While running tests last week, I came across a website which provides international legal research and recommendations. As usual, I ran Shodan - and gracious, the host server needs Apache updates! Over twenty vulnerabilities were documented, some dating back several ye...
Yesterday - which may be last week by the time I post this - a Facebook friend asked for my thoughts on an SMS text received from an unknown-to-them organization. You know where this is going, right?
Yes, it was a scam. Nowadays, virtually no legit requests come unsoli...
Wondering if your personal info has been leaked in a breach? California residents, check here:
"California law requires a business or state agency to notify any California resident whose unencrypted personal information, as defined, was acquired, or reasonably bel...
IT (information technology) is the base upon which cybersecurity knowledge is built: the best practitioners generally start their careers in network administration. Or high school computer clubs. Over time they focus in on infosec as th...
Shodan has a reputation as a script kiddie tool in some corners of the security world. Meh. When properly used, it can surface very interesting data. Say, the fact that a cyber security firm based outside the US and providing services worldwide, has a primary website c...
In this morning's messages, the day after the US celebrates Thanksgiving Day: a linux website features articles on new Mirai iterations targeting YARN vulnerabilities in Hadoop, when run on linux servers. Apparently this is the first known non-IoT exploit for the malwa...
I'm still running occasional OSINT vuln scans on random URLs, out of curiosity and to compare basic cyber security postures for small vs large business sites. It's becoming a downtime habit. Nothing I've learned to date has been an eye opener, really, but overall my fi...
Here's a question to think about: how many of you regularly help your local small businesses or volunteer organizations by offering even the most basic open source intelligence (OSINT) vulnerability assessments?
If you are concerned about protecting your neighborhood, a...
Heavens - it's been quite an adventure-filled year for us, though not so much in cybersecurity. No, we're not elaborating. C'mon now! lol Anyway, back to the blog...
Rather than commenting on things we touch upon in our Twitter feeds, I'm just going to blog here now and...