Blog

  • Last Week in Infosec

    July 8 – July 15, 2022 New security patches from no less than five major vendors, actively exploited vulnerabilities, ransomware, leaks, espionage and the Disneyland social media debacle – here’s your weekly infosec news summary. Vulnerabilities and Exploits 5 major manufacturers release security updates Last week, security patches were released for various products from Citrix,…


  • Last Week in Infosec

    1st July – 8th July 2022 Wether you’re a CISO, Ethical Hacker or part of a security team – staying on top of the latest news is likey part of your responsibilities. To make it easier and less time consuming, we’ve went ahead and compiled the most interesting events of last week for you. News…


  • Last Week in Infosec

    24. June to 01. July 2022 No week goes by with something new to report on in the infosec world. Let’s take a look at some of the more noteworthy infosec activities that happened this week. News on Vulnerabilities & Attacks Users Push for Updates after Splunk Patches Critical Flaws Splunk, a company that provides…


  • Weekly Infosec News Summary

    Let’s examine the most recent cyber events that have occurred recently in different parts of the world. Vulnerabilities & Attacks News Critical PHP vulnerability opens QNAP NAS devices to remote attacks This week in infosec news, a critical PHP vulnerability was discovered that exposes QNAP NAS devices to remote attacks.[1] A vulnerability in the web…


  • Resurrecting my old ghost blog

    Ghost (CMS) is nice and I’ve used it for a couple years but with the start of my company my blog got less attention, got broke and went offline, never to be fixed. In summary, running ghost yourself is work. Not necessarily a ton of work but work nontheless. So I decided to resurrect my…


  • WBP#1 – All New Weekly Bucket Post

    Since I can’t bring myself to write full blown blog posts on a regular basis, let’s try to do something else. I will attempt to publish a short blogpost every friday about all the small things that I encountered during the last week. PFX Certificates –After finally receiving confirmation that our code signing certificate has…


  • HashtagSecurity will be back…

    To those of you who actually follow my blog and have noticed that it’s become rather quiet recently – I’m sorry. The reason for this is that I’ve put all my efforts into the new company blog, which is exactly where all my new posts went. I’ve started hashtagsecurity.com to write about infosec topics and…


  • Server Patching with unattended-upgrades

    I can’t believe I haven’t written about this yet. Unattended upgrades are a great way to keep your servers up to date, but there are a few things that didn’t work out of the box, so here is a summary of how my patch process is set up. Why unattended-upgrades? To be honest, running upgrades…


  • Lynis Enterprise – The 2nd Encounter

    This time we will dive into compliance scans and take a look at how multiple hosts are displayed. I also want to find out why I am at risk of data loss – that’s right, I still don’t know! This round, I’ll take a look at the documentation, which can be found here. RTFM if…


  • Lynis Enterprise – The 1st Encounter

    I recently got my hands on a trial of Lynis Enterprise, the commercial SaaS version of the open source Linux system auditing software Lynis. In exchange I promised to write about my experience here and share some feedback with the developers. I could spent some time with the tool and write about it afterwards, but…