Author: Walker Rowe
Data scientists and big data programmers are familiar with Jupyter (formerly iPython) and Zeppelin. These are excellent programming tools because you can write code in a wide variety of languages and execute it right on a web page. And it connects easily to Spark and Hadoop environments. But fro...Continue Reading
Okta says they have updated the Okta SAML Toolkit for Java to fix what they call a critical vulnerability. But they do not give any technical details saying, “Okta maintains a responsible disclosure policy, and as such, will only divulge specific details about this vulnerability...Continue Reading
Google sent out a tweet yesterday saying that millions of its users have been tricked by a phishing email campaign into giving a third-party app access to the user’s Google data.The phishing campaign is spread using a screen that looks like a request to share a Google document, like shown belo...Continue Reading
Domain shadowing is when a hacker gets access to your domain registration account, like at GoDaddy, and creates subdomains under your domain.For example amazon.com has kdp.amazon.com and other subdomains. kdp would be considered a shadow if a Amazon does not know that that domain has been create...Continue Reading
WikiLeaks has just published the third batch of CIA documents. While they say this is source code, it is not the actual spyware that we have been waiting for. Instead this is code the CIA uses to obfuscate their programs so they cannot be traced back to the CIA. So it’s just one piece of the large...Continue Reading
Threat intelligence feeds are data gathered from attacks around the world and either sold or given away for free. The idea is to take logs from your firewalls and the match those with the list of blacklisted IP addresses, domains, the email address of who registered a domain, etc. to determine what ...Continue Reading
The anonymous leaker or leakers, Shadowbrokers, has dumped 300 MB of NSA source code and documentation onto the internet and published it at github. This is a large haul of zero-day exploits placed there with no advance ...Continue Reading
ELK (ElasticSearch, LogStash, and Kibana) is the most popular log processing tool and certainly the easiest to set up. They scale linearly and can automatically parse multiple file formats, thus saving you the time of writing some complex regular expression. There are 120 parsers, which can be found...Continue Reading
Last year tens of thousand of MongoDB databases were emptied and left with nothing but a ransom note. These were configured with public IP addresses and no authentication. Hackers were able to find them easily using The actress Jennifer Lawrence had her nude photos published on the internet when hackers guessed the challenge response questions to her iCloud account. There are two lessons here: (1) don’t take photos of yourself in the nude and (2) always use two-factor authentication. (TFA only works on iOS 9 ...
The actress Jennifer Lawrence had her nude photos published on the internet when hackers guessed the challenge response questions to her iCloud account. There are two lessons here: (1) don’t take photos of yourself in the nude and (2) always use two-factor authentication. (TFA only works on iOS 9 ...Continue Reading
Be Informed. Stay One Step Ahead.
Sign up for our newsletter and stay up to date with the latest industry news, trends, and technologies