Things I Hearted this Week 22nd December 2017

December 22, 2017 | Javvad Malik
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

But we’ve always done (in)security this way

Being an operator for the Twitter account for any large brand can be challenging and tough at the best of times. But it can be even more so when faced with security questions.

When security experts on Twitter questioned NatWest_help why the homepage wasn’t secure the Bank initially tried to downplay the issue. But the bullying on Twitter forced the changes. Troy Hunt led the charge with “Securittyyyyy” much like Mel Gibson declared “Freeedom” in Braveheart, and NatWest finally gave in and upgraded within 48 hours.

The Security Avengers (name pending) then fired a warning shot across other major banks which did not have secure homepages which has likely got many a security executive in a board room explaining likelihood and impact slides.

Why incident response is the best cybersecurity ROI

Many times, there is little influence over what companies run and what it is run on. Chances are there will be failures or breaches – what is within the sphere of control is how well those incidents are responded to.

Welcome to the hotel hackifornia

Christoph Brandstatter is managing director of the four-star Seehotel, Jagerwirt, in Austria's Alps.

His hotel's electronic door locks and other systems were hacked for ransom four times, between December 2016 and January 2017.

He paid a ransom of two bitcoins, at that time it was about €1,600 (£1,406: $1,882)".

He’s trained his staff to recognise phishing emails that may seem genuine but actually contain malware.

And he's moved back to traditional metal keys.

The restaurant that didn’t exist

People increasingly make decisions based on what they read on the internet. There’s an inherent trust about it. You book a cab through an app to take you to the airport where you board a plane which you booked online, to go and stay in a stranger's apartment you found through a different site.

But it’s a fragile ecosystem that’s open to abuse, as one freelance writer discovered when his unique restaurant beat out thousands to earn to ranking well on TripAdvisor for a time, drawing a flood of interest.

The problem was though, it didn’t exist.

Learn Git fast

A post sprinkled with a generous dose of humour shows the minimum number of Git commands that you need to learn in order to start being productive.

Learn Git fast as if your job depends on it | Dev.to

Building Personal Brand: From One InfoSec Student to Another

A guest AlienVault blog by @CryptoCypher had me nodding in agreement all the way through, giving some solid practical tips on how to position yourself best to get into InfoSec.

It includes tips on writing your CV, the importance of business cards, blogging, attending conferences, certifications, and more.

Do the crime, without the time

Brit teen Jack Chappell has avoided being sent to prison after pleading guilty to helping launch DDoS attacks against NatWest, Amazon and Netflix, among others.

According to the Manchester Evening News, Judge Maurice Greene said in his sentencing remarks: "It is a tragedy to see someone of undoubted talent before the courts... You were taken advantage of by those more criminally sophisticated than yourself."

Manually mining bitcoin

This post is a few years old, but I only just came across it this week. It’s a great breakdown on how one could mine Bitcoin with pencil and paper. It’s obviously very slow, but a good way to understand exactly how it works.

No word on whether enterprising maths professors have been giving these as homework in order to mine bitcoins from their students.

Javvad Malik

About the Author: Javvad Malik
The man, the myth, the blogger; Javvad Malik is a London-based IT Security professional. Better known as an active blogger, event speaker and industry commentator who is possibly best known as one of the industry’s most prolific video bloggers with his signature fresh and light-hearted perspective on security. Prior to joining AlienVault, Javvad was a senior analyst with 451 Research providing technology vendors, investors and end users with strategic advisory services, including competitive research and go-to-market positioning.
Read more posts from Javvad Malik ›

‹ BACK TO ALL BLOGS

Watch a Demo ›
GET PRICE FREE TRIAL