Collaborate Disseminate
Image Source: Wikimedia
via The Grugq, come’s an enlightening view focusing on the security mindset of the original architects of the now ubiquitous internet.
If you can tear your sequestered, hunkered-down or quarantined eyeballs away from doomscrol… Continue reading Security Mindset, Indeed
Organisations are still underestimating the risks created by insufficiently secured operational technology (OT). One current example comes from Germany. According to a report by heise.de, external security testers consider it “likely” that a successful… Continue reading Key OT Cybersecurity Challenges: Availability, Integrity and Confidentiality
I always hear people say "test your backups", but I have no idea how that is done in practice when you have to deal with complex infrastructures.
For personal backups it’s easy to rely on something like checksums, because all you… Continue reading How should backups be tested in large offices?
I have an upcoming exam for a Security course. The following question has come up a couple times in past exams and I could use some help formulating an answer.
Suppose a user downloads an unsigned application software (say an
email client… Continue reading If an attacker can inject any code into an email client on a users computer, how can he compromise confidentiality, integrity and availability?
There is the following question on a practice test:
Which service are you addressing by installing a RAID array and load
balancer?
A. Confidentiality
B. Availability
C. Accountability
D. Integrity
The correct an… Continue reading Practice question for Security+ that I think is wrong. Integrity vs availability
I have a Java App running, which prints out messages into STDOUT and also has an active interactive console (also accepts STDIN), when the server has started up.
How do I securely give access to an external person (outside the network) to… Continue reading How do you securely give access to a Java App interactive console (Linux/GNU)?
Maintaining visibility and availability when you suddenly have a large remote footprint takes planning. Continue reading VPN Concerns with Unplanned Remote Employees
We have seen great strides in improving security tooling and processes over the past ten years. Via constantly maturing security models, security teams have become increasingly dependent upon an ever-more complex toolchain of products and services. But… Continue reading How Organizations Can Achieve Security Availability
Can there theoretically be any possible malicious code hidden in .ics files, which would steal your calendar data or something similar? For an example case, we’d be importing the .ics file into Google Calendar.
The truth is that a vast number of System Engineers, Systems Administrators, Backup Administrators and Security Engineers habitually fail to test backups of their respective organization’s data, resident at off-premises/on-premises cloud infrastructur… Continue reading There Are No Backups