Fix It One Level Deeper

September 8, 2024 - 2 mins read

The Concept Recently I read a great article called Try to Fix It One Level Deeper by Alex Kladov, in which he discusses a unique (to me) approach to squashing software bugs. Instead of just fixing the bug at hand, Alex encourages the reader, and his team to dig one level deeper. Really determine why the bug exists at all. Is this parameter really being mishandled? Or should we even be asking for this parameter?

2024.08.27.News You Should Know

August 27, 2024 - 4 mins read

Series: News You Should Know

Hardware Backdoor Discovered in RFID Cards Used in Hotels and Offices Worldwide (thehackernews.com) - Hardware backdoor means even with appropriate controls, threat actors can still attack hotel and office doors around the globe. The FM11RF08S backdoor enables any entity with knowledge of it to compromise all user-defined keys on these cards, even when fully diversified, simply by accessing the card for a few minutes. Russia fears Ukraine hijacking home CCTV systems for intel • The Register - This is genius, the Russians have asked users in the Bryansk, Kursk, and Belgorod regions to shut off dating apps and IP cameras that Ukranians are using for intelligence gathering.

2024.08.20.News You Should Know

August 20, 2024 - 5 mins read

Series: News You Should Know

CISA warns of Jenkins RCE bug exploited in ransomware attacks (bleepingcomputer.com) - Jenkins vulnerabilities from January being used by threat actors for Remote Code Execution. Patches should be applied in every environment. Exploitation of this vuln and proof of concepts hit the web less than 48hrs after the issue was identified. GitHub Actions artifacts found leaking auth tokens in popular projects (bleepingcomputer.com) - GitHub breaks the principle of least astonishment/surprise by including tokens, api keys, other key material in artifacts download.

Alerting

June 6, 2024 - 2 mins read

So You Want To Build A SOC Or How To Lose Your Mind In 10 Weeks A number of companies I’ve worked for have security tools in place, but they’re almost always half-configured, half-utilized, and no one has a good idea what’s missing or what should be there. Luckily, there’s a solution, or at least a tool that can help us move towards a solution. The MITRE ATT&CK Framework Enter the MITRE ATT&CK Framework.

Troubleshooting

June 5, 2024 - 5 mins read

Troubleshooting A Quick Primer The Back Story A friend called and requested some assistance with her electrical. She had moved into a new (to her) house recently and she feared the electrical had gotten the landlord/flipper special. Spoiler turns out she was right, at least to a point. And now one of the circuits in the kitchen was no longer working. I don’t know if you’ve ever tried to cook in the dark but its not a pleasant experience.

Thoughts for a New Leader

May 10, 2024 - 8 mins read

Series: Management

What follows is a list of thoughts crafted in an airport terminal in San Jose, California hours after completing my first attendance at the RSA Conference. This also happens to be the anniversary of my first year as a people leader in the security engineering space. (I had previously mentored and led soldiers in the US Army and in various other civilian industries including Optical Lens Manufacturing and Operational Incident Response.

RSA Day 3

May 9, 2024 - 7 mins read

Series: RSAC 2024

(Posting this a day late as I was crazy exhausted yesterday after walking nearly ten miles! I literally laid down in the room at 22:30 and woke up at 04:30 still in my clothes, lights on, etc…. I think I was effectively conferenced out, and that was only Day 3!) Great tracks today and some exciting notes. Plus I got to hit the Expo floor. Here’s the talks I made it to:

RSA Day 2

May 6, 2024 - 7 mins read

Series: RSAC 2024

Today was a great opportunity to see what RSA was all about. We walked over early to get badges and get checked in. The conference provided us with a decent swag pack, an RSA branded bag, water bottle (something I hadn’t been able to find at any of the airports along the way), a notebook, a pen, a shirt, and for newbies, a “First Timer” pin. We stepped to grab breakfast and then hit up the talk track, I had stupidly “favorited” all my talks instead of “reserving” them so I had some quick choices to make.

RSA Day 1

May 5, 2024 - 6 mins read

Series: RSAC 2024

Today was a travel day to RSA 2024. It started off simple enough, boarding at my municipal airport, then a puddle jumper to the nearest metro-airport, Atlanta. Luckily, as if there wasn’t enough anxiety around Boeing aircraft, our initial plan was inoperable and a secondary plane had to be found delaying our flight. Considering Boeing’s in the business of killing whistleblowers this week, and they make roughly 90% in Delta’s fleet (Atlanta is Delta’s home turf) it didn’t look like I was going to make it west on a non-Boeing flight.

Hello_World

May 2, 2024 - 1 min read

Hello World Welcome to my little slice of internet freedom. I hope to start moving a number of my writings here and making this a comfortable place for musings, software configuration guides, security issues and the like. After all the fight I had to get Hugo, Alpine, Proxmox, Nginx, and LetsEncrypt configure, this better be worth the trouble. Then again, is anything ever really? If anything I learned a hundred ways to not do things and thats got to be worth something.