Security Awareness

Do you need to block advertisement shenanigans without blocking the advertisements?

If you’ve never heard of malvertising or need a better understanding, then you should read the article on malvertising first. If you’re familiar with malvertising and have run into issues with blocking advertisements, then I might have a solution for you. I recently ran into problems with blocking ads because non-ad images weren’t loading due to being served from an ad network which is ideal from a content delivery aspect, but terrible from a security…

Continue reading

Information Security Education Resources

Security Onion Set Up Part 1: Planning UPDATE

The guidance in the article “Security Onion Set Up Part 1: Planning” no longer applies if you’re using the new Security Onion image because it uses Elastic Stack instead of ELSA. Elastic Stack might be a resource hog, but the workflow is superior compared to ELSA in the way you can visualize data in the dashboard and pick from pre-configured searches that touch on almost everything you would need to look at out-of-the-box.

Continue reading

Information Security Education Resources

What’s New With TLS 1.3

TLS 1.3 is the newest version of Transport Layer Security which is a cryptic protocol that allows for your web page traffic to be secured. It works to secure the communications between client and server to include passwords, and other crucial information sent from client to the server, and server to the client. As a result, TLS makes it extremely difficult to gain access to the information sent while it’s traveling to and from the…

Continue reading

Opinion

Get it right or get out of the way

When a company has a break down in its processes blame is assigned based on whom the process owner is and the individual(s) responsible for completing the missed or an improperly executed task. When a low-level process is broken such as the case was with Experian and the missing Apache Struts patch that allowed an attacker to gain a foothold in their information system and steal 152 million records, I see little reason to start chopping off the…

Continue reading