If you missed anything or happened to be offline this past week, we hope you find this post useful as a quick reference. For those readers that may not have noticed, I actually tack on a bit of commentary to some the industry articles – so check out my italicized/bolded opinions and let me...
Read more »
I saw VPN Hunter posted on Twitter a few weeks ago and have been meaning to put out a quick post on it. Basically, it is the Shodan of VPNs. Currently it detects SSL VPNs, remote access points, email portals, and generic login sites. Below is a more detailed list of the services VPN...
Read more »
As most of you have probably already heard Marriott has been found injecting ads (or at least space where ads could be injected) into their free wifi. I first read about this story in the New York Times but the blog-/twitter-sphere has been full of follow-up commentary. Since then Marriott’s ISP ensured that the...
Read more »
Over the past few months I had the opportunity to attend several awesome conferences and meetups. One concept that keeps rearing its head is that “antivirus is dead.” I’m guessing this comes up a lot because of it’s reliance on a reactive signature-based approach. As most of us probably know this method doesn’t work...
Read more »
As most of you know I like talking about all this fun infosec career stuff. And so I continue with an article that I came across last night that I thought I’d pass along. InformationWeek.com’s Cindy Waxer conducted an interview with Brian Duckering of Symantec and provided “4 Tips: How To Land An IT...
Read more »
Last Thursday had the opportunity to give a talk on the PHPIDS install I’ve been running on several blogs for awhile. This was the first time I gave it. There’s still a lot of additional research I need to do here and I’m looking forward to updating this talk in the near future. Anyway,...
Read more »
I’ve written about SharePoint before and felt that it’s ok security-wise if you configure it right. But then last week I saw a talk at AppSecDC titled “SharePoint Security 101″ and am … very scared to say the least. See my summary of the SharePoint talk here. So I pass the question on to...
Read more »
If you missed anything or happened to be offline this past week, we hope you find this post useful as a quick reference. For those readers that may not have noticed, I actually tack on a bit of commentary to some the industry articles – so check out my italicized/bolded opinions and let me...
Read more »
Yesterday I had the opportunity to give another one of my infosec career talks … this time AppSecDC. In an effort to better link the general strategic advice we all usually get with more actionable tactical steps, I narrowed the talk to only focus on web application security. This seemed to work well. Anyway,...
Read more »
I’ve written about SharePoint security before and my opinion was that it’s getting much better however they have a lot of insecure stigma to shake off. Additionally, securing it can be done however it may become very cumbersome to manage in large environments. Rob Rachwald’s talk pretty much confirmed my thoughts but also led me...
Read more »
Should We Change Our Name to NovaInfosec.com?
Total Voters: 11
Loading ...
