I'm in Canberra for #BSidesCBR. There's some really interesting talks. I think I'm most interesting in the code auditing talks. I know the lock picking village is going to be great fun too.
One man's journey from receipt of a #phishing email to intrusion into the attackers c2 server including full analysis of the infrastructure used. Followed ethical disclosure to authorities and affected companies to assist in shutdown. #infosec
The true winners of #LibSpill are Bundaberg rum and their ad about prime ministers knifing each other, which was starting to get stale.
Every week I'm on a podcast called "Smashing Security" where we have a light-hearted discussion about the world of infosec.
In our latest episode, "Hacky sacky hack hack", we ask is your used car still connected to its old owner? Just how did Apple manage to identify the teenager hacker who stole 90GB of the firm's files? And why on earth would a firm of lawyers start producing pornographic videos?
Check it out: https://www.smashingsecurity.com/92
This is a pretty handy little list of NodeJS Security rules: https://medium.com/@nodepractices/were-under-attack-23-node-js-security-best-practices-e33c146cb87d
This is an interesting article about the DOD's concern about protecting software supply chains as more vendors exist, have and use products in the cloud and the threat landscape grows.
"Do I need to pay for Java"
tldr: only if you don't want to be hacked after Jan 2019
if you use some kind of oldschool Java webapp that uses Applets or JWS, ie, every corporation in existence and everyone who has to deal with a government, then almost certainly you will need to buy Oracle Java 8 patch support unless all the webapps YOU use have completely rewritten THEIR website front-end logic
or you could just let your Java 8 quietly turn into a virus magnet
Part developer, part security, part alligator. Mostly jiu jitsu.
Server run by the main developers of the project It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!