A Nerdy Quest, Puzzle Wednesday!
When I was a traveling consultant, one of my favorite little games was grabbing the USA Today puzzle section from the Admirals Club and trying to finish the Sudoku before the wheels of the jet left the ground. I got better over time, though I still didn’t finish it before ... Read More
SSH Proxy, Using a Jumphost
Those who know me know about my love of the Raspberry Pi. I’ve got tons of them stashed around various places to provide a variety of services. One thing I use them for is to allow me access into remote networks via Twingate for troubleshooting or maintenance purposes. Usually these ... Read More
Level Up Cybersecurity with Kasm Workspaces
Ever look at plethora of browser tabs staring back at you with “I’ll check this out later” vibes and feel the urge to mercy-close the ones that just wont get done anytime soon? Browser tabs are now another subtle, nagging to-do list that gets neglected or ignored. I’m specifically referring ... Read More
Let’s Encrypt for non-webservers
Let’s say you want to use Let’s Encrypt for something that isn’t a website. So you download certbot, you get things going with your manual cert, and you realize that when it goes to rotate you will need to restart some services. When you go look through the docs, it’s ... Read More
When Man Pages Go Weird
You may not realize that I got my start in the technology world in the early 1990s learning Unix. From my first Netcom account to my high school allowing me, A JUNIOR, to have and run a Slackware machine directly connected to the Internet. My first Linux kernel was a ... Read More
Ten Things Companies Get Wrong About CIAM
Customer Identity and Access Management (CIAM) is a core component of creating your digital user experience. If you are unfamiliar with Customer Identity and Access Management, it is the process by which companies grant access to their digital assets (like websites, mobile apps, and even chatbots) to their customers, as ... Read More
Protect Yourself and Freeze Your Credit
Breaches are never ending, and if you have not already put freezes on your credit reports, make a late New Year’s resolution and do it now. There are a couple of steps you will need to take for each of the four bureaus (yes four). Before you freeze, get in ... Read More
Selective Domain Filtering with Postfix and a SPAM Filtering Service
Yes, that title was a mouthful, but I’m trying to make sure I’m descriptive enough for the next guy who is in this situation. I was facing something interesting lately. There is a spambot network that is ignoring whatever you put in the MX record, and trying to send emails ... Read More
Taking Stock of Identity Solutions in the Age of AI
Security pros can use ITDR and DCI in conjunction to combat security threats in the age of AI ... Read More
PCI DSS 4.0 and TLS
In 2015, I published an addendum to our PCI DSS 4th Ed. book that covered version 3.1. I titled it, “PCI DSS 3.1: The Standard that Killed SSL” because that version removed the ability to use old and outdated versions of the standard in favor of the improved TLS standard ... Read More
