Luke Kapustka - Protecting your security and privacy
“76 percent of employees at the world’s largest companies reuse passwords across personal and professional accounts” –Chip Witt, SpyCloud I found this on Help Net Security and it is a statistic I’ve been seeking for some time. Let me tell you why that is a problem from several angles. Password reuse is the tendency for Read more about Password Reuse is a Terrible Idea[…]
I’m going to share a few thoughts I’ve picked up over the years on breaking into information security. The goal is to help those working their way into infosec, whether starting out or a mid-life career change. I encourage you to share your own experience and help others follow you. Be a Lifelong Learner If Read more about Breaking Into Infosec[…]
Bugcrowd, for anyone not familiar, is a managed crowdsourced bug bounty service. They’re getting into penetration testing and released a report to sell the benefits of this service versus traditional penetration testing. The report is found here. Disclaimer: I am a penetration tester, and admit some bias. I have some limited experimented with bug bounties. Read more about Crowdsourced penetration testing[…]
I’ve resisted as long as I could. It’s futile. My home, and likely yours, has been slowing filling with small, internet connected devices. These include voice-controlled smart speakers like the Amazon Alexa, Google Home, appliances, smart thermostats, cameras, smart light bulbs, smart plugs, smart everything. They’re called “internet of things” or IoT for short. Yet, Read more about The Internet of Risky Things[…]
This post contains notes, links and slide images from my Cybercrime presentation (BSides Greenville and ISSA meetings). There are many books and reports that were used for the research of this talk. The statistics were cited in the respective slide. I hope you find these resources useful in your daily security or they may prompt Read more about Cybercrime Notes and slides[…]
The trouble with attribution During the 2018 winter Olympics in South Korea, there was an attack on various computer and network systems. This all occurred before the opening ceremony and it effected services like ski lifts, the Olympics website, Wi-Fi networks, and random display boards used to inform athletes and guests. Malicious software (malware) named Read more about Will the Real Malware Culprit Please Stand Up?[…]
I’ve traveled for work and have seen some crazy things out there. In most cases, I think people just seem to let their guard down. We are so focused on what we’re doing that we don’t notice all the nosy people around or the risks we take. We completely forget where they are among others Read more about Security While Traveling[…]
The rise of cryptojacking There is a rising trend called crytptojacking. The bad guys are taking advantage of your computer, phone, or servers on the internet to run huge calculations. These are used to mine cryptocurrency. These can then be exchanged for tangible currency. Some predict that the trend is rising so quickly that it Read more about Cryptojacking: Hijacking Your Computer Power for Profit[…]
Why should you care about security? Don’t get me wrong, there are a million things going on in your life and this seems like yet another one to think about. I get it. I spend quite a bit of time thinking about this very topic, and I usually answer that question before you even ask! Read more about Everyone cares about security[…]
A journey through the business of collecting information Recently, I found an email in my spam folder. It promoted a service contract for a vehicle that I owned a few years ago. For mere mortals, the delete button solves this annoyance. Instead, I dug in and will share some things about the collection, privacy, and Read more about Who Owns Your Information?[…]