Passwords aren't going away...
Thinking clearly during a ransomware attack is key, helping to save your data.
A discussion of the differences between "having permissions" and "having authority".
User authentication is an important consideration when designing any system. Here's how we decided to use OAuth for eVitabu.
A summary of my key take aways from January's conference.
Cyber attacks are a regular occurrence, and it's important that we learn from them.
It's important to review the paper you re-use to avoid leaking confidential information.
The difference between the web of trust and delegating your trust to a third party.
Password cracking can be an invaluable tool when it comes to checking your organisation's password hygiene.
A look at Next Generation firewalls and the extra services they often provide.
A short write up following the Kent Cyber Security Forum 2019.
When you've found a vulnerability, bug or data leak how do you report it? This post looks at the considerations for disclosure.
Thoughts on being fair and considerate when investigating others.
Logging: what's too much? Is there too little? How long should I keep them? This post discusses factors to consider when configuring logging.
A quick look at what a basic firewall is, and how it works.
Discussing some of the ways to prevent insecure direct object reference issues.
Analysis of some obfuscated VBScript that a malicious email wanted us to download.
Slides from my recent conference talk on the threat of security knowledge gaps.
How I got into cybersecurity - the story so far.
Having worked with a few cyber security firms over the years, let's take a look at some of the findings.
After performing some forensics for the ICO I was called to give evidence in court. Here I discuss some basics of forensics before talking about my experience in court.
Sharing files by link outside of your GSuite organisation can be restricted by GSuite administrators. This post shows how to do that.
How to access "app passwords" for your Google account, while also increasing your account's security.
Some simple preparations will help you get the best value from you penetration test. In this post I discuss some low cost suggestions.
Looking at why you shouldn't consider an email signature as ID.
Stay up to date! Get all the latest & greatest posts delivered straight to your inbox