Some time ago, I posted about certificate authentication, and certificates themselves. In those articles, I mentioned digital signatures and made a really small mention that digital and electronic signatures are two very different things. In this article, let's unpack...
Category: Cybersecurity
Securing WordPress with Cloudflare Access
Quite some time ago, I posted about my use of Cloudflare's edge services to protect my WordPress installations. I still use and recommend Cloudflare as a frontend to all of your public facing (or even not public facing, future post coming) web assets. Even on the free...
To IaaS or not to IaaS?
IaaS (Infrastructure as a Service) might just be the cloud in its purest form. It truly is just "renting someone else's" computer. Because of that, IaaS offers a ton of flexibility, but it comes with a catch. So let's explore the question: should my cloud...
Microsoft is Turning On Your Security Defaults – You Should Leave It That Way!
If you're a global administrator in a Microsoft tenant, you might have (or soon will) receive an email that reads something like this: You’re receiving this email because you’re a global administrator for [tenant name]. To help protect your organization, we’re always...
Supply Chain Attacks: On the Rise
The 3CX incident marked another highly successful supply chain-based attack, believed to be attributable to DPRK (North Korea) state sponsored actors. I won't bore you with the nerdy details, because Huntress and Blackpoint have already done a fantastic job at that. I...
White House Cyber Strategy – A Shift in Responsibility
The White House has unveiled the Biden-Harris Administration National Cybersecurity Strategy, and it has some really important implications for the tech channel. Two Key Topics Directly from the WhiteHouse.gov website. "Rebalance" the Responsibility Topic 1 aims to...
Dear SaaS Companies: You’re Holding Us Up!
CIS 6.7, CSF PR.AC-1, and just about every other security framework call for centralized account management. SSO is the best way to deliver centralized account management in the modern SaaSified world. However, even in 2023, many SaaS companies nonsensically insist...
I Moved to 1Password
Some time ago, I shared on LinkedIn that I had decided to tinker with 1Password, so I thought I would drop an update about it.