Tell me my Infosec peeps, where do you get your phishing templates from? OSINT research, part of a package (a la KnowBe4, etc.), your Spam folder, or something else? Looking to expand my sources a bit.

Just published „Thoughts on video on demand, Netflix and the revival of piracy“
Ranting a little bit about the change in vod landscape, the content industry messing up and YouTube Premium being worth the money

I’m considering moving all my desktop virtualisation to Parallels.

Better OS X integration
Keeps up to date with macOS development
Cheaper than VMWare
It’s not VMWare

Different solution on server and desktop, so VMs are not easily portable
Stupid licensing model

Three step guide for better WiFi in a hotel

- buy mini router
- buy network cable
- use both with one of the lan ports for something unnecessary like the phone or Alexa

Off to San Francisco - if anyone is in town and wants to grep a coffee this week or next ping me :)

Creating incident response table tops is so much work, but always worth it. 5 trainings to prepare before I board the plane mid this month.

Has anyone yet tried training a neural net on leaked passwords to see if it's any good at coming up with other passwords people use?

Published „Zoom, web servers and silent updates“ - I still believe silent updates are the right solution for some problems, expect that to change and don’t like Zoom.

I'm quite relieved that this doesn't apply to me. Even back when my social skills were far worse than they are now - my desktop background was never black. And I make pauses while typing. So I'm not *that* type of engineer.

One day I will give a talk titled „you do not want to appear on TechCrunch“. Without irony and not specific to security incidents.

I remember them reporting about a feature I worked on for a quarter basically getting everything wrong telling our customers we would now have a certain feature we didn’t even plan to build because it made no sense at the time,...


The solution? Make all of your passwords sound like innocuous messages you'd send to slack anyway.

Email password: Hey, who's going to be in on Monday?

Laptop password: Does anyone have that pricing sheet?


New blog post: One week with iPadOS - used it as my daily driver for a whole week and I have to admit I am very satisfied. If Apple continues putting work into it I can see it as an alternative to Chromebooks and viable option for non engineering departments.

Just posted „security 101 - know your threats“ - things a startup should be worried about and what to consider in a threat model

Made it to ComicCon Germany and got an early check in in our regular hotel :) one weekend off the grid.

It’s so stupidly hard to find a good computer case for a gaming machine. Proper cooling and enough space is key.

It feels like a market where you can enter with a block of aluminium and a CNC machine mixed with some common sense.

Even cases explicitly build for air cooling don’t fit an be quite! or Noctua CPU cooler properly.

Just posted “Startup Security 101 - Introduction” - my attempt to collect a series of articles explaining easy wins for startups which are time, money and engineering constraint (so,… all of them)

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.