infosec - Jonsdocs

Sign in Subscribe

infosec

A collection of 55 posts

Screenshot of the (ISC)2 Security Congress 2022 virtual conference entry hall. There are people walking around.

Security Congress 2022

Catching up: on-demand sessions from (ISC)² Security Congress 2022

(ISC)² make session recordings available after the event, and with a number of sessions of interest going on simultaneously these are invaluable. Any sessions I watched prior to the end of December I received CPE / CPD credits for, but the recordings are around afterward too. Here's some summary notes from

Screenshot showing the icons of some old malware samples.

Playing with some old malware

Malware has been around for ages, but how do some old malware samples work on more modern Operating Systems?

(ISC)² Security Congress 2022 - day three

Security Congress 2022

(ISC)² Security Congress 2022 - day three

As Security Congress draws to a close, here's my notes on the final day.

(ISC)² Security Congress 2022 - day two

Security Congress 2022

(ISC)² Security Congress 2022 - day two

Having woken up earlier than planned, I spent time pre-keynote watching talks from Monday. Not all the sessions I was interested in were ready yet (we were told it could take 24 hours), so there will be more for me to look at. I won't write about catch up sessions

(ISC)² Security Congress 2022 - day one

Security Congress 2022

(ISC)² Security Congress 2022 - day one

Congress got off to a great start and included a heart-warming (and I'll be honest tear inducing) story from one of the speakers.

When do you pay the ransom?

When do you pay the ransom?

Should you pay the ransom when attacked with ransomware? I don't think there's a clear cut answer to that...

Setting up MTA-STS using AWS S3, CloudFront and AWS Certificate Manager

Mail Transfer Agent Strict Transport Security is a reasonably new protocol, that helps protect email you're being sent from interception. Here's how to set it up with AWS S3, CloudFront and Certificate Manager.

Setting up MTA-STS using Azure Static Web Apps

Mail Transfer Agent Strict Transport Security is a reasonably new protocol, that helps protect email you're being sent from interception. Here's how to set it up with Azure static web apps.

(ISC)² Security Congress 2021 - the online experience

Security Congress 2021

(ISC)² Security Congress 2021 - the online experience

What was it like to actually attend a conference purely online?

(ISC)² Security Congress 2021 - day three

Security Congress 2021

(ISC)² Security Congress 2021 - day three

Rounding out the conference on day three with some fantastic speakers.

(ISC)² Security Congress 2021 - day two

Security Congress 2021

(ISC)² Security Congress 2021 - day two

Looking at my sessions on day two.

(ISC)² Security Congress 2021 - day one

Security Congress 2021

(ISC)² Security Congress 2021 - day one

My reflections on the first day of the (ISC)2 Security Congress conference.

Playing with honeypots: part 4

Playing with honeypots: part 4

Looking at a different attack on the honeypot I investigate an attempt to deploy a crypto currency miner.

Playing with honeypots: part 3

Playing with honeypots: part 3

Having built a honeypot and published it to the Internet, it's time to see what the attackers tried to do.

Playing with honeypots: part 2

Playing with honeypots: part 2

I build my honeypot in Microsoft's Azure cloud using open source software.

Playing with honeypots: part 1

Playing with honeypots: part 1

Let's look at what honeypots are, and why we might use them.

Receiving a security disclosure for an old subdomain

Receiving a security disclosure for an old subdomain

After receiving a security disclosure from a security researcher I knew I needed to investigate.

Wargaming: running incident response plan tests - part 3

Wargaming: running incident response plan tests - part 3

Part two [https://blog.jonsdocs.org.uk/2021/04/18/wargaming-running-incident-response-plan-tests-pt2/] finished with our defenders heading in the right direction to find the simulated infection. They'll have used a combination of tools in order to get this far, likely including firewall and network logs. As a reminder, for this exercise

Wargaming: running incident response plan tests - part 2

Wargaming: running incident response plan tests - part 2

The time has come to run your wargame, let's look at what happens on the day itself.

Wargaming: running incident response plan tests - part 1

Wargaming: running incident response plan tests - part 1

Cyber exercising is important for checking how a team responds to an incident.

The dangers of default credentials

The dangers of default credentials

Default credentials are useful for logging in to systems initially, but shouldn't remain in place afterwards.

Hacking my old blog: part 4, security fixes

hacking my old blog

Hacking my old blog: part 4, security fixes

To finish off the series, I discuss some of the mechanisms that could have been used to protect my old blog.

Hacking my old blog: part 3

hacking my old blog

Hacking my old blog: part 3

The final post in the attack phase of this series.

Hacking my old blog: part 2

hacking my old blog

Hacking my old blog: part 2

Let's get into the admin panel...

Hacking my old blog: part 1

hacking my old blog

Hacking my old blog: part 1

A dig around my old blog to see if I can hack it.