infosec - Jonsdocs

Sign in Subscribe

infosec

A collection of 64 posts

Infosecurity Europe 2025 "hero image".On the right is a human face made up of vertical lines in purple,pink,green gradient.On the left is a wavey pale blue green shape.

Infosec Europe 2025, day 1 (Tuesday)

Thoughts on day 1, 3rd June 2025.

A man holding a brown envelope in an alleyway at night. He is wearing a tan coloured trench coat and a black hat.

Using Exchange Online mail flow rules to reduce impersonation emails reaching your users

This how-to guide shows you how to help prevent impersonation of named users in your organisation, helping reduce the fraudulent emails that reach their colleagues.

Blue background with text that says "BitLocker Enter the PIN to unlock this drive".

Drive decryption passwords / PINs

Full drive encryption is a great protection mechanism, but should you require a password to decrypt the drive?

BIOS passwords - do we still need them?

BIOS passwords - do we still need them?

BIOS passwords - to set or not to set, that is the question.

Cartoon of a long brown haired person sat in front of two monitors.

An insight into my role as a SISO - part three

Looking more into my day job, considering the software development life cycle, customer relationships, and staying up to date.

Cartoon of a long brown haired person sat in front of two monitors.

An insight into my role as a SISO - part two

Continuing a tour into my day job by looking at incident response and investigations.

Cartoon of a long brown haired person sat in front of two monitors.

An insight into my role as a SISO - part one

My job can vary hugely day to day, as a lot of what I do is reactive. Sometimes I get asked what I do, so I've tried to pick a number of activities from my role and collated them into this post. What's a SISO? SISO

Screenshot showing three icons, one for "PROA MS Videx" and the other two for database files.

Authentication flaws and responsible disclosure

When I worked for the local council it was part of my job to review software and systems that were going to be installed or implemented. On one occasion that led me to review a door entry system that was being offered as part of a tender, and I found

A login prompt requesting a username and password. There is an orange alert triangle to the left of the text boxes.

Single sign on: why it's good for account management

Single Sign On (SSO) is a mechanism for authenticating to separate systems using a single identity (you can read the Wikipedia article & definition here). Ever seen the "login with Facebook" or "Sign in with Apple" type buttons on websites? That's SSO at work.

Screenshot of the (ISC)2 Security Congress 2022 virtual conference entry hall. There are people walking around.

Security Congress 2022

Catching up: on-demand sessions from (ISC)² Security Congress 2022

(ISC)² make session recordings available after the event, and with a number of sessions of interest going on simultaneously these are invaluable. Any sessions I watched prior to the end of December I received CPE / CPD credits for, but the recordings are around afterward too. Here's some summary

Screenshot showing the icons of some old malware samples.

Playing with some old malware

Malware has been around for ages, but how do some old malware samples work on more modern Operating Systems?

(ISC)² Security Congress 2022 - day three

Security Congress 2022

(ISC)² Security Congress 2022 - day three

As Security Congress draws to a close, here's my notes on the final day.

(ISC)² Security Congress 2022 - day two

Security Congress 2022

(ISC)² Security Congress 2022 - day two

Having woken up earlier than planned, I spent time pre-keynote watching talks from Monday. Not all the sessions I was interested in were ready yet (we were told it could take 24 hours), so there will be more for me to look at. I won't write about catch

(ISC)² Security Congress 2022 - day one

Security Congress 2022

(ISC)² Security Congress 2022 - day one

Congress got off to a great start and included a heart-warming (and I'll be honest tear inducing) story from one of the speakers.

When do you pay the ransom?

When do you pay the ransom?

Should you pay the ransom when attacked with ransomware? I don't think there's a clear cut answer to that...

Setting up MTA-STS using AWS S3, CloudFront and AWS Certificate Manager

Mail Transfer Agent Strict Transport Security is a reasonably new protocol, that helps protect email you're being sent from interception. Here's how to set it up with AWS S3, CloudFront and Certificate Manager.

Setting up MTA-STS using Azure Static Web Apps

Mail Transfer Agent Strict Transport Security is a reasonably new protocol, that helps protect email you're being sent from interception. Here's how to set it up with Azure static web apps.

(ISC)² Security Congress 2021 - the online experience

Security Congress 2021

(ISC)² Security Congress 2021 - the online experience

What was it like to actually attend a conference purely online?

(ISC)² Security Congress 2021 - day three

Security Congress 2021

(ISC)² Security Congress 2021 - day three

Rounding out the conference on day three with some fantastic speakers.

(ISC)² Security Congress 2021 - day two

Security Congress 2021

(ISC)² Security Congress 2021 - day two

Looking at my sessions on day two.

(ISC)² Security Congress 2021 - day one

Security Congress 2021

(ISC)² Security Congress 2021 - day one

My reflections on the first day of the (ISC)2 Security Congress conference.

Playing with honeypots: part 4

Playing with honeypots: part 4

Looking at a different attack on the honeypot I investigate an attempt to deploy a crypto currency miner.

Playing with honeypots: part 3

Playing with honeypots: part 3

Having built a honeypot and published it to the Internet, it's time to see what the attackers tried to do.

Playing with honeypots: part 2

Playing with honeypots: part 2

I build my honeypot in Microsoft's Azure cloud using open source software.

Playing with honeypots: part 1

Playing with honeypots: part 1

Let's look at what honeypots are, and why we might use them.