We’re Here to Make Things Secure

While Hacking Team was cleaning up the mess, security professionals were raging on Twitter. The company was publicly shamed for its bad passwords, worse reaction and questionable business practices on social media.

But was it really necessary to post random screenshots of private emails from the 400 Gb pack, totally out of context? Or mock HT employees because of something they already knew? Dumping their source code on GitHub?

Thoughts on the recent breach at Hacking Team, privacy and responsible behavior of security professionals

Read More

Ha Ha! Business

Never Say ‘No’ to Direct Database Access

Direct access to databases is usually a privilege of DBAs and not end-users. Nonetheless, end-users have to access DBs in certain situations like generating sales reports, making ad-hoc queries, exporting data into spreadsheets and so on. From the security perspective, this is clearly not ideal, as a typical application was never designed to be utilised this way. Instead of saying ‘no’ to […]

Read More