Amazon Web Services has made it easy to implement encryption-at-rest for S3 buckets, but older S3 buckets may have predated this feature enhancement. If you have a large number of buckets, this could be a tedious thing to check via the console. Here is a simple one-liner to check all… Continue reading
Search this site
Check out my other project…
- Create an EC2 that runs Chrome for sandboxed websurfing
- Check Multiple AWS S3 Buckets for Missing Default Encryption
- The Equifax Data Breach and the Apache Struts Vulnerability
- Test Early, Test Often
- Linux Hardening
- Information Security at Startup Companies
- Timestamp bash_history with every command
- Has SHA-1 been hacked?
Important security research from Google on the effectiveness of various kinds of 2FA that got a bit buried this crazy week. Among key findings, SMS 2FA was still 76% effective against highly "targeted" phishing attacks and 99% good vs. "bulk" phishing.
Many of my followers have heard me say that it will be interesting to see what IBM will do with RedHat, Read this: https://t.co/AYaguhptLT #SEC545
Just heard a speaker at a Security Conference tell the audience his password because he uses MFA. #cringe #MFApassword
#ZombieApocalypse #CRISPR https://t.co/KXMihLjFHs