• An Information Security Place Podcast – 01-22-14
    Comments Off

    Jim, Dan, and Michael have a lot of catching up to do. We talk about a lot of stuff because a lot of stuff has been happening. From RSA, NSA, QSAs… security is busy! Show notes below! Show Notes: InfoSec News Update – 123456 is the new best of the worst – Link RSA Conf…

    Read more
  • Giving Grammy security advice
    Comments Off

    So Grammy got a computer. No, not my Grammy. Just some random Grammy out there got a computer. How do I know? Because someone who set up her computer wanted their family to know that Grammy got a computer and now could get emails. So that person sent out an email to “Mom” and a…

    Read more
  • An Information Security Place Podcast – The HouSecCon 2013 Episode
    Comments Off

    Quick show this time. Jim, Dan, and Michael are all at HouSecCon 2013 in Houston, TX on October 18. They found a quiet room away from all the conference noise and recorded a fast podcast. Jim and Dan talk about their talks, and Michael talks about the fun and stress of being the HouSecCon organizer….

    Read more
  • An Information Security Place Podcast – 09-06-13
    Comments Off

    We’re in rare form today. A lot of fun sprinkled with the occasional good nugget of information security news and discussion. Show Notes: InfoSec News Update – New OSX Metasploit Module or Time is not on your Side! – Link If your session belongs to a user with Administrative Privileges (the user is in the…

    Read more
  • For All Parents – My First Day of School Sermon
    Comments Off

    I put this on Facebook today, and I wanted to share it here on my blog. I have very strong feelings about this if you can’t tell. ******************** From me as a parent to other parents: A lot of people are celebrating the first day of school today. For those of you genuinely celebrating your…

    Read more
  • An Information Security Place Podcast – 8-20-13
    Comments Off

    We’re back to work. Show Notes: InfoSec News Update – Scan the Entire Internet in less than 45 minutes!! – Article Link and tool link Zuckerberg’s Profile Hacked – Link FDA Issues Guidelines on Wireless Medical Devices – Link OWASP Top 10 Update – Link Malware Sandboxing Not Working – Link Sparty: MS Sharepoint and…

    Read more
  • New talk – The Solution vs The Silver Bullet
    Comments Off

    I have developed a new presentation that I gave for the first time yesterday at the Texas Technology Summit in Houston. The title and synopsis are below. Title: The Solution vs The Silver Bullet (or InfoSec Industry != InfoSec Practice) Synopsis: The information security industry and information security practice are two concepts that should not…

    Read more
  • Innovation Sandbox at RSA – a Lesson in Security AND Oratory Skills
    Comments Off

    While attending the 2013 RSA Conference last week, I took a chance and attended the presentations in the Innovation Sandbox Showdown. If you haven’t been to these or aren’t familiar with them, this is where security startups show their wares to a panel of venture capitalists and infosec experts for the title of “Most Innovative”….

    Read more
  • Evangelism and Projecting your dislike of religion
    1 Comment

    Wake up people, you are falling into the same old theistic behavior that we all as evolved sentient beings should eschew, neigh, …loathe. INFOSEC is not a religion and YOU are not the FUCKING POPE ok? That’s a quote from Krypt3ia on his blog entitled “Infosec is not a religion”. He says this in his…

    Read more
  • An Information Security Place Podcast – Episode 04 for 2012
    Comments Off

    Holy crap, we recorded an episode. That’s all I got to say about that… Show Notes: InfoSec News Update – Howard Schmidt is Retiring – Link Here Vulnerability Stats of Publicly Traded Companies – Link Here Tool Update – Threadfix from Denim Group – Link Here The Mission Impossible Self-Destructing SATA SSD Drive – Link…

    Read more
  • An Information Security Place Podcast – Episode 03 for 2012
    Comments Off

    Today’s show is Michael interviewing Kevin Riggins. Kevin is an Enterprise Security Architect for a Fortune 500 financial services company. Kevin and Michael have some great conversation about Kevin’s job, what he is doing at RSA, where he blogs, the book he coauthored, etc. (look below in the show notes for links to everything). Then…

    Read more
  • An Information Security Place Podcast – Episode 02 for 2012
    Comments Off

    Thanks go to Jeremiah Grossman for sitting down with Michael for some great discussion. Jeremiah is the CTO at Whitehat Security and a very well known figure in the InfoSec industry. Jeremiah and Michael talk about Hawaii, sharks, security philosophy, RSA, stage fright, Jeremiah’s TED talk (not published as of the posting of this entry),…

    Read more
  • H.323 “hacking” without coding in 2006
    3 Comments

    Recently some news came out from NY Times and HD Moore where he was doing some targeted scanning and found a bunch of open H.323 videoconference systems open and ready for viewing. What he found was that a lot of these systems are deployed outside of the firewall on the Internet without any security and…

    Read more
  • Symantec’s latest statement on source code theft
    Comments Off

    This is from a local Houston Symantec source, but is widely available to everyone. Current on date of posting. We’ll see what shakes out. “Symantec can confirm that a segment of its source code used in two of our older enterprise products has been accessed, one of which has been discontinued. The code involved is…

    Read more
  • Security Lesson from A Mouse Story
    Comments Off

    I was going through some old blog posts, and one I found contained the following story: Mouse Story A mouse looked through the crack in the wall to see the farmer and his wife open a package. “What food might this contain?” The mouse wondered – he was devastated to discover it was a mousetrap….

    Read more
  • An Information Security Place Podcast – Episode 01 for 2012
    Comments Off

    Wow! 6 Months…and 2 job changes later, we are finally back to recording! YEAH!….Here the latest show from our intrepid hosts. Show Notes: InfoSec News Update – The Hacker News Hacking Awards : Best of Year 2011 – Link Here Japan’s Anti-Virus Virus – Link Here Nginx (pronunciation: “engine-ex”) becomes #2 web server Saudi hackers…

    Read more
  • Quit publishing my info. I said stop! Now!
    Comments Off

    My wife and I homeschool, so we include our kids in a lot of extracurricular “stuff” to hopefully keep them well-rounded. One of the things my oldest son does is take a Lego engineering class at a small local school that caters to homeschoolers. Last year, when we first signed up for the school, we…

    Read more
  • Viewing InfoSec from another angle – a personal reflection
    Comments Off

    A while back I tweeted about my acceptance of the Security Technology Advocate role at Accuvant. To be clear, I am not going to be fully transitioned into the role until Jan 1, 2012. But I have been doing some work in the new gig, and I have already experienced a lot of changes on…

    Read more
  • Be an InfoSec Berean
    Comments Off

    In the Bible (no, this is not a sermon – yes, this is InfoSec relevant), there was this group that Paul ran into called the Berean Jews. (Acts 17:10-15 if you want to look it up). These Bereans were shown in the scriptures to be diligent people who checked the facts. Verse 11 says: Now the…

    Read more
  • An Information Security Place Podcast – Episode 07-2011
    Comments Off

    Today we have an interview for you. Michael had a great time sitting down with four gentlemen (they might not all agree with that term) from SpiderLabs over at Trustwave. The aforementioned SpiderLabs folks were Nicholas Percoco (@c7five), Steve Ocepek (@nosteve), Matt Jakubowski (@jaku), and Zack Fasel (@zfasel) – those are Twitter aliases for you…

    Read more
  • An Information Security Place Podcast – Episode 06-2011
    Comments Off

    A lot of discussion in this episode. And what is more funny is Dan actually cuts Jim off on a subject. Yes, you heard it right. The famous “Web Security Minute Turned to 20 Minutes” Dan makes Jim stop talking. I guess the end of the world IS here! Oh, and Dan leads us into…

    Read more
  • An Information Security Place Podcast – Episode 05-2011
    Comments Off

    I am tired of making excuses about us being late, so here is friggin’ episode #05-2011. Have fun! Show Notes: InfoSec News Update – HouSecCon 2011 update – Registration is open – Link Here Michaels Breached due to Card Skimmers – Link Here Dropbox saga continues (and heads to the feds) – Link 1 /…

    Read more
  • An Information Security Place Podcast – Episode 04-2011
    Comments Off

    Hey, all three of us are here, and on schedule…. somebody check the temp outside Show Notes: InfoSec News Update –   TexSecConTriangle.com coming soon – HouSecCon, BSidesDFW, and LasCon Gonzales Update – Link Here Dropbox Pwnage -Link Here TX exposes 3.5 Mill records – Link Here Yet another Security Company Fail – Link Here…

    Read more
  • An Information Security Place Podcast – Episode 03-2011
    Comments Off

    So it took a bit longer this time due to scheduling, and bodily harm on Michael’s part… but we finally got another episode recorded. Enjoy. Show Notes: InfoSec News Update – HouSecCon 2011 – Call for Papers is still On The Data Breach Final Four Bracket – Link Here Watching the Fall Out….Again – RSA…

    Read more
  • An Information Security Place Podcast – Episode 02-2011
    Comments Off

    We have a little bit of innuendo humor on this episode, and we all break into some hysterics (it’s all in the geek toys section, so fast forward if you want to hear all that). Around that is some information and opinion on InfoSec stuff. We figured we would throw that in there because of…

    Read more
  • InfoSec is a Waffle (just like life)
    Comments Off

    I was running through some Twitter posts from some friends / colleagues / random InfoSec folks, and I saw one from Jack Daniel that led me to his latest blog post.  In the post, Jack quickly covers the topic of preaching to the choir and staying in our own infosec echo chamber.  He says it…

    Read more
  • An Information Security Place Podcast – Episode 01-2011
    Comments Off

    Thomas Jefferson said, “Delay is preferable to error.” Martin Luther said, “Who waits until circumstances completely favor his undertaking will never accomplish anything.” So depending on which quote you like, we either took a long time to record a new episode so we would do it right, or we are just a bunch of slackers….

    Read more

Back to Top