INFOSEC Insecure Serverless Plugins: Why You Should Inspect the Source Code The Serverless Framework supports numerous plugins and they save so much time, but this convenience can come with a negative downside.
INFOSEC Secjuice Squeeze Volume 17 Welcome to the 17th edition of the Secjuice Squeeze, a curated selection of interesting security articles and infosec news that you may have missed.
INFOSEC Removing Sensitive Data & Plaintext Secrets from GitHub Learn how to clean your GitHub history, repository and pull requests containing sensitive data (like passwords), and prevent developers from committing secrets.
INFOSEC Squeeze Volume 13 - Voting, Blockchain, DDoS, Malware, & more! Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
INFOSEC Squeeze Volume 9 - NSA Discloses Windows Flaw, Cellebrite Buys BlackBag, P&B Bank Hacked, & More Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
INFOSEC Squeeze Volume 8 - Las Vegas Defeats Cyber Attack, Xiaomi Nest/TikTok/Citrix Vulnerabilities, & More Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
INFOSEC Squeeze Volume 7 - 2019 Cyber Mess, Iran Cyber Attack Looming, California Privacy Act, & More Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
INFOSEC The Hulk Was My Best Friend As A Kid: Advice on Answering Security Questions Think twice before giving truthful answers to your security questions for online banking and services. The answers can sometimes be easy to find online.
INFOSEC Squeeze Volume 6 - Airline Cyber Attack, Hornet's Nest Malware, Twitter Android App Flaw & More Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
INFOSEC Squeeze Volume 5 - Christmas Trojans, Bluetooth Car Break-Ins & More! Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
INFOSEC Write Your Passwords in a Notebook and How To Memorialize and Access Deceased Loved Ones' Online Accounts These aren't easy things to think about but they are important. Here's everything you need to know in one place.
INFOSEC Squeeze Volume 4 - Retailers Are Easy Targets, Crime is Up 20% in the U.S., and Yet Another Reminder to UPDATE YOUR SCHWACK Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
INFOSEC Squeeze Volume 3 - $5M Bounty, Great Cannon DDoS, Linux CVE, a BeerCon in a pear tree Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
INFOSEC Squeeze Volume 2 - Twitter Hacker Arrested & New MFA, Google Hacking, New Kali Feature & More Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
INFOSEC Squeeze Volume 1 - Disney+, Google $1.5M Reward & More Welcome to Squeeze, a curated selection of interesting infosec articles from the past week that you may have missed.
INFOSEC Stealing My Own Banking Information Infosec writer, Miguel Calles, highlights how well-meaning convenience features might result in information security leaks.
TECHNICAL Introduction To Serverless Security: Part 3 - Preventing Accidental Deletion Avoid falling victim to the pitfall of accidentally deleting your critical data when using Serverless. Learn how to enable AWS CloudFormation termination protection.
TECHNICAL Introduction To Serverless Security: Part 2 - Input Validation Infosec writer Miguel A. Calles illustrates the importance of input validation in serverless environments where there are multiple input sources.
CYBERSEC Secure Browsing: My Personal Journey Infosec writer Miguel A. Calles shares his journey to secure web browsing and a review on a service that helped him achieve his browsing strategy with remote browser isolation.
TECHNICAL Introduction To Serverless Security: Part 1 - Dependencies Infosec writer Miguel A. Calles argues it is a good idea to review which packages you import, the dependency tree, and known vulnerabilities when writing your serverless application.
INFOSEC An OWASP AppSec California Conference Review (2019) A review of the the OWASP AppSec California 2019 conference with notes from infosec writer Miguel Calles.
CYBERSEC Case Study: Wreaking Havoc via an API A deep dive case study from infosec writer Miguel Calles highlights the importance of addressing the highest OWASP security risk, injection.
TECHNICAL Using Serverless Frameworks - Part 1 Serverless has become a movement in application development because it allows developers to focus on code and leave infrastructure to the providers.
INFOSEC The Electric Vehicle Charge Attack Electric vehicles are all the rage. Little do we know we are becoming vulnerable to a cyber attack. This car salesman preys on his clients using the EV as his attack surface.
CYBERSEC Why You Should Include Cyber Requirements In The Development Cycle Including cyber requirements in your dev cycle can pay dividends over the long term argues security writer Miguel Calles.
