Top Categories

Spotlight

todayNovember 2, 2020

secure development + industry Jake

Calling the brute(force) squad

I got this picture in my family chat recently with a the question “is this correct?” The short answer is “kinda”. The long answer is this blog post šŸ™‚ What is Brute Forcing Put simply, brute forcing means that a password is guessed. This is as opposed to it having [...]


Blog

10 Results / Page 1 of 1

Background

todayNovember 2, 2020

  • 49
close

secure development + industry Jake

Calling the brute(force) squad

I got this picture in my family chat recently with a the question “is this correct?” The short answer is “kinda”. The long answer is this blog post šŸ™‚ What is Brute Forcing Put simply, brute forcing means that a password is guessed. This is as opposed to it having ...

todayJuly 31, 2020

  • 98
close

industry Jake

Security doesn’t have to be a blocker

A few months ago during a conversation at a secops event, the topic of granting exceptions came up. One of the attendees was shared his dismay. “Management is always steamrolling me” he complained, “people are just being lazy, they should be able to do it right” and added “if it ...

todayJuly 21, 2020

  • 163
  • 1
close

vulnerabilities Jake

SIGRed: A new critical vulnerability Explained

Last Tuesday, as they do every second Tuesday, Microsoft released its monthly patch updates. One in particular (CVE-2020-1350) has been drawing a lot of attention. The vulnerability is called “SIGRed”, like that lunch I may have left in the office, its old, its bad and ripe for worms. Lets dig ...

todayJuly 9, 2020

  • 161
close

malware Jake

ThiefQuest: The new macOS ransomware that’s more than it seems

Last week a new macOS malware threat was discovered. Mac ransomware, while not unheard of, is still interesting enough to be of interest to security researchers. So, when Dinesh Devadosh of K7 Labs announced his discovery over twitter. His colleagues; Phil Stokes of SentinelOne, Thomas Reed of Malwarebytes and Patrik ...

todayJune 10, 2020

  • 56
close

vendor guides + secure development Jake

Cleaning up users in 1password

Recently I was helping a company audit their 1password account. Thought I’d share some useful snippets using jq and the 1password CLI tool. This command suspends users who haven’t logged in for 3 months After suspending all the users for a few days (waiting to see if people complain), this ...

todayMay 31, 2020

  • 34
close

secure development Jake

Maturity in devops

As a consultant, I tend to work with a variety of clients and teams all across the product maturity spectrum. Some are just starting; maybe they have an MVP, maybe they are still building it. Others have existed in their space for years. Typically, when I get called into projects, ...

todayMay 31, 2020

  • 169
close

vendor guides Jake

Trying Pritunl Zero

Pritunl is an open source OpenVPN and IPSec solution that comes with a somewhat popular VPN client. Pritunl Zero fills in a few more gaps by providing zero trust access to SSH and Web Services similar to products such as Akamai EAA and Zscaller. I installed an individual server using ...