CISSPs from Around the World

ISC2’s blog has an feature where they interview CISSPs from around the world, and I see this month they interview Javvad Malik. Its a nice interview, but nothing compared to his original piece on the benefits of being a CISSP.

Beginner’s Mind

Shoshin is a word from Zen Buddhism meaning “beginner’s mind.” It refers to having an attitude of openness, eagerness, and a lack of preconceptions when studying a subject, even when studying at an advanced level. As IT people we aren’t always known for our attitude of openness, eagerness and lack of preconceptions. Its an easy …

Continue reading ‘Beginner’s Mind’ »

Its the most wonderful time of the year – Patching

Remember back when Summer and Christmas break was a high time of concern.  The kids were out of college and ready to try out their skills.  Christmas was worse because so many people were out of the office, no one would notice.  Or if they did the response would be limited.   Now that’s what we …

Continue reading ‘Its the most wonderful time of the year – Patching’ »

Link – What happens when you reply to spam email (Veitch)

There are people who enjoy messing with scammers by replying to scam, or implementing the Jolly Roger Telephone company. While its a few years old, I just watched a couple of James Veitch Ted Talks on what happens when you reply to spam email. Its hilarious. This is what happens when you reply to spam …

Continue reading ‘Link – What happens when you reply to spam email (Veitch)’ »

SMBv1 isn’t safe

Long before WannaCry used a recently patched Microsoft vulnerability to exploit machines, the recommendation was to disable SMBv1. Disabling old protocols isn’t sexy.   You’re breaking things, and not introducing new features.  You’re fixing theoretical future attacks.   Perhaps the willingness to take on this challenge is a good measure of the maturity level of …

Continue reading ‘SMBv1 isn’t safe’ »