Cybersecurity lessons learned from the recent Twitter Hack where attackers got access to an admin panel. Use these lessons to prevent or minimize an attack on your systems.
5 Cybersecurity Lessons Learned From The Recent Twitter Hack
Articles
How Do I Structure Files For An Audit?
How to structure folders to achieve the following security goals: 1) Make it easy to audit folder structure come an ISO or SOC2 Audit. 2)...
How To Set Up AWS Organizations For Success
This article is a HOW-TO for how to setup your AWS Organization properly allowing you to deploy services and controls across your AWS Accounts.
AWS Security Tools That Support AWS Organizations
Over the years I have come to specialize in multi-account AWS security. One of the first things I do and recommend is setting up a proper AWS Multi-Account Structure, beginning with a Master Account without any resources. This helps me deploy SCPs out at the organizational root. Previously, it was quite cumbersome to deploy security…
Zoom Security – What To Do?
I am getting a lot of questions from clients right now regarding the use of Zoom. It may be hard to filter the signal from the noise, so I put this together to help you. I don't believe in FUD and I'm concerned about security issues we can fix right now.
Advisory: Windows 0-Day, Actively Exploited, No Patch Available
This was an email I sent to my vCISO / CISO As A Service clients this morning. Since they do not have their own CISOs or security teams, it is likely that they would not have found out about this for awhile. They do have strong IT teams though, so I provided instructions and actions they can take internally.
Why Are Shared Passwords Bad?
We all know that sharing our passwords is a bad idea and we are not supposed to do it, but if we ask a random person why, will they be able to iterate why? In this brief article I will walk you through why sharing passwords is not good and the various problems it causes.
5 Things To Know Before Phishing Your Employees
Some things to consider before hitting send on a phishing test. This article is a simple guide on what to understand to ensure your phishing campaign is successful.
How to Schedule a Penetration Test Like a BOSS
This is a guide for those looking to schedule their first pentest AND get the most return on investment for the money from time spent on an exercise like this.
AWS Re:Inforce 2019 Summary
AWS (Amazon Web Services) had their first security focused conference this year. It was basically an opportunity for AWS to release security related products and features but also create a gathering for security minded practitioners and those looking to consume security related information around AWS products.
Using AWS Service Control Policies To Protect All Your AWS Accounts
If you have multiple AWS accounts, you more than likely are using AWS Organizations. A continually maturing feature of AWS Organizations is AWS Service Control Policies (SCP), which allows you to apply IAM like policies at the organizational level. This does require you to have your AWS Organizations, well, organized (excuse the pun) into OU's…
AWS Secrets Manager, CLI, and JQ
AWS Secrets Manager provides a way for you to store and retrieve secrets securely. They provide a really nice tutorial to help you get started. Looking to test and integrate this from the command line, I wanted to see how this extraction works and how it would look like if an application or wrapper was…
What To Look For In A Cloud Friendly SIEM
This article was born out of years of frustrations waiting for traditional SIEM providers to catch up to the cloud. If you are a SIEM vendor this is for you. If you are looking for a SIEM vendor, these are tips to help you make a good and informed decision to last for your organization.
How Replacing My Roof Mirrored Information Security – Part 4
Baby Steps In security we often want to boil the ocean! Rebuilding a roof is a series of small steps. Each one significant and built upon on the other. First the rafters, eaves, and fascia. Then the plywood and flashing. Afterwards paper and then finally the shingles. Each one building on the other. Each one…
How Replacing My Roof Mirrored Information Security – Part 3
Measure Twice, Cut Once! Yes folks... This. Is. So. True. I saw 21.5" but actually measured 20.5"! Blame fatigue, blurry lines, lack of coffee, whatever... if I would have taken an extra second to double check my measurements I would have had a good piece of wood and not an addition to the scrap pile. When pushing your security…
How Replacing My Roof Mirrored Information Security – Part 2
Gaps are OK, As Long As You Have Compensating Controls Gaps in your roof can be concerning. To an untrained eye, that gap is a BIG problem. Could water get in there? Shouldn't it be tightly connected? What if...? Alone in a vacuum... IT IS! However, with patience, wisdom, and experience we understand that gaps can be…
How Replacing My Roof Mirrored Information Security – Part 1
Friends are great, but they'll only get you so far I had a hard time getting my project off the ground. First I needed to demo the existing roof. Tried it myself and found it to be a little arduous with no end in sight. Didn’t help I didn’t have the right tools either. After…
You Just Got An AWS Security Audit… Now What?
So you successfully ran Trusted Advisor, Scout2, Access Advisor, or hired an external firm to audit your AWS accounts? You found that the co-founder is still logging in using root keys and that you have security groups allowing 0.0.0.0/0 access from the internet. Not to mention the 20 developers offshore that are sharing the same IAM user and access keys. Oops!
A Case of Mistaken Identity and 5 Steps to Prevent It
Wait… Who Are You Again? A couple weeks ago, when logged into a website provider's admin panel, I found a strange user in my account with admin rights that I did not recognize! As you can imagine, this triggered all my alarms. I took a screenshot, removed their access, looked them up on LinkedIN, and…
Why Is Cloud Security So Hard? (Hint: It’s Not)
Securing your application is not hard. Securing it in a completely new environment, without knowing the rules of the road, is. Take the time to learn the rules of the road and avoid cloud security speedbumps or accidents. Cloud Responsibly.