CyberSecurity

Rapid7 InsightVM API and Searching on Assets or Vulnerabilities

Recently, I spent far too much time looking for what should have been obvious. Over the years I have filled the roll of a specialized-generalist, a jack-of-all-trades-master-of-none developer and technical architect. In simple terms, I connect information from different systems and processes to solve or measure business issues, then move on. I especially rely on

Rapid7 InsightVM API and Searching on Assets or Vulnerabilities Read More »

Remote Work Cybersecurity Report, May 7, 2022

I have seen stunningly bad habits from IT professionals regarding access, authentication, and general computing security. My favorites include using administrator auto-logon without a password, passwords such as “8675309” or just “password”, freely shared domain-level administrative accounts, the cliché sticky-notes on a monitor, and not updating known vulnerable software because something bad might happen. Similarly,

Remote Work Cybersecurity Report, May 7, 2022 Read More »

Remote Work Cybersecurity Report, April 24, 2022

This week is a hodge-podge rollup of warnings, threats, and vulnerabilities. There is something for everyone, bloggers, website administrators, and any remote-work-from-home-digital-nomad with a side-hustle. A funny thing about security vulnerabilities, defects and flaws may exist in products for years until revealed by any number of involved parties. They sit silent waiting for exploitation by

Remote Work Cybersecurity Report, April 24, 2022 Read More »