Skip to main content

Posts

Episode #32 - Where's the plunger?!

We're back after three weeks off! Seems the world didn't right itself while we were away. SUNUVA...! (or BUGGER for Chris) 2020's gone. YAY !  2021's here. YAY! ...maybe? The calendar flipped, but the script didn't. 2020 was a f*cked up year for sure. Like seriously f*cked up! There was no shortage of breaches, sh*tty security stuff, panic, fear, loathing, division, etc., etc., etc. The new year brings hope, right? Hope for a fresh start. When the calendar flipped to 2021, there was a collective sigh of relief.  Yes, 2020 is behind us! There's hope! We can see light at the end of the tunnel! Hope is GOOD! Then reality hits (again). The sh*t from 2020 didn't go away. It's like 2020s sh*t is still in the toilet bowl and the f*cking toilet is clogged. Will 2021 be a year we find the plunger or a year we eat a sh*tload of bad Mexican food while we ignore the clog? We don't want 2021s sh*t to pile on top of 2020s sh*t, do we?! We've stumbled out of th
Recent posts

Episode #30 - What do you do when the security provider gets hacked?

Another day, another breach in the news, what's new? well..., this time the victim is one of the worlds leading information/cybersecurity providers.   The company has come forward to say that their offensive red team tools have been stolen, and most likely by a foreign nation. What do we do when the very companies we trust to help protect our nation, become the target of military grade warfare? According to the company, this was not a run of the mill cyber attack, this was a highly sophisticated and targeted attack by a nation state. This is not the first time a security company has been the target of a goverment sponsered attack, nor will it be the last. As an industry if the tools we produce to protect, can also harm what are the obligations to protect them? and how liable are we if they get stolen and used for naferious purposes?  Knowing that our industry will continue to be a target of highly shopoistcated goverment attacks, what obligation if any, does the goverment have to h

Why we do the Security Shit Show

We love people, it's why we do our work. It's why we work crazy hours, get frustrated when things go wonky, fight like hell, and sellout. Our job is to protect people. It's what we do. We love people and we especially love our fans. So much love, you might be surprised to find out we don't do the Security Shit Show for others or our fans. We do the Security Shit Show for us (Chris, Evan, and Ryan). Here are the reasons we do the Security Shit Show: We do this for our health. We do this for our sanity. We do this for inspiration. We do this for support We do this for our enjoyment. We do this for our encouragement. We do this for our sanity. We do this for our joy.  We do this for whatever else we need at the time. Here are some reasons we don't do the Security Shit Show: We don’t do this to be unhealthy. We don't do this to add more pressure to a pressure-filled life. We don't do this for more work (God knows, we've got plenty as it is!).  We don't d

Episode #29 - 'Tis the Season to be Ripped Off

The tech, the calls, and clicks of folly Fa-la-la-la-la, la-la-la-la ‘Tis the season to rob Holly Fa-la-la-la-la, la-la-la-la Don, he shops online in peril  Fa-la-la, la-la-la, la-la-la Scammers have him over a barrel Fa-la-la-la-la, la-la-la-la You get the picture. Here's some straight up truth:  'Tis the season for scammers to scam, and scam they will. There's more opportunity than ever, with online shopping expecting to increase 38% over last year. We're more distracted than ever, with COVID-19, social justice issues, election gibberish, etc. The equation is simple for the scammers: Opportunity + Distraction = Success This shit won't happen on our watch! Sadly, your shit isn't under our watch. It's under yours. You gotta do better. It's your shit. Your shit is your responsibility. We're not Scrooge here. We're not the Grinch either. We're trying to help you save yourself from these jack wagons! Tune in tonight (12/3) LIVE to catch what the

O Shit am I on FIRE?

What is that smell?..........  is that smoke I see?........  why am I hot?  O SHIT, I'm ON FIRE! Work in infosec long enough and you will see a fire or two, Oh hell let's be honest, work in infosec long enough and you will be the cause of a fire or two. It could be your flagship application leaking vast amounts of data, it could be the secretary clicking on a link, a misconfiguration, a failed patch, your most critical 3rd party has a data breach, and ransomware event all in one, then there is the tomfoolery of China, Russia, North Korea just to name a few.  At some point, we have all gotten the "Shits on fire" call at some ungodly hour of the night, and this is assuming we were sleeping, instead of sitting up chewing our fingernails waiting for the phone to ring with a fire on the other end that we then have to deal with. This constant barrage of fires, day in and day out, takes a toll just like in a real fire-you get burnt. Then we have the political fires when some

Seven Ways Security Can Improve Your Sex Life

Let's talk about sex, baby (sing it) Let's talk about you and me (sing it, sing it) Let's talk about all the good things And the bad things that may be Wise words from Salt-N-Pepa. The "good things" and "the bad things". Because I want to end tonight's show on a positive note, I want to first address the bad things. Sex is generally a good thing, but like most good things, humans make them into bad things. I don't EVER want to minimize the importance of recognizing the bad things: Rape Incest Molestation Sexual assault Exploitation Pornography (especially involving children) Prostitution These are all bad things with REAL victims. Our hearts go out to anyone and everyone who is or has been a victim of deviant sexual behavior. Some resources for all of us to know about: Sex Offenders and Sex Offenses: Overview - https://criminal.findlaw.com/criminal-charges/sex-offenders-and-sex-offenses-overview.html Dru Sjodin National Sex Offender Public Websit

Episode #25 - Kiss and Make Up?

So, lets face it, the decisions for the next president is probably already made despite everyone still running round the country stumping for more votes and hoping for a last minute turnout. We’ve seen record numbers of folks at the polls and the USPS folks have carried (successfully) more and more mail in ballots than we’ve seen in many years gone past. Which means the dye is cast, we just have to wait to hear who’s won the next 4 years in the hot seat. Which means the time for healing is upon us, or at least we should be planning for it. OR CAN we? Every 4 years it seems as if we up the ante in this fight for power, mud is slung, words are exchanged, wounds opened and then it’s over. We’re meant to move on, and try to get back to working together as ONE country as opposed to two divided ideologies or 50 individual states. To me this is like lawyers at the end of a trial who’ve insulted each other and their clients for days on end, they just shake hands and move on, while some of us S