PinnedMark MaguireinSystem WeaknessSecurely using the JDBC connector with SQLBest practices for writing a clean, custom interface, that mitigates against SQL Injection and other vulnerabilities.Oct 1, 2022Oct 1, 2022
PinnedMark MaguireLog4sHell: Impact and Remediation StepsSince the Log4j vulnerability (CVE-2021–44228)was disclosed to the public on Dec 9, 2021, the cyber community has been scrambling. We were…Dec 15, 2021Dec 15, 2021
PinnedMark MaguireWhat is the difference in Single Sign-On (SSO) and Pass Through Authentication (PTA)?Googled this question and had no luck, so ChatGPT and I wrote our own…Feb 17, 20231Feb 17, 20231
Mark MaguireTuesday Morning Threat Report: Sept 24, 2024North Korean hackers target LinkedIn users, German police surveil Tor users, and 63% of cyber leaders consider banning AI-generated code3d ago3d ago
Mark MaguireTuesday Morning Threat Report: Aug 20, 2024Iran tries to hack both U.S. Presidential campaigns, Texas sues GM over data privacy, and OpenAI disrupts an election interference campaignAug 20Aug 20
Mark MaguireTuesday Morning Threat Report: Aug 13, 2024Former President Trump’s campaign is hacked, a severe Windows Update flaw is uncovered, and Russia bans Signal, the encrypted messaging appAug 13Aug 13
Mark MaguireTuesday Morning Threat Report: Aug 6, 2024Delta lawyers up against CrowdStrike, DARPA explores having AI rewrite C code, and Israeli hacktivists topple Iran’s internetAug 6Aug 6
Mark MaguireTuesday Morning Threat Report: Jul 30, 2024U.K. police arrest MGM’s hacker, Microsoft blames an EU interoperability agreement for the outage, and Leidos suffers a data breachJul 30Jul 30
Mark MaguireinInfoSec Write-upsTuesday Morning Threat Report: Jul 23, 2024Hackers use CrowdStrike’s outage to spread malware, Google might buy Wiz, and tech giants are regulating themselves on AIJul 23Jul 23
Mark MaguireTuesday Morning Threat Report: July 16, 2024AT&T pays the ransom, the U.S. government hacks itself, and Apple removes VPN apps in RussiaJul 16Jul 16