by Charles Herring | Dec 11, 2021 | blog
CVE-2021-44228 (https://nvd.nist.gov/vuln/detail/CVE-2021-44228) was released on December 10, 2021 outlining a vulnerability in Apache Foundation project Log4j (https://logging.apache.org/log4j/2.x/index.html). This vulnerability can be used by a remote attacker to...
by Charles Herring | Oct 9, 2021 | blog, InfoSec Craft
I have been fortunate enough to have the opportunity to spend October on the Big Island of Hawai’i at a friend’s home while we button up the 6.2 release of Precinct. My wife and I were able to visit the Crater Overlook at Mount Kīlauea this week. Mount Kīlauea is the...
by Charles Herring | Sep 15, 2021 | blog, InfoSec Craft
Machine Learning Driven Social Engineering talk will be given at GrrCon on 9/16/2021 at 4:30pm. Abstract Machine learning (ML) is arguably the most potent advancement in technology since atomic fission with similar benefit and risk extremes. The outcome driven nature...
by Charles Herring | Mar 23, 2021 | blog, InfoSec Craft, Law Enforcement
The 2020 Internet Crime Report from the FBI’s Internet Crime Complaint Center (IC3) has been released and can be viewed here: https://www.ic3.gov/Media/PDF/AnnualReport/2020_IC3Report.pdf. I highly recommend all in SECOPS take a moment to grok the content. I’d like to...
by Charles Herring | Feb 27, 2021 | blog, InfoSec Business, Inside WitFoo, WitFoo Story
Brewers CAP Theorem Computer Scientist, Eric Brewer, stipulated in the theorem that carries his name that you can have two out of three guarantees in distributed data storage with the guarantees being consistency, availability and partition tolerance. The limitations...
by Charles Herring | Feb 22, 2021 | blog, InfoSec How-To, WitFoo Coding
Raspberry Pi is a fantastic tool for learning and experimentation. To assist our trainers, students and partners, we have created a build of Precinct to run on a Raspberry PI4. The WitFooPi is not supported as a production appliance but is great way to have Precinct...
