Archive | Hacking & Infosec RSS feed for this section

Web Application Security – DevFest + GDay George Town 2016

Recently I was invited down to Penang for DevFest + GDay George Town 2016 to give a talk on Web Application Security. This is my 3rd year in a row attending (for a panel and last year a talk) and this year I managed to record (most of) my talk with my own camera. The […]

Tags: , , , , , , , , ,

Continue Reading · No Comments · Hacking & Infosec, Internet & Tech

On Sky News Again – Ashley Madison Hack & Leak

So I was on Sky News again recently, this time it was about the Ashley Madison hack and impending leak (which in the end, turned into a real actual leak). For those that don’t know, Ashley Madison is a website that allows people to organise liaisons in extra-marital affairs. Yah, a cheating website. Apparently they […]

Tags: , , , ,

Continue Reading · No Comments · Hacking & Infosec, Media Coverage

Less Than 4 Minutes On Sky News

Yah, that’s what I appeared for recently haha. I did a short segment on SkyNews regarding the Sony hack and the possibility of it being a North Korean cyber warfare strike. Short segment but I think we covered quite a lot of ground, I’d love to have talked about it a bit more – but […]

Tags: , , , , , ,

Continue Reading · No Comments · Hacking & Infosec, Media Coverage

Advanced Information Gathering AKA Google Hacking at HITB 2004

So this was the first real talk I gave, I’d just moved to Malaysia not long beforehand and I’d started work at NSS as the lead for the penetration testing team. We were a sponsor of Hack in the Box 2004 so we got a speakers slot, but it couldn’t be a product/company pitch it […]

Tags: , , , , , , , , , ,

Continue Reading · No Comments · Hacking & Infosec

An Anatomy Of A Hack – Weak ROOT Password

So a peaceful Sunday night, I get an odd bandwidth warning for a development/testing server that a developer recently created. It was doing some fairly immense traffic, peaking at 80mb a second and averaging about 8mb/s – definitely not normal. I tried to access the server via SSH but couldn’t connect at all, port 22 […]

Tags: , , , , , , , , ,

Continue Reading · 2 Comments · Hacking & Infosec

An Introduction To Information Security – OpenCoffeeClubKL #31

So I gave a talk about infosec stuff in July at OpenCoffeeClub KL, as it’s what I used to do for a living – people were always asking me to share a little more about it. The timing is a little odd again, as it happens. In 2011 I did 2 talks in the same […]

Tags: , , , , , , , , , , ,

Continue Reading · No Comments · Hacking & Infosec

Yah I Got Hacked – Facebook & Hotmail – Don’t Save Passwords!

So almost a year ago I got hacked, hacked real bad in fact and I literally (almost) pooped my pants – it was scary watching your whole online life disappearing before your eyes. Ironic in a way as I spend my time securing other people’s sites and lives – but often forget about my own. […]

Tags: , , , , , , , , , , ,

Continue Reading · 7 Comments · Hacking & Infosec

How To Secure Yourself Online – Twitter, Facebook, Google (Gmail) & WordPress

There’s been a lot of stories lately about fake accounts, hacking, viruses and all kinds of nasty things going on with social networks. Plus the fact that both Twitter and Facebook have recently introduced full time SSL – it’s time to get yourself secure online. If you aren’t familiar with Twitter you can check out […]

Tags: , , , , , , , , , , , , , , , ,

Continue Reading · 2 Comments · Hacking & Infosec

The KGB, CIA, Computer and Me – Cliff Stoll

This one is for all the geeks, if you’ve been into tech for a long time you’ve probably heard of Cliff Stoll and his book The Cuckoo’s Egg and his paper Stalking The Wiley Hacker. PBS made “Nova” dramatization of his book starring Cliff himself called “The KGB, CIA, Computer and Me”, and someone has […]

Tags: , , , , , , , , , ,

Continue Reading · 4 Comments · Hacking & Infosec

Information Security Certifications – L33t H4x0ring!

It’s about I got myself a new cert, it’s almost a year since I got myself OPST Certified.. OPST stands for OSSTMM Professional Security Tester, recursive eh? OSSTMM stands for Open Source Security Testing Methodology Manual. If you’ve never heard of the OSSTMM, you don’t really need this cert 😉 The OPST is a certification […]

Tags: , , , , , ,

Continue Reading · 16 Comments · Hacking & Infosec