Yes, I wonder why it has taken so much time, but not really, for everyone to embrace cloud.
Can you find any decent, up to date, article online arguing that buying og building your own hardware, data center and software from the ground up is the best option for security? No (or enlighten me please!). And that is because there are no longer a such case I argue. We have in history learned from each other, and moved forward to a global digital world, based on years of collaboration. Even hardware resources and chemicals to make them are mined/shared/sold for everyone to get access globally. Why am I saying this, you may ask. Well it is because we must not trust but verify, what we need to do to make our data secure, and forget about if trust can make that happen for us by outsourcing HW, SW, development and services to foreign countries manufacturers, MSPs, cloud, or whatever. How do we do that, well we educate and build expertise to make that happen. And I don’t mean just read paper. Doing rather. Not just to make what we use securely, but to contribute with what we learn, experience, collaborate and argue to improve.
NCSC brings out a great analogy about the rental car and the owned “customized” car. Check it out here.
Source: Security Magazine Published on 2020-06-05
ImmuniWeb released a new free tool to test, monitor and measure your website and domain exposure on the Dark Web.
Just tested mine, seems ok.
Personally I like cars 🚗 , not just to drive them wherever I want, but also because of how they make me feel, powerfull and flexible at the same time. Being a tech guy I have customised most of my cars, primarily from an entertainment perspective but also visually. As with one of my first cars, a Toyota Corolla 98 E11 hatchback, I was inspired by the legendary (in my opinion) Corolla WRC 97-99.
I enjoy browsing car databases that simplify comparison, provide complete inventory and specifications are important when you are on the lookout for a new car or just want to review what new hot features are available.
I prefer these (in addition to traditional second hand markets):
- Car Info – https://www.car.info/
- Electric only, EV-Database – https://ev-database.org/
- Cars – https://www.vg.no/bil/ (NORWEGIAN)
A while ago I also postet my custom dipped Mini Cooper S, remeber?
Working with IT and system development security especially, the ever changing tech stack makes it hard to be up to date on what is trustworthy tools and not.
Stackshare is great in such a way they provide you with an overview of stacks and who is using what.
Google Firebird make app and user management easy and accessible. Just tested it using Android Studio and a free Spark Firebird plan. Had a blast following the basic setup guide from Firebird, utilising Google sign-in it worked like a charm.
If you are new to both Android and Firebird database and user sign-in, check out this guide from Raywenderlich.
Not all patterns are as powerful as they might seem, as made clear in this article by NCSC. However, in my opinion they drepends heavily on the context they are (not) implemented.
Threatpost made this practical guide, however this is more a journey of architecting. Read more.
Started playing with the freely available VMs from FireEye. Seems like nice Windows based alternatives to Kali and Parrot OS for at least basic pentesting and forensics tools. Personally I like Kali for its sustainability in the market, frequent updates and tools arsenal. However Parrot has grown on me with its sleek design.
Anyways, it seems FireEye got a lot from acquiring Mandiant a while ago. The Redline toolkit is quite nice, so it will be interesting to see how these two plays out:
Flare VM is for malware analysis.