Defensive Security Podcast Episode 205 https://defensivesecurity.org/defensive-security-podcast-episode-205/
Some thoughts on cyber security while at the O’Reilly Security Conference: https://infosec.engineering/random-thoughts-from-the-oreilly-security-conference-2017/
All, if you are able, please consider donating to help those in need. Tough times ahead for many people.
Never let a good cyber crisis go to waste: https://infosec.engineering/never-let-a-serious-cyber-crisis-go-to-waste/
New podcast episode is out: https://defensivesecurity.org/defensive-security-podcast-episode-191/
Comparing the OWASP top 10 to the causes of breaches: https://snyk.io/blog/owasp-top-10-breaches/
Latest episode of my podcast is out: https://defensivesecurity.org/defensive-security-podcast-episode-190/ #DBIR
This link has been going around for mastodon admins: https://github.com/tootsuite/documentation/blob/master/Running-Mastodon/Production-guide.md#nginx to update their nginx config files. Do add the http2 changes and the cache-control statement, but leave the ssl stuff as it was. The new changes weakens security a bit.
Turns out the Windows flaw Tavis mentioned on Friday was an RCE in Microsoft's Malware Protection Engine, and they've already released a fix: https://twitter.com/msftsecresponse/status/861734360193552385
A modest proposal to reduce password reuse: https://infosec.engineering/a-modest-proposal-to-reduce-password-reuse/
Time to buy a new phone again. Google Android Bluetooth CVE-2017-0601 Privilege Escalation Vulnerability
Podcast for blue-teamers:
I just released episode 188 of the Defensive Security Podcast: https://defensivesecurity.org/defensive-security-podcast-episode-188/ - enjoy.