Posts By Justin Hall

I just met a vuln named Follina

Those are fun because it means: The vendor has to hustle to understand the vulnerability and develop both workarounds and a patch. There’s a chance this vulnerability has been in use by attackers for a while, but none of our security controls were able to detect it. It’s like finding a spy cam in your […]

Penetration testing, Chicken Guns, and Mike Tyson

Penetration testing explained In the 50s, fleets of aircraft were in use all over the world, but facing a dangerous problem: running into birds in midair. This led to technical advances in building new windshields and new engines, but engineers needed to ensure that their designs would satisfy their requirements. So how do you make […]

After the Smoke Clears – What can we learn about risk management

The security team has a particular responsibility in helping to answer these questions. The mission of a security team is to protect a business from risk. The risk of a pandemic eliminating supplies, services, and customers, as well as forcing employees to stay home, etc., probably was not on the radar of most businesses. It […]

The Effects of the Coronavirus on Cybersecurity

Attackers are capitalizing on our fear Cybercriminals and malware authors always try to find the most effective way to trick users into making poor, risky choices. Fear is an extremely effective mechanism, so in the last weeks we’ve seen this happen with the pandemic. Phishing attacks that purport to carry news about quarantines and lockdowns, […]

Six security trends to watch for in 2020

Two items for home users and consumers: We will see more discovered vulnerabilities in, and attacks against, so-called “smart home” products, such as smart speakers, security systems, and cameras. Any time we see widespread deployment of technology that is, relatively speaking, in the early stages of maturity, we expect that attackers will pay attention and […]