Passphrases for Tiny People
Gail Menius // Once upon a time, in a land not too far away (about two miles from where I’m sitting now) I used to be an elementary school librarian. […]
Risky Business
Mike Perez // At BHIS, a few of our customers have come to us very recently with the “risk du jour”; no, not the Cash for Creds program Beau highlighted but […]
Incidence Response
Darin Roberts // According to the Identity Theft Resource Center, there were 781 data breaches tracked in 2015. That is, on average, over 2 per day. And that represents only […]
How to Secure Your Home Network
Katherine MacMillan // Something interesting happened last week. A programmer by the name of Matthew Garrett gained access to the lighting and window controls to nearly every room of a […]
Public Wi-Fi Insecurity – Part Deux, For Compliance Sakes
Jordan Drysdale // (See Jordan’s Part 1 of this post here.) PCI-DSS strolled into town with the latest compliance package of minutiae laden IT speak at the end of last year. […]
For the Record – My First Confession
Melisa Wachs // Many, many years ago John laid on the bathroom floor during his wedding reception near tears and screaming. This was not due to any amount of alcohol […]
That One Time My Parents Were Hacked
Heather Doerges // My mom called the other day. It started out, “Honestly, your father.” Which, isn’t a strange way for her to start a conversation about my dad. “What […]
TLS Certificates from EAP Network Traffic
Joff Thyer // A network can authenticate a client workstation using the 802.1X and Extensible Authentication Protocol (EAP) using multiple different methods. EAP is used both in a wired network […]
Using Recursive Grep to Test Per-Request CSRF-Token Protected Pages
David Fletcher // Cross-Site Request Forgery (CSRF or XSRF) is an attack which is used to execute a transaction on behalf of a victim user against a vulnerable web application. […]