Preview Mode Links will not work in preview mode

DevelopSec: Developing Security Awareness

Jul 24, 2017

James talks about a recent vulnerability report regarding MySpace's Account Recovery system (https://www.wired.com/story/myspace-security-account-takeover/).  He talks about considerations around account recovery and the need to revisit this type of functionality on a regular basis.

For more info go to


May 24, 2017

It was recently reported that an audio driver on HP systems was logging key strokes to a local file.  Accidental?  Malicious?  Instead, we talk about how to try and avoid this from happening in the future.  

Original Article: https://www.cnet.com/news/keylogger-discovered-on-some-hp-laptops-conexant/

For more info go to...


Jan 10, 2017

Do you use MongoDB?  If so, is it exposed to the internet?  Recent news (listed below) had shown that a large number of MongoDB instances are being infected with ransomware.  James talks about the issue and ways to help ensure you are not the next victim.

Link to original article:


Dec 15, 2016

Yahoo has announced yet another breach from back in 2013 affecting a very large number of user accounts. https://investor.yahoo.net/ReleaseDetail.cfm?&ReleaseID=1004285   This creates an opportunity to discuss password storage and the storage of security answers.  Find out what we can takeaway from this incident.

For...


Sep 15, 2016

We talk HTTP/HTTPS all the time.  Google just announced that in January they are going to change how they display their secure/not secure indicators for HTTP sites that have passwords or credit cards.  James talks about how this can effect you.

Link to the article: