ArchiveSeptember 2018

Security Truths

Being in infosec for so long takes its toll. I've come to the conclusion that if you give a data point to a company, they will eventually sell it, leak it, lose it or get hacked and relieved of it. There really don't seem to be any exceptions, and it gets depressing.
— briankrebs (@briankrebs) September 26, 2018

Thoughts on policy

A particular blocklist, once again, listed a major ESP this week. Their justification is “this is our policy.” Which is true, it is their policy to list under these circumstances. That doesn’t make it a good policy, or even an effective policy. It’s simply a policy. Crafting policies Crafting good policy starts with the question “what is the desired outcome in this...

Complaints, contacts and consequences

Yesterday the CRM system Zoho¬†suffered an unexpected outage when their registrar, TierraNet¬†suspended their domain. According to TechCrunch, Zoho’s CEO says there was no notification to the company and that the company had only 3 complaints about phishing. Based on the article, even as a Zoho customer, I am fully on the registrar’s side here. Every company, absolutely every company...

Hitting the ground running

We’ve landed in Dublin and are back at work. Blogging will pick up as I get back into the swing of things. I’ll be speaking on a panel at the Selligent user conference in Amsterdam tomorrow and in London on Thursday. If you’re a Selligent customer, introduce yourself and say hi! Speaking of being on panels, I heard recently that some folks were adding conference speakers to...

Recent Posts

Archives

Follow Us