A roundup of the week’s news, commentary, and observations.
We missed last week’s edition as we were at Blackhat and BsidesLV. If you weren’t attending or missed us at the event, Kate managed to capture some of the impressions.
Gartner announced its 2016 Magic Quadrant for SIEM and AlienVault once again remained a visionary. I tackle what this meant in one feast of a blog.
Google is more than a search engine. In the right hands with the right commands it is useful to assist in hacking. Guest blogger Jayme Hancock illustrates how penetration testers use Google.
The Sans 2016 Cyber Threat Intelligence survey was released and had a lot of interesting insight into the maturing capabilities of enterprises. OTX was highlighted as an essential part of many enterprise programmes.
Intelligent Cyber Defense using Threat Analysis
Do whistleblowers ever win? Researcher who exposed VW gain little.
Remaining on the topic of cars, Auto group pushes best practices for vehicle security.
Mozilla to block Flash in Firefox browser – about time.
A tutorial on Configuring NPS 2012 for Two-factor Authentication
New attack bypasses HTTPS protection on Macs, Windows, and Linux
Microsoft REST API Guidelines – a good set of principles.
Sage suffered a data breach initial reports suggested a malicious insider, which appears to have been validated as a 32 year old female employee has been arrested.
Something that reads like the bug equivalent to national novel writing month. Good writeup on high frequency security bug hunting with 120 bugs in 120 days.
I found it very interesting to learn that Starbucks has more money on customer cards than many banks have on deposit. Did Starbucks consider this would happen when it introduced customer cards? Does this materially change its business model? Is it possible Starbucks could make more money from its customer deposits than coffee? It illustrates how business models often change – which includes the associated risk.
Taking advantage of the Olympics, the world anti-doping agency (WADA) has alerted their stakeholders that email phishing scams are being reported. Further details on OTX