An Elaborate Employment Con in the Internet Age

The story is an old one, but the tech gives it a bunch of new twists: Gemma Brett, a 27-year-old designer from west London, had only been working at Madbird for two ...

On Financial Fraud

There are some good lessons in this article on financial fraud: That's how we got it so wrong. We were looking for incidental breaches of technical regulations, not systematic crime. And the ...

Create a Team for Audit Analytics? Part 3

In the previous post, Create a Team for Audit Analytics? Part 2, I explored the pros and cons of expecting all auditors to develop a level of data and analytic proficiency. These ...

Create a Team for Audit Analytics? Part 2

In the previous post, Create a Team for Audit Analytics? Part 1, I explored the pros and cons of developing an analytics team. This team consists of analytic auditors who are dedicated ...

Create a Team for Audit Analytics? Part 1

Once your audit team has proven the value of doing analytics consistently, the next question is: Do we create an analytics team and have the team do all (or the majority) of ...
Solving the Security B-Sides London 2012 Web Hacking Challenge

Solving the Security B-Sides London 2012 Web Hacking Challenge

This year (2012) I wrote a web hacking challenge for BSides London. Rather than write a lengthy blog post about how to solve it (when others have already covered it), I thought ...