Feb 22We Still haven’t Figured Out Cyber — Here’s What’s Coming NextI’ve been in the security game for 20 years and I can tell you two concrete facts: 1) the security world is constantly evolving and 2) it hasn’t yet settled on an effective strategy. We’ve seen countless trends come and go, but people want to know what’s going to stick…Cybersecurity7 min read
Jan 13My Experience With Log4jOk — let’s talk about the shit storm that was and is Log4j and what, as an attacker — I saw and learned about security over the past couple months. We’re all used to getting alarm bells and fighting fires, but I don’t tend to jump to arms quite as…Log 4 J4 min read
Oct 19, 2021I wrote a book!I get a lot of folks asking about how I think about this or that. Lots of conference rooms, video meetings, and hallway discussions about how my perspective is different from a defender’s. This has led to a lot of blog posts, and now has led to a book. I…Attackers Perspective2 min read
Oct 14, 2021RDP: Red Flag or Red Herring?Exposed RDP is interesting to an attacker if they have credentials — focus instead on, MFA, strengthening passwords and minimizing attackers’ ability to move laterally Exposed RDP is the new favorite scapegoat of the security industry. RDP (Remote Desktop Protocol) allows users or IT departments to access computers remotely. …Rdp4 min read
Sep 1, 2021Defending Assets You Don’t Know AboutNot all assets are created equal. Back in the 90s, we all used to build massive firewalls around our systems and spent our day-to-day resources looking for holes to patch. In theory, an impenetrable wall is a great idea. However, if you’ve ever owned a house, you know that all…Security5 min read
Aug 3, 2021Why Your VPN is an Attacker’s Next TargetPeople like to group things into categories, like problems and solutions. But in the security world, automatically lumping certain technologies into the “solutions” category leads us astray — they can be problems too. The security industry relearned this last month, when Russia-linked ransomware group REvil compromised the Kaseya VSA, leading…Vpn Hack5 min read
Jun 23, 2021A Hacker’s Take on the Hardest Security to CrackRarely have I heard someone tell me an IT problem to which the answer is: add a new piece of equipment. Rather, the best security posture is often a lean one that uses just a couple of tools to enforce each layer effectively. More often than not, companies dump money…4 min read
Jun 3, 2021Trusting Your Security Appliance Is Your Weakest LinkSecurity tools are kind of like credit cards. Not enough and you won’t function; too many and they all become useless. Running a security program involves a great deal of trust. You have to trust your team to effectively carry out their roles; you have to trust that hackers do…Vpn Hack4 min read
May 12, 2021How to Make Your Security Program Resilient to the Next Big Ransomware AttackThe US’s largest fuel pipeline was hit with a ransomware attack that took it offline. It is expected to be inoperational for more than a week. The scale of such an attack has left many in the security community wondering what went wrong. …4 min read
Apr 14, 2021Security Is the Kobayashi Maru — An Unwinnable Game. No Wonder You’re Burnt out.I’m Givin’ Her All She’s Got, Captain! I’m not the first person to point out that burnout in infosec is hitting a fever pitch. 2020 was a tremendously difficult year for security. Fueled by the pandemic and work-from-home, ransomware and other attacks boomed, high-profile breaches littered the news, and the…5 min read
