Uncategorized

Protecting your Kids from Online Threats

“The greatest gifts you can give your children are the roots of responsibility and the wings of independence.” — Denis Waitley As information security professionals, we’re often asked about how to best protect children online. I’ve got four of my own, and discussions about what is or isn’t appropriate, are nearly endless. Because let’s be honest, …

Protecting your Kids from Online ThreatsRead More »

Place Your Right Hand On This Glass

One of the hassles of the Yahoo! breach was clearly the coming-home-to-roost quality of the mega-stupid 90’s era “something about you” secret questions, a relic of the “portal” fantasy-based business model, under which you were expected to voluntarily subvert the freedoms of the Internet by turning over all your new-found freedom by allowing one company …

Place Your Right Hand On This GlassRead More »

Statement by Nick Selby on Bishop Fox / Muddy Waters Report

FOR IMMEDIATE RELEASE: Statement by Secure Ideas Response Team Director Nick Selby on the Report Issued Today by Security Consultancy Bishop Fox Media Contact: Ben Singleton JACKSONVILLE, FL, OCT 24. Today, a technical report was released by the technology consultancy Bishop Fox, that was based on research  conducted by a team of which I was …

Statement by Nick Selby on Bishop Fox / Muddy Waters ReportRead More »

Cloud-Base Host Discovery Is Easier Than You Think!

During a recent conversation at DerbyCon it occurred to me that some security folks who are just dipping their toes into AWS are struggling a lot with the idea that cloud (EC2) instances keep popping up spontaneously. Developers and their agile / devops / continuous deployment methodologies are creating a chaotic mess of the network that has …

Cloud-Base Host Discovery Is Easier Than You Think!Read More »

A Brief BeEF Overview

BeEF, the Browser Exploitation Framework,  is a testing tool that allows the penetration tester to look past hardened network perimeter and client system, and launch client side attacks directly against the targeted browsers providing pivot points to other systems. In this guide I’ll be using Kali Linux, the penetration testing distribution created by the folks …

A Brief BeEF OverviewRead More »

Burp Repeater

As a consultant for Secure Ideas there are many tools I use often in my daily tasks.  One of the many great tools I use in web application testing is Burp Suite. Burp Suite is an integrated platform for performing security testing of web applications.  Its various tools work seamlessly together to support the entire …

Burp RepeaterRead More »

Hours After The Penetration Test, This CSO Revealed Something That Will Leave You In Tears

We all recognize clickbait when we see it. And yet thousands still click on the links. In today’s world of social media and ad-funded news, a range of techniques are utilized to grab your attention, some with more success than others. One of these, used in the title of this post, is to create a …

Hours After The Penetration Test, This CSO Revealed Something That Will Leave You In TearsRead More »