My patience has finally been rewarded. The declassified version of the highly classified election intelligence report has been released and is available to the general public. The PDF document is short and sweet, but it gives a high level overview of the joint investigation by the NSA, CIA, and FBI into Russian activities and involvement […]
Star Wars fans, let’s be honest here. All of us at one point or another dreamed of being Boba Fett. Who doesn’t want a jet pack, a blaster rifle/flame thrower, and an awesome back story? Not to mention, an inherently bad-ass job. Even 9 year old Matt was flying his mini version of the […]
In this age of rogue hackers, government red teams, and everyone else under the sun with computer access, a few books, and an MO – what do you count on to keep them out? I tell you many organizations have blurred lines with security products, to the point that incidents are reported and brought to […]
Human nature is amazing. I can tell you that there are a million stars in the sky and you will believe me. I can tell you that the paint on the wall is wet, and 8 out of 10 people will touch it to make sure. Social engineering and phishing email scams are part of […]
So let me tell you about a little thing called Shodan. To put it simply, this terrifyingly beautiful website is a search engine for the Internet of Things. It’s powerful, thorough, and just downright fun to play with. Shodan will take your search and discover all devices connected to the internet related to the query. […]
I recently covered a few sections from the Verizon Data Breach Investigations Report (take a look if you haven’t already). I also mentioned another one of my favorites, the WhiteHat Security Website Security Statistics Report. This report gives an insightful overview of a constantly evolving and frequently targeted attack vector, web applications. Ignoring my strong […]
For those of you who are new to the topic, multi-factor authentication is a security system that requires more than one method of authentication from different categories in order to verify the identity of a user. MFA is becoming increasingly popular (if not necessary), especially when looking at the data presented in the Verizon Data […]
At this point, I think it’s a relatively well known fact that passwords should be hashed in storage. If you or your development teams are storing passwords in plain text, the keys to every user’s kingdom are sitting there begging to be stolen. Really, all it takes is one little SQL injection to expose every user’s password […]
I remember during my senior year of college the struggle and confusion surrounding where to start my career. Luckily, I had a very helpful professor who gave me an overview of the different paths a security professional can take. As I started my career, it became apparent that it wasn’t as simple as he explained. […]
Hack-Ed 