⚠️ VULNERABILITY DISCLOSURE 2[−]
25 JunKey Network Questions I wrote this on 7 December 2018 but never published it until today. The following are the "key network questions" which "would answer many key questions about [a] network, without having to access a third party log repository. This data is derived from mining Zeek log data…TAOSECURITY.BLOGSPOT.COM
25 JunCybersecurity Is a Social, Policy, and Wicked ProblemCybersecurity is a social and policy problem, not a scientific or technical problem. Cybersecurity is also a wicked problem. In a landmark 1973 article, Dilemmas in a General Theory of Planning , urban planners Horst W. J. Rittel and Melvin M. Webber described wicked problems in …TAOSECURITY.BLOGSPOT.COM
🔥 INCIDENT REPORTING 1[−]
25 JunBreachForums Clone - 4,204 breached accountsIn June 2023, a clone of the previously shuttered popular hacking forum "BreachForums" suffered a data breach that exposed over 4k records . The breach was due to an exposed backup of the MyBB database which included email and IP addresses, usernames and Argon2 password…HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 4[−]
25 JunWeekly Update 353Presently sponsored by: Kolide ensures that if a device isn't secure, it can't access your apps. It's Device Trust for Okta. Watch the demo today! This feels like a week of minor frustrations with little real world consequence but they just bugged the hell out of me. Couldn'…TROYHUNT.COM
25 JunMy Last Email with W. Richard Stevens In the fall of 1998 I joined the AFCERT. I became acquainted with the amazing book TCP/IP Illustrated, Volume 1: The Protocols by W. Richard Stevens. About a year later I exchanged emails with Mr. Stevens. Here is the last exchange, as forwarded from my AFCERT email …TAOSECURITY.BLOGSPOT.COM
25 JunBejtlich Skills and Interest Radar from July 2005This is unusual. I found this "skills and interest radar" diagram I created in July 2005. It looks like my attempt to capture and prioritize technical interests. At the time I was about to start consulting on my own, IIRC. Copyright 2003-2020 Richard Bejtlich and TaoSecurity (tao…TAOSECURITY.BLOGSPOT.COM
25 JunCore Writing Word and Page CountsI want to make a note of the numbers of words and pages in my core security writings. The Tao of Network Security Monitoring / 236k words / 833 pages Extrusion Detection / 113k words / 417 pages The Practice of Network Security Monitoring / 97k words / 380 pages The Best of TaoSe…TAOSECURITY.BLOGSPOT.COM