Made a new illustration to use in my slide decks.
I often talk about choosing where on the security vs usability dial you want your systems to be, so I figured it was time to have a visual for that.
WeChat ID
aaronpk_tv
#security
-
-
Do I know anyone who knows the right malware analysis tools to determine whether an app accesses any files on the computer or what remote servers it connects to? I want to know more about what this particularly well targeted malware is trying to do.
-
After some great presentations and discussions at the OAuth Security Workshop and European Identity and Cloud Conference, I wrote up some of my thoughts on OAuth and native app impersonation #eic2022 #osw #oauth
https://developer.okta.com/blog/2022/06/01/oauth-public-client-identity -
Sad but true thread on the state of corporate security https://twitter.com/crdudeyoutube/status/1529994566115348485
-
There's nothing like being at #EIC2022, a conference all about identity and security, where phishing and hacking have been a major theme across all the talks, and then getting a "is this you?" push on my phone from an IP on a sketchy VPN followed by a password reset email
-
Phishing Campaign Targets YouTube Creators With Cookie Stealing Malware To Hijack Accounts And Stream Cryptocurrency Scams - CPO Magazine (www.cpomagazine.com)"The hackers also used the “pass-the-cookie attack” to compromise YouTube accounts and take control. Google says that although the method has been around for decades, it has recently skyrocketed because of the adoption of multi-factor authentication (MFA)."
-
Thingiverse Data Leak Affects 228,000 Subscribers (www.databreachtoday.com)"the leaked data set was a result of a "misconfigured S3 bucket" from Thingiverse's backup data"
