infosec - Jonsdocs

When do you pay the ransom?

Should you pay the ransom when attacked with ransomware? I don't think there's a clear cut answer to that...

Setting up MTA-STS using AWS S3, CloudFront and AWS Certificate Manager

Mail Transfer Agent Strict Transport Security is a reasonably new protocol, that helps protect email you're being sent from interception. Here's how to set it up with AWS S3, CloudFront and Certificate Manager.

how to

Setting up MTA-STS using Azure Static Web Apps

Mail Transfer Agent Strict Transport Security is a reasonably new protocol, that helps protect email you're being sent from interception. Here's how to set it up with Azure static web apps.

Security Congress 2021

(ISC)² Security Congress 2021 - the online experience

What was it like to actually attend a conference purely online?

Security Congress 2021

(ISC)² Security Congress 2021 - day three

Rounding out the conference on day three with some fantastic speakers.

Security Congress 2021

(ISC)² Security Congress 2021 - day two

Looking at my sessions on day two.

Security Congress 2021

(ISC)² Security Congress 2021 - day one

My reflections on the first day of the (ISC)2 Security Congress conference.

honeypot

Playing with honeypots: part 4

Looking at a different attack on the honeypot I investigate an attempt to deploy a crypto currency miner.

honeypot

Playing with honeypots: part 3

Having built a honeypot and published it to the Internet, it's time to see what the attackers tried to do.

honeypot

Playing with honeypots: part 2

I build my honeypot in Microsoft's Azure cloud using open source software.

honeypot

Playing with honeypots: part 1

Let's look at what honeypots are, and why we might use them.

cyber security

Receiving a security disclosure for an old subdomain

After receiving a security disclosure from a security researcher I knew I needed to investigate.

wargaming

Wargaming: running incident response plan tests - part 3

Part two finished with our defenders heading in the right direction to find the simulated infection. They'll have used a combination of tools in order to get this far, likely including firewall and network logs. As a reminder, for this exercise there was a simulation running that reached out to