Browser extensions make nearly every employee a potential attack vector
Despite being present on virtually every employee’s browser, extensions are rarely monitored by security teams or controlled by IT, according to LayerX. Most extensions have…
Author: Cybernoz
Just Implemented Memcached | Daniel Miessler
So I just implemented memcached. It’s basically a system that uses hash tables to serve content directly from memory rather than from disk. It’s used…
Crafty Threat Actors Unleash Ingenious Phishing Ploys
Ever feel like phishing scams are on a never-ending quest for supreme deception? From fake delivery notifications to impersonated CEOs, it’s like picking from a…
Attack Flow: Learn how cyber adversaries combine and sequence offensive techniques
MITRE’s Attack Flow project aims to translate complex cyber operations into a structured language. By describing how adversaries sequence and combine offensive techniques to reach…
Percentages of Hitting a Given Number Using x Number of d6’s
My buddies and I are doing a Harn campaign right now and one of the mechanics involves accruing stat “checks” over time. Every five stat…
Funding Expires for Key Cyber Vulnerability Database – Krebs on Security
A critical resource that cybersecurity professionals worldwide rely on to identify, mitigate and fix security vulnerabilities in software and hardware is in danger of breaking…
The future of authentication: Why passwordless is the way forward
By now, most CISOs agree: passwords are the weakest link in the authentication chain. They’re easy to guess, hard to manage, and constantly reused. Even…
Modern Science on Self-Control, and 4 Things You Can Do Immediately to Improve It
Image from scientificamerican.com Scientists are now discovering that self-control is a precious, finite resource that can be raised and lowered by a number of factors…
PayPal and Two-Factor Authentication: A “Weakest Link” Case in Point
I am an enthusiastic user of the Verisign PIP two-factor authentication service. It’s a system that allows you to add additional security to sites that support…
Why We Shouldn’t Call Ourselves Atheists
First, watch the talk. Believe me–it’s worth it. Now, I think the talk is brilliant, and I think he makes a strong point that would…
Critical Chrome Vulnerability Let Attackers Steal Data & Gain Unauthorized Access
Google has issued an urgent security update for its Chrome browser after two critical vulnerabilities were discovered. These vulnerabilities could allow attackers to steal sensitive…
The Mexican Immigration Solution: Make U.S. Immigration Policy Match Mexico’s
So perhaps you’ve heard the story of evil America trying to enact a draconian immigration policy towards Mexico. It’s the policy that does things like:…