How much data can you lose before you’re in trouble?

Ransomware is a very aggressive attack. Whilst many espionage operations are about sneaking in and copying data without your knowledge, ransomware hits you over the head with a hammer to let you know you’ve lost your data. It’s not theft, it’s extortion. The big pro is that at least you know you’ve been breached, and … More How much data can you lose before you’re in trouble?

Your API sucks : security

Pop quiz time. You are given the following example URL to GET as an example of making a payment from your application. How many things here would make you back away slowly before setting the server farm on fire? http://www.example.com/api/pay?cardnumber=1234123412341234&ccv=1234&expirymonth=12&expiryyear=12&amountinpence=123456 So you complain it’s unsecured and they come back with an upgrade, so you need … More Your API sucks : security

Isolated IoT

Following my thoughts on the botnet of things, and not trusting users with security, I was reading this post from Troy Hunt a couple of months back talking about not letting untrusted devices onto his home network, for much the same reasons. And it got me thinking about how such devices could be isolated enough … More Isolated IoT