When breaches are disclosed or discovered on the Internet and Dark Web, researches pull together the data an analyze it. Each year a group called SplashData puts together a list of the Top 25 passwords used. The results are pretty sad. This episode run...
Lake Street El
The security business is a serious and frustrating world. Like many things in life you have to not take it too seriously from time to time. There is a website dedicated for Security Professionals to express their challenges and experiences through anim...
Continuing with the mini series Top 10 Security Tips For Your Network we are up to number 8. Conduct regular security audits. The only way you can be confident that your security controls are working is to audit them on a regular basis. This episode go...
As we increase our online shopping, email and social network use the scams increase as well. Only by knowing the scams that are out there and how they work can you know how to avoid them. This episode goes into the top online scams, how they work and g...
The last item in the mini series OWASP Top 10. Number 10, Unvalidated Redirects and Forwards. This episode goes in to the details on what this is and how to avoid having them in your application. OWASP Top 10 A10 - Unvalidated Redirects and Forwards B...
As our Internet lives rely on the browser it's important to know how to use them in a secure way. You cannot assume your browser is setup in the most secure way possible. This episode goes through several best practices, tips and suggestions to ensure your browser security is put first.
Link from the episode - https://updatemybrowser.org/
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com
This week's TTT episode talks about a fantastic new service to help manage your family's home Internet use. It's called Circle and this is a network level filter and time management capability that sits on your home router.
No need to install anything on the devices or laptops. You can control what your kids can access, how much time per day they can use the Internet and even limit time on specific apps, like YouTube.
It's a wonderful, easy to use and functional service I use and highly recommend. This episode goes into the details.
Check to to see if your router is Circle compatible
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com
Number 7 in my Top 10 Security Tips for Your Network talks about protecting the external access into your network. Whether through applications, FTP, VPN, etc... your customers and employees at some point need to get to internal resources from outside the network. Every access method needs to be protected and monitored. This episodes talk about doing that.
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com
A major breach with a popular keyboard app showed that they were collecting far more data on their users than they should. This makes all of us think twice whenever an app asks for Full Access to your devices. In this case, they were taking every piece of data they could, including key strokes. This episode goes into the details.
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com
The OWASP Top 10 list is almost done. Number 9 talks about using components with known vulnerabilities. If you think this doesn't happen, look at Equifax. When vulnerabilities are published for a components hackers start to work on attacks for it. If you run these you are increasing you risk of an attack. This episode goes into the details.
This OWASP item is also another reminder that not everything in the OWASP is code related. This one is very much an operational process within an overall security program.
OWASP A9 - Using Components With Known Vulnerabilities
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com
A recent increase of LinkedIn accounts being used for phishing campaigns is a cause for concern. These accounts are compromised and then used to send InMail messages to all contacts. Very convincing but also very preventable by turning on two factor authentication on the LinkedIn accounts. This episode goes into the details.
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com
This week's TTT episode talks about the cloud file, note and thought organizer Evernote. Over the years Evernote has solidified themselves as a robust, feature full online cloud and productivity tool. Use it to store receipts, manuals, web articles, thoughts, notes, project plans, and so on. Evernote has become the central location for my organization for projects, personal work and getting this podcast episodes done each week.
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com
This one seems like a common sense action but you'd be surprised the lack of end to end protection in environments. Viruses, malware and malicious code don't just infect one machine, they look to spread. If you have protections only on your workstations and neglect the servers deeper in the environment you are playing a risky game. This episode goes into protecting against viruses, malware and malicious code at all levels.
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com
We all hear about data breaches but do you know exactly all the costs that go into the recovery of them? It's far more complicated than you realized and for some businesses might be a bankruptcy level event. This episode goes into the details of the various costs that are involved.
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com
The OWASP Top 10 series continues on to number 8, Cross Site Script Forgery. This vulnerability is about how applications take input and requests and about how they could be forged to be sent elsewhere. Verify the calls or randomize the code to help avoid this hole. This episode breaks it down.
OWASP Number 8 - Cross Site Forgery Requests
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com
Apple released a new version/upgrade to their operating system called High Sierra. In addition to all the new features they accidentally removed the password from the 'root' account. Anyone could get full administrative rights to any Mac without entering a password. Whoopsie. This episode goes into the event and why we need to stay on top of updates and patches.
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com
The starting point for any malware scan is a tool called Malwarebytes. This episode goes into the reason why I always start with Malwarebytes on machines that are infected or start to behave oddly. It easy, it free, it works and that's why Malwarebytes is this week's TTT episode topic.
***
All my TTT episodes are not sponsored. These are 100% my opinion and in no way motivated because I am compensated or asked.
***
Malwarebytes website - https://www.malwarebytes.com/
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com
The Top 10 Security Tips For Your Network continues with number 5, Encrypt Your Data. Encryption is the knee jerk response to any security even by the public. Encryption is not the sole answer to everything and there are many aspects of it you need to be aware of before you deploy it. This episode goes into the pros and things to watch out for when you encrypt and why you should in most cases.
Be aware, be safe.
------------------------------------
Website - https://www.binaryblogger.com
Podcast RSS - http://securityinfive.libsyn.com/rss
Twitter @binaryblogger - https://www.twitter.com/binaryblogger
iTunes - https://itunes.apple.com/us/podcast/security-in-five-podcast/id1247135894?mt=2
YouTube - https://www.youtube.com/binaryblogger
TuneIn Radio - Security In Five Channel
iHeartRadio - Security In Five Channel
Email - contactme@binaryblogger.com