CyberSecurity

So here is a newsflash for all non-Linux people: EVERYTHING IN LINUX IS A FILE. LITERALLY EVERYTHING Microphones Your devices like your camera and microphone are mounted at /dev. The ulility “arecord” from the alsa-utils uses this little trick to allow you to do stuff like open the microphone file and forward the data to other command line tools like mpv: arecord -f cd - | mpv - Cameras The same can be done with your camera, except it’s ffmpeg that relies on the camera being a file: ...

Did you know that on average a CISO, the executive in an organization that focuses on cybersecurity, has a shelf life of 18 - 26 months? This number has been estimated to be as low as 17 months by other groups. Why do you suppose that is? Easy, because no general can win a war on multiple fronts. I have no numbers to back these claims up, only anecodatal experience: Vulnerabilities are discovered and found on systems faster than Remediation Teams can fix them. ...

A Great Interview I recently just watched a great interview by the VulnWise team talking to my personal mentor and friend, Johnny Shaieb. They were discussing the history of vulnerability management databases and covered a lot of interesting topics like: The history of vulnerability databases The value of having an unbounded score Why clients need to focus on the quality over quantity of vulns The history of the fiber backbone that runs the country Etc There was one topic though that I felt I’d like to take a crack at. At the 33:42 minute mark of the video, Steve Carter asked the question: ...

I used to work for a wonderful company called X-Force Red. It’s a cybersecurity firm that has some of the world’s most talented hackers, and I count myself as supremely lucky to have had the privilege to work there. I spent a lot of time with the Vulnerability Management consultants, and their toys were really top notch. Advanced APIs, daemons, and cron jobs, and data science stuff that I couldn’t begin to tell you about. ...