Mindblown: a blog about philosophy.
-
Patching is important even when it only shows the maturity of your security process
Sometimes a Tweet says more than a 50-minute conference presentation: Bad TLS as an externally measurable metric for whether an organisation has a mature security process, sure. But it aint getting ya no shell. — Metlstorm (@Metlstorm) September 4, 2017 This Tweet by Adam Boileau (best known outside New Zealand as the co-host of the…
-
Massive data breach confirms what you already knew: you are getting spam
The security community spends a lot of time and effort researching the infrastructure used by spammers to send billions of unwanted and often malicious emails every day – but there is something else spammers need in order to send you their emails: your email address. Security researcher Benoît Ancel’s recent discovery of various databases used by…
-
VB2017 preview: State of cybersecurity in Africa: Kenya
The Internet is very much a global phenomenon, and for that reason, so is cybersecurity. A remote code execution vulnerability is as much of a problem on a server in Afghanistan as it is on one in Zimbabwe. Yet threats do vary between countries and regions, and in order to get a complete picture of…
-
Massive data breach confirms what you already knew: you are getting spam
The security community spends a lot of time and effort researching the infrastructure used by spammers to send billions of unwanted and often malicious emails every day – but there is something else spammers need in order to send you their emails: your email address. Security researcher Benoît Ancel’s recent discovery of various databases used by…
-
VB2017 preview: State of cybersecurity in Africa: Kenya
The Internet is very much a global phenomenon, and for that reason, so is cybersecurity. A remote code execution vulnerability is as much of a problem on a server in Afghanistan as it is on one in Zimbabwe. Yet threats do vary between countries and regions, and in order to get a complete picture of…
-
VB2017 preview: Calling all PUA fighters
While a lot of attention is focused on the fight against advanced malware, a different kind of threat is providing just as big a headache for security companies: that of apps (often free ones) whose behaviours sit right on the limits of what is acceptable from a security point of view. The “better safe than…
-
VB2017 preview: Calling all PUA fighters
While a lot of attention is focused on the fight against advanced malware, a different kind of threat is providing just as big a headache for security companies: that of apps (often free ones) whose behaviours sit right on the limits of what is acceptable from a security point of view. The “better safe than…
-
VB2017 preview: From insider threat to insider asset: a practical guide
“How to catch a Snowden” was the slogan branded across an exhibition booth at the recent Infosecurity Europe event by an exhibitor apparently offering a solution to insider threats. Whether you think it appropriate to use the NSA whistle-blower as an example, insider threats are real, and the concern organizations have – both about employees whose…
-
VB2017 preview: From insider threat to insider asset: a practical guide
“How to catch a Snowden” was the slogan branded across an exhibition booth at the recent Infosecurity Europe event by an exhibitor apparently offering a solution to insider threats. Whether you think it appropriate to use the NSA whistle-blower as an example, insider threats are real, and the concern organizations have – both about employees whose…
-
WireX DDoS botnet takedown shows the best side of the security industry
It is easy to be cynical about the security industry and its tendency to make ever bigger mountains out of molehills, but behind a thin layer of marketing, there are a great many people who really care about making the world a more secure place. We have seen many examples of researchers from competitor companies…
Got any book recommendations?