The Sticky Problem Of Public Passwords
Close your eyes. Let me take you back in time for a moment. It’s 1985. I’m into hacking and you’re an IT manager. You ask me how I manage to break into all those computers. Is it, you wonder, because...
View ArticleWarning – Broken Firewall Ahead
I’ve spent the past couple of days trying to make a Billion router (specifically a model 7800DX) act in a vaguely secure manner. This has proved way more difficult than it should be, and I think it...
View ArticleCrypto Is Hard
There’s much talk in the media at the moment about the latest attack on telecoms company TalkTalk. The company says it’s possible that information on all of its 4 million customers could have been...
View ArticleOn SQL Injection
I spent some time last weekend building a new web server. Actually, I lie. I spent pretty much all weekend building it. I haven’t named it yet but this machine will probably be the exception to my...
View ArticleNessus Cloud
As the saying goes, you can’t manage it if you can’t measure it. In the field of IT security we can extrapolate that to “If you don’t pentest it, you can’t secure it”. Because in order to secure a...
View ArticleCISSP Study Guide Reviewed
I’ve always been a bit cynical when it comes to professional IT qualifications. They have their values, for sure, but you need to be sure that the certification you’re studying for, or recruiting...
View ArticleMisleading Certificates
I’ve been training people in security awareness for a long time now. It’s how I make my living. One of the topics I always cover is how to use the web safely. You’ll notice that I refer to using the...
View Article
