Close

Keeping up with 2016 Trends in Cybersecurity, and Data Breach Investigations Report

As an industry we have all learned that the landscape of information security evolves rapidly. From attack vectors to the KPI/statistics which really matter for security professionals and leaders change and requires a consistent refresh. I usually refer to Trends in Cybersecurity and Verizon'€™s Data Breach Investigations Report to keep up with a consolidated overview of such findings. Microsoft's Trends…

Share

State of Application Security Report – Financial Services Edition

Application security focused company Arxan has created some pretty neat info-graphics summarizing the State of Application Security. They have reached out to me for a review; I found the infographic along with corresponding detailed reports which outlines the summary, methodology, findings, and recommendations, quite effective yet precis overview of the state of appsec. Forty-one percent of mobile…

Share

State of the IoT Security

In a recent podcast by Scott Hanselman and Erica Stanley, an Internet of Things (IoT) primer, the guest mentioned how security is being treated as an afterthought for most things IoT. This is unfortunately true in various areas of software development; but especially with the unprecedented growth of IoT, this lax in providing security standards will fast…

Share

Resolution for the group's SID could not be resolved Error

I have recently encountered the following error when enumerating through the UserPrincipal.GetAuthorizationGroups collection. System.DirectoryServices.AccountManagement.PrincipalOperationException: An error (1301) occurred while enumerating the groups.  The group's SID could not be resolved. The problem was introduction of the domain controller running Server 2012 while the machine running my application was win7 VM (applies to Win2K8 as well) With little…

Share

Poodle & Sandworm

In lieu of recently passed National Cyber Security Awareness Month, a shout out to CVE-2014-4114 with MS14-060 as a vulnerability in the OLE package manager can be exploited to remotely execute arbitrary code in Microsoft Windows versions Vista SP2 to Windows 8.1 and in Server 2008 and 2012. Yeah, 2012 too. and here is to…

Share