Author: tmack
Notes on “Paved Road”
Lessons from Securing Internal Applications WebappSec Link Building a Security Platform Engineering Team “”” I’m a big fan of building security into existing processes, a term coined as “secure paved roads” by Jason Chan, Ex-Netflix CISO. The idea behind this is that security should mostly be invisible. The average employee should simply not have to Read More …
2 AD or not 2 AD
To AD or not to AD, that is the question. Whether ’tis nobler to continue patching The slings and of the security researchers, Or to take arms against a sea of criminal adversaries And by opposing end them. To die to AD? No more? and by a decommission to say we end AD? The heartache Read More …
What is DTLS and where do I use it?
It’s best suited for small- to medium-sized businesses with deployments that range from tens to a few hundred computers. A provisioning package (. ppkg) is a container for a collection of configuration settings. Use the Windows Configuration Designer tool to create provisioning packages to easily configure devices running Windows client. Windows Configuration Designer is primarily Read More …
PXE Server for the win
Recently I got a new ‘hot rod’ of a laptop from work, which came with many of the latest bells and whistles. One of these newest bells, was a very much updated BIOS, that no longer allowed for Legacy Boot Options. Important for those of us who might want to use something other than Windows Read More …
A Fun Little Chart
Here was a fun little chart I discovered in my news feed a little bit ago. This is graphic representation of selected data breaches from across the globe. You can hover over the bubbles and get a bit more information about each breach. Scary to think that some small bubbles are still 15+ millions of Read More …
SMS Phishing or Spam
I just received an awesome SMS phishing message scam, and I wanted to share with others, to show how to spot the scam. To the right is a photo of it: First, I do read the whole message, and in the second reading that we can really pick it apart. So the message claims to Read More …
Some Computer Blogs
This post is just another compilation from my earlier blogger site. This post will focus on various newsletters, blogs, or similar that I followed at some point or another. Matteo Malvica Penetration Testing Lab Specific Articles New Forensic Investigation Procedures for First Responder Guides This is the story about when a nation state hacks into Read More …
Infrastructure Attacks Are Growing
A couple of news articles caught my eye this past week that are quite interesting IMO. Ukraine’s largest mobile operator Kyivstar downed by ‘powerful’ cyberattack & Attacks on Critical Infrastructure Attributed to Insidious Taurus You have to love the names that the security companies come up with for the other nation state actors. I am Read More …
Install Go Lang on Ubuntu
I decided as my computer hobby to start playing with some of the tools in the Project Discovery set. A good portion of these tools seem to be written in the Go language, so let’s also pursue that a little bit. These are my steps to install on my home server. OK, First let’s install Read More …