Solar Windows Onion in Shodan
As of yesterday there is 1688 open @solarwinds Orion systems . You can easily find them on @shodanhq #SolarWinds #Orion .Just use the http.favicon string ... I will write an detailed blog post later
Podcast with CIO Tech Asia : Living The Life In Tech
CIO Tech Asia has invited me to join them for a podcast where we discussed some of the major cybersecurity threats currently facing businesses in 2020 and beyond, while providing deeper insights around the steps CISOs need to take to better prepare themselves for when an attack occurs. l also delve deep into the current increase of ransomware attacks on [...]
Hackers steal 19 years’ worth of data from the Australian National University
News from ESET We Live Security A premier Australian university has disclosed a cyberattack that compromised the personal information of its students and staff extending back nearly two decades. “We believe there was unauthorized access to significant amounts of personal staff, student and visitor data extending back 19 years,” reads a statement from Brian Schmidt, Vice-Chancellor of the Australian National University (ANU). The stolen [...]
10 years of virtual dynamite: A high-level retrospective of ATM malware
POSTED BY VANJA SVAJCE via Talos Intelligence Executive summary It has been 10 years since the discovery of Skimer, first malware specifically designed to attack automated teller machines (ATMs). At the time, the learning curve for understanding its functionality was rather steep and analysis required specific knowledge of a manufacturer's ATM API functions and parameters, which were not publicly documented. Before the [...]
The NEW Security baseline for Windows
While I was still a Full-Time Employee at Microsoft I was fully aware of this “new baseline” recommendations, but I was waiting for the final announcement which came yesterday from my good friend Aaron Margosis, Here is the new security configuration baseline settings for Windows 10 and Windows Server (version 1903) Please note that the new Windows Server has been [...]
Recommended web sites for IT Security Pros
As a Trusted Security Advisor at Microsoft, I used to receive if not hundreds, tens of emails nearly every day from people across the globe asking my help on how they become a Security Professional.Of course, this is not a one-night thing, or there is no secret recipe or a short cut, to be "The Security Guy". I am [...]
New Windows 10 Security Exploit Can Read All Your Files – What You Need To Know
A security researcher with a history of releasing zero-day exploits for the Windows operating system has struck again; this time just days after the latest Patch Tuesday security updates were rolled out. Which means that it’s unlikely there will be a fix for Windows 10 users until June 11 at the earliest. So what did SandboxEscaper just drop into [...]
Our book in Korean is ready (사이버 보안 )
This is an awesome feeling, finally, our award-winning book Cybersecurity Attack and Defense Strategies is ready to sale in Korean. Yuri and I are really proud, this was our first book project and even after nearly 2 years it's still in Amazon Bestselling list and now it's ready to take off in Korean. 사이버 보안 [레드팀 및 블루팀 전략] 원서명Cybersecurity - Attack [...]
There is no difference between F16 and Computers
The headline from my Keynote at the Cybersecurity Research Center which I have delivered.
Everything you need to know about Facebook’s data breach affecting 50M users
By: Sarah Perez, Zack Whittaker Read the article on Techcrunch https://tinyurl.com/yaanx6xq Facebook is cleaning up after a major security incident exposed the account data of millions of users. What’s already been a rocky year after the Cambridge Analytica scandal, the company is scrambling to regain its users trust after another security incident exposed user data. Here’s everything you need to know so far. What happened? Facebook says at least [...]
