Posts about infosec

Security related posts. In some cases, a gross misuse of the term as this tag is used for network and app security as well as information security. See also Security.

2023-08-16 12:25Using BlueSky Features As Disinformation Tools
2023-05-26 14:28Banks: Stop relying on SMS based 2FA
2023-01-21 17:11Misusing Microsoft Defender For Domain Blocking Bypass Shenanigans
2023-01-18 17:36Creating A Log-Analysis System To Autodetect and Announce Mastodon Scraper Bot Activity
2023-01-10 19:26Examining The Behaviour of a Self Authenticating Mastodon Scraper
2023-01-04 20:38Tightening Controls over Public Activity Feeds on Mastodon
2022-11-03 20:01Implementing Geo-Blocking with OpenResty and LUA
2022-10-31 19:12Analysing Clearnet, Tor and I2P WAF Exceptions using InfluxDB IOx
2022-04-08 07:22OSINTing the OS-INTers and The Dangers of Meta-Data
2021-06-17 11:38Barclays Online Banking gives 3rd Parties access to login pages
2020-04-23 11:23Cynet 360 Uses Insecure Control Channels
2019-10-16 17:02Spamhaus still parties like it's 1999
2019-10-09 08:49Twitter Screws Up With Data It Shouldn't Hold
2019-07-16 11:41The Curious Case of BitFi and Secret Persistence
2017-03-26 14:53A guide to designing Account Security Mechanisms
2017-03-04 19:12Don't Use Web2Tor / Tor2Web (especially Onion.cab)
2016-06-21 02:19The State of Mobile Banking (in the UK)
2014-12-28 20:25The DVLA is routinely sending sensitive details via email
2014-09-01 00:59Understanding the Difficulty of Assessing True Randomness
2014-07-23 09:15Vulnerability: Infiltrating a network via Powerline (HomePlugAV) adapters
2014-06-22 09:07Understanding Password Storage
2014-04-19 21:21My Own Little HeartBleed Headache
2013-06-07 08:56Why You Shouldn't be using SHA1 or MD5 to Store Passwords
2013-05-23 14:25Checking for Outdated Joomla Extensions on your server
2013-05-02 12:37Darkleech Apache attacks on the rise, but is it really that hard to detect?
2012-06-28 12:33What is js.Runfore?
2011-09-30 12:00Who's auditing the auditors? (it should be you)
2011-06-22 15:51The Importance of Salting Stored Passwords And How To Do So Correctly
2011-05-25 22:55Security Flaw in the Computrend Powergrid 902 Adaptor
2011-05-24 17:04Building Network Resilience Through Sensible Reporting Policies
2010-12-19 13:42A User's Guide to Data Security and Control
2010-12-05 11:52Educating Our Way to Security
2010-11-28 16:22Whitepaper: Attack of the Clones - Is Homogeneity in a network environment safe?
2010-11-10 19:40Analysis of a Compromised GMail Account
2010-11-10 19:36Howto Encrypt Your Removeable Media on Linux
2010-11-09 21:42A Developers Guide to Storage and Manipulation of Passwords
2010-11-09 21:38The Importance of Changing Default Passwords
2010-11-09 21:06Best Practice For Network Security in Small and Medium Sized Business
2010-09-28 22:07Storage and Manipulation of Passwords: A Developers Guide
2010-01-16 12:05Republished: Tips for fighting password theft
2009-02-11 21:53Republished: Hacking the Computrend Powergrid 902 Powerline Adaptor
2006-05-20 21:26Republished: UK government wants to put our networks at risk

hit counter