honeypot Playing with honeypots: part 4 Looking at a different attack on the honeypot I investigate an attempt to deploy a crypto currency miner.
honeypot Playing with honeypots: part 3 Having built a honeypot and published it to the Internet, it's time to see what the attackers tried to do.
honeypot Playing with honeypots: part 2 I build my honeypot in Microsoft's Azure cloud using open source software.
cyber security Receiving a security disclosure for an old subdomain After receiving a security disclosure from a security researcher I knew I needed to investigate.
home automation Thoughts on home automation / smart homes - security (part2) Considering privacy and security with the IoT and smart homes.
cyber security What is a Next Generation firewall? A look at Next Generation firewalls and the extra services they often provide.
development Avoiding direct object reference problems Discussing some of the ways to prevent insecure direct object reference issues.
cyber security Be wary of attackers bearing old emails Analysis of some obfuscated VBScript that a malicious email wanted us to download.
cyber security The threat of security knowledge gaps (conference slides) Slides from my recent conference talk on the threat of security knowledge gaps.
cyber security My journey (so far) to a cyber security career How I got into cybersecurity - the story so far.
cyber security Moving from Keepass to Lastpass Having recently moved from Keepass to LastPass, I discuss my experience so far.
System administration A plea to software developers, vendors and support companies A plea to software vendors so we can all work better together.
cyber security What penetration tests have shown me Having worked with a few cyber security firms over the years, let's take a look at some of the findings.
Google Problems setting a Google account app password How to access "app passwords" for your Google account, while also increasing your account's security.
cyber security Preparing for a penetration test Some simple preparations will help you get the best value from you penetration test. In this post I discuss some low cost suggestions.
cyber security My email signature isn't ID Looking at why you shouldn't consider an email signature as ID.
cyber security HTTPS inspection exceptions for Google / Chromebooks / Play store A list of HTTPS inspection exceptions I've found are needed to work with Google services. Includes those needed for Chromebooks and the Google Play Store (Android app installs).
archive Having confidence Confidence is something you have to develop, not just in yourself but also in the tools you use. How important is having confidence when it comes to IT?
Infosec 2018 Infosec Europe 2018, day 3 I spent most of the final day of Infosec 2018 in talks. This post is going up later than planned as I've now processed what I saw / heard and, frankly, I'm no longer quite so tired. I'll be honest, I found day three a bit of an anticlimax. Day 2
Infosec 2018 Infosec Europe 2018, day 1 Reflections on day one of my visit to Infosecurity Europe 2018.
archive When I got "scammed" An archived post from my previous blog, written in 2013. This kind of scam is still being used today. The good news is I didn't really get scammed, I knew what was happening and practically scammed them, however, if I entitled this "an analysis of phone scams" you wouldn't be
archive Rebuilding vs cleaning infected computers Should you clean or rebuild an infected computer? An old post from 2014.
