The aspect of the latest Spectre/Meltdown vulnerability that interests me is not how wide-spread it might be. Not that it is down below the OS level. And while I am thankful I cannot find reports of it being exploited in the wild, not even that is what really interests me (though I am of course … Continue reading
Tag Archives: #infosec
A recent REALLY BIG breach: reporting relationships and college degrees
We are somehow hearing about what the Equifax CISO studied in college and not about when the firm’s last pen test was. We are hearing about how heads rolled at Equifax but not if the reporting relationship between IT and Security has been revised. Since the interim CISO seems to be reporting to the interim … Continue reading
Patch yours!
Security professionals feel no great joy in being right about patching. The past two months have been a period of “I told you so” moments for anyone who has ever had to have the conversation with a sys admin about the importance of patching (it’s been a long time for me but the memory lingers). … Continue reading
Depends what you mean by “guest” and other musings about WiFi
This is not primarily about the security of attaching to a wireless access point (WAP). But since communication is a two way affair, let’s start with the endpoints and get them out of the way: You are more likely to have your purse snatched at a train station than in your living room. And the … Continue reading
{Cyber Security} 