Just a reminder, you can support infosec.exchange through liberapay: https://liberapay.com/Infosec.exchange/
The Role of Cyber Insurance in Security Operations
Trying to consolidate my #podcast playlist. Cleaned out a lot of stuff thats beginning to get on my nerves (e.g. self promotion). I think I have a good mix of #Linux & #BSD podcasts so I am looking for recommendations from the infosec side of things.
What infosec/security/privacy podcasts would you recommend?
Prefer issues focused with a mix of the technical (not just all about CVEs).
I made the mistake of telling people on Reddit that not having regular password expiry is bad. The reaction is amazing.
Hear me out...if people reuse passwords, and one sure gets popped...they all got popped.
Also, no one mentions disabling expiry with any other recommendations, like MFA. My fear is that all the people who see one piece of the recommendations and run with just that, without considering all the other pieces.
Security is like onions...
DOJ charges four Chinese military hackers for Equifax hack
"Most intelligence and counter-intelligence operations are usually left off the table when it comes to criminal investigations, as long as they don't target civilians. US officials said that this operation orchestrated by China's military hackers was different because they focused on the mass collection of civilian data and intellectual property theft."
#cybersecurity #infosec #china
This page is really great !
You can find all IDEA instructions at https://idea-instructions.com. See something which could be improved, or which you find confusing? Tell us! Your feedback helps a lot to make these instructions better! <3
New podcast episode - 2020 Show Updates
I’ve been thinking too much about endpoint protection lately- tempt to fire up vim and create a github repo
It’s not about competing with large players, but what does a capital starved startup do? Just ignore it while some basics would move the needle?
Biggest risks I see is people not reading the docs and relying on simple tooling while they should talk to larger vendors and simply not supporting mobile appropriately
Also part of the toxic infosec community who believes in absolute security
Defensive Security Podcast Episode 245
A Mastodon instance for info/cyber security-minded people.