Tag Archives: GOOJ

Data Center Failure

Data Center FailureOne company I worked at had a sad data center failure, and I’m not talking a power outage or a fire or theft.

When I arrived at this company, it had no security department. Few security processes. Little security.

And the company also made two interesting mistakes when it hired me.

Continue reading

Advertisements

2 Comments

Filed under Audit, Case Files, Security, Security Scout

Application Hacking Playground

handcuffsThe Taddong Security Blog has a great list of vulnerable web applications you can play with to learn and test your web hacking knowledge and pen-testing tools, handcuffs not included. In other words, you can enter and stay at the playground without going to jail.

Some of them you download and install on your own systems, some of them you run as virtual machines (VMs) or ISOs on your systems, and others are available on the web for your malfeasance pleasure.

Continue reading

2 Comments

Filed under Free, Security

Easiest Way to Steal Confidential Data

A lot of company data is lying around unprotected, making it very easy to steal. No, I’m not talking about picking up other people’s documents at the printer. Stealing printouts isn’t hard, but it can be risky, especially if the printer is a busy one. Besides, it has 2 other problems:

  • Your chances of picking up confidential data are low at any given time.
  • The person will look for the printout and wonder what happened to it.

There’s a much better way that is fast, easy, simple, raises no suspicion, and is basically impossible to detect, if you do it correctly. Can you think of what it is?

Continue reading

6 Comments

Filed under How to..., Security

Searching for Secrets

I was visiting a friend at large, public company doing some benchmarking when we had to schedule several meetings with IT to gather data. My friend “Meako” starting entering attendees into his online calendar to see whether we could get some important meetings scheduled during the next week.

Continue reading

1 Comment

Filed under Audit, How to..., Security, Security Scout

Quote of the Strong (Get Permission)

Since I started Quote of the Weak, I haven’t heard that many good quotes we can share a chuckle over. So, in contrast, here’s a great quote of the strong:

Continue reading

Leave a comment

Filed under Audit, Security

Why a Wastebasket Audit?

Most auditors and security analysts have never performed a wastebasket audit. Why do a trashcan audit?

Continue reading

12 Comments

Filed under Audit, How to..., Security

Top 10 Bad Jobs

I was checking out the latest post of my new blogger colleague from London, Audit Monkey, and read the following….

I’m sitting here in reflective mood thinking what the ‘Top 10′ worst possible jobs could be. Here’s my list.

Continue reading

5 Comments

Filed under Audit, Humor/Irony, Top 10