cyber security Kent Cyber Security Forum 2019 A short write up following the Kent Cyber Security Forum 2019.
ethics A question of ethics: disclosing security vulnerabilities When you've found a vulnerability, bug or data leak how do you report it? This post looks at the considerations for disclosure.
ethics A question of ethics: investigating users Thoughts on being fair and considerate when investigating others.
System administration Logging: getting the right balance Logging: what's too much? Is there too little? How long should I keep them? This post discusses factors to consider when configuring logging.
development Avoiding direct object reference problems Discussing some of the ways to prevent insecure direct object reference issues.
cyber security Be wary of attackers bearing old emails Analysis of some obfuscated VBScript that a malicious email wanted us to download.
cyber security The threat of security knowledge gaps (conference slides) Slides from my recent conference talk on the threat of security knowledge gaps.
cyber security My journey (so far) to a cyber security career How I got into cybersecurity - the story so far.
cyber security What penetration tests have shown me Having worked with a few cyber security firms over the years, let's take a look at some of the findings.
forensics Show and tell: digital forensics and giving evidence After performing some forensics for the ICO I was called to give evidence in court. Here I discuss some basics of forensics before talking about my experience in court.
Google GSuite: Allowing users to publish files to the web (link sharing) Sharing files by link outside of your GSuite organisation can be restricted by GSuite administrators. This post shows how to do that.
Google Problems setting a Google account app password How to access "app passwords" for your Google account, while also increasing your account's security.
cyber security Preparing for a penetration test Some simple preparations will help you get the best value from you penetration test. In this post I discuss some low cost suggestions.
cyber security My email signature isn't ID Looking at why you shouldn't consider an email signature as ID.
archive When I got "scammed" An archived post from my previous blog, written in 2013. This kind of scam is still being used today. The good news is I didn't really get scammed, I knew what was happening
archive Rebuilding vs cleaning infected computers Should you clean or rebuild an infected computer? An old post from 2014.
