“...
If you don't know what's on your network, you don't need a pentest.
...”
https://twitter.com/averagesecguy/status/1006548503995314178?s=21
Tuesday, June 12, 2018
Infosec quotes - FIM sync
“...
Guard your FIM sync accounts just like you would a DA. If I get a FIM account hash, I can dcsync anything
...”
https://twitter.com/curi0usjack/status/1006718986258698240?s=21
Infosec quotes - security theatre
“...
Throw all the money at security that you want, but if you don’t have the basics of IT down like: asset management, least privilege account management, and decent IT structure like network segmentation, disabled macros etc… then your security program is just security theater.
...”
https://twitter.com/charlesdardaman/status/1006721375657177089?s=21
Friday, June 8, 2018
Infosec quotes - contractor theft
Chinese hackers stole sensitive U.S. Navy submarine plans from contractor
https://www.cyberscoop.com/submarine-contractor-hacked-china-us-navy/
Tuesday, June 5, 2018
Infosec quotes - smb1
“...
Stop using SMB1. For your children. For your children’s children. Please. We’re begging you.
...”
https://twitter.com/gossithedog/status/1003953079601987584?s=21
Sunday, June 3, 2018
Infosec quotes - security debt
“...
One of the main lessons of WannaCry was that apparently, organisations could run for years without patching and not face significant issues. Until they were hit badly. Security debt matters.
...”
https://twitter.com/martijn_grooten/status/1002819201558605824?s=21
Friday, June 1, 2018
Infosec quotes - google https
“...
Google is not trying to break the web by pushing for more HTTPS. Neither is Mozilla and neither are any of the other orgs saying "Hey, it would be good if traffic wasn't eavesdropped on or modified". This is fixing a deficiency in the web as it has stood for years.
...”
Troy hunt
Subscribe to:
Posts (Atom)