”” I’m a big fan of building security into existing processes, a term coined as “secure paved roads” by Jason Chan, Ex-Netflix CISO. The idea behind this is that security should mostly be invisible. The average employee should simply not have to Read More …
Author: tmack
2 AD or not 2 AD
To AD or not to AD, that is the question. Whether ’tis nobler to continue patching The slings and of the security researchers, Or to take arms against a sea of criminal adversaries And by opposing end them. To die to AD? No more? and by a decommission to say we end AD? The heartache Read More …
What is DTLS and where do I use it?
It’s best suited for small- to medium-sized businesses with deployments that range from tens to a few hundred computers. A provisioning package (. ppkg) is a container for a collection of configuration settings. Use the Windows Configuration Designer tool to create provisioning packages to easily configure devices running Windows client. Windows Configuration Designer is primarily Read More …
PXE Server for the win
Recently I got a new ‘hot rod’ of a laptop from work, which came with many of the latest bells and whistles. One of these newest bells, was a very much updated BIOS, that no longer allowed for Legacy Boot Options. Important for those of us who might want to use something other than Windows Read More …
A Fun Little Chart
Here was a fun little chart I discovered in my news feed a little bit ago. This is graphic representation of selected data breaches from across the globe. You can hover over the bubbles and get a bit more information about each breach. Scary to think that some small bubbles are still 15+ millions of Read More …
SMS Phishing or Spam
I just received an awesome SMS phishing message scam, and I wanted to share with others, to show how to spot the scam. To the right is a photo of it: First, I do read the whole message, and in the second reading that we can really pick it apart. So the message claims to Read More …
Some Computer Blogs
This post is just another compilation from my earlier blogger site. This post will focus on various newsletters, blogs, or similar that I followed at some point or another. Matteo Malvica Penetration Testing Lab Specific Articles New Forensic Investigation Procedures for First Responder Guides This is the story about when a nation state hacks into Read More …
Infrastructure Attacks Are Growing
A couple of news articles caught my eye this past week that are quite interesting IMO. Ukraine’s largest mobile operator Kyivstar downed by ‘powerful’ cyberattack & Attacks on Critical Infrastructure Attributed to Insidious Taurus You have to love the names that the security companies come up with for the other nation state actors. I am Read More …
Install Go Lang on Ubuntu
I decided as my computer hobby to start playing with some of the tools in the Project Discovery set. A good portion of these tools seem to be written in the Go language, so let’s also pursue that a little bit. These are my steps to install on my home server. OK, First let’s install Read More …
What is SEO Poisoning?
SEO Poisoning (or Search Engine Optimization Poisoning) is a type of social engineering attack that targets an unsuspecting user, or maybe someone who is in a hurry and not paying close attention. These are typically used by bad guys to fool unsuspecting users into clicking their links and going to the wrong website, or worse Read More …