- Sep 10, 2021
In September 2021, I presented a conference talk entitled “Collapsology: Why Exposed RDP Isn’t Your Biggest Threat” where I gave an overview of how to identify cultural threats in a rapidly evolving business landscape, and how we can use modern-day tools to identify these threats before they result in security culture collapse.
- Jul 11, 2021
Hello and welcome back to another “Today I Learnt”, where I document some of the exciting things I have learnt to do! Today I’ll be showing you how to support multiple endpoints in Azure Function with a custom handler.
- Apr 14, 2021
Welcome to the second TIL ✌🏻, where I share small lessons I’ve learnt, these generally aren’t substantial enough to be their fully-featured blog post but are worth sharing, just in case someone else is looking at the same problem.
- Apr 06, 2021
Lazy is a word I see much too frequently. Sometimes it comes up as the key reason a web application is insecure or because an internal network is missing a backlog of patches. Sometimes it’s used to explain peoples attitudes towards security in general or their lack of acceptance of a particularly scathing report.
- Mar 24, 2021
Welcome to the first TIL ✌🏻, where I share small lessons I’ve learnt, these generally aren’t substantial enough to be their own fully featured blog post but are worth sharing, just in case someone else is looking at the same problem.
- Mar 18, 2021
Hey there! 👋 If you follow me on the bird platform you’ll know I’ve been spending a lot of my downtime working on needlepoint and have slowly been working my way through Windows 95 icons:
- Mar 06, 2021
Welcome back! ♥️ In 2018, I wrote a Twitter thread that went semi-viral after I did some research about email RFCs and found some fun examples of email addresses that are valid but not well supported.
- Feb 25, 2021
Hey there! 👋 It’s been a while since my last post and while I haven’t written much I’m still here. I recently got a new job and so have been dedicating a lot of time and mental focus to that so haven’t been as focused on research and development after hours, but I have a few drafts that I’m working on so keep your eyes peeled for those.
- Feb 01, 2021
Well, it was all a bit shit hey? At the start of the year I don’t recall exactly what my plans were but I can tell you right now, for most part it didn’t involve not being able to travel, or being confined to my house for 23 hours a day, but we persevered and needless to say the outcome was good.
- Jan 23, 2021
Read the original blog post on the TOOOL Australia Blog.
- Dec 19, 2020
I co-hosted OWASP DevSlop with Nikki, Nancy, Faith, Isaiah, Rahul and spoke to Simone Curzi, Principal Consultant from Microsoft Consulting Services about his new tool Threats Manager Studio (TMS).
- Dec 17, 2020
As part of my current project to harden Office 365, I have proposed to my partner in “Don’t Do” Crimes that we should conduct some phishing and other fun little war games to work out how we can implement some more proactive security controls Spy vs. Spy style.
- Dec 13, 2020
If you’re just tuning in, I would highly recommend you go and checkout Part 1 and 2 of this series:
- Dec 07, 2020
If you’re just tuning in, I would highly recommend you go and checkout Part 1 of this series Part 1: Creating a Blog on Sphinx.
- Nov 30, 2020
👋🏼 Welcome back reader!
- Nov 22, 2020
Install and setup Sphinx, ablog and pydata_sphinx_theme.
- Nov 21, 2020
20, November 2020 was the day I last day I used Netlify to build errbufferoverfl.me. But don’t be fooled! This time it wasn’t by choice. The Hugo site that I had finally settled on suddenly failed to build, even if I went back as far as a month to the last successful build.
- Oct 19, 2020
Failure in this system is like a cliff in the dark, a precipice at night that we can’t see until it is too late and we are about to tumble over it. We’re afraid of it, waiting for us out there in the darkness, and all we know is that we never want to get too close in our wanderings.
- Oct 02, 2020
Practical Cloud Security: A Guide for Secure Design and Deployment
- Sep 29, 2020
Hi 👋🏼 and welcome to the first part on a series on culture hacking! Your first question might be, what exactly is culture hacking, and why should I care about it?
- Aug 20, 2020
This is the second time I am writing this because bad habits die hard, and Word didn’t save my first draft, because I never enabled that feature so who’s really at fault here? Obviously, the computer.
- Aug 17, 2020
So, recently, no scratch that, for a while I’ve been considering implementing an information security management system (ISMS) at home. People have asked why, and the answer comes down to one of two reasons:
- Jul 20, 2020
- Category One
Now what? Humans dating robots is sick. You people wonder why I’m still single? It’s ‘cause all the fine robot sisters are dating humans! Bender, being God isn’t easy. If you do too much, people get dependent on you, and if you do nothing, they lose hope. You have to use a light touch. Like a safecracker, or a pickpocket.
In this talk I discuss common “canary locks” or locks with tamper evident mechanisms through the ages, I trawled through 11,335,427 patents to identify several high and low profile locks and their known, or speculated bypass techniques.
- Nov 22, 2018
What up! ☝🏻
- Nov 14, 2018
- Sep 01, 2021
Throughout 2018, I presented a conference talk entitled “Agloe: What the map makers-of the 1930s can teach us about protecting data in 2018” where we looked back to the 1930’s to see what the General Drafting Company could teach us about securing data and breach notification in the modern day. In the talk I discussed how using free and open-source solutions, defensive thinking and a bit of creativity, we can easily identify network breaches, and catch the bad guys in the act.