Cybersecurity
I have approximately a decade of marketing experience, mostly in owned social media and content marketing. I have also accumulated considerable experience with copywriting and SEO since 2010. My mainstream career has been spent mostly at two businesses: a digital marketing agency and the largest offensive cybersecurity firm in the world. My freelance career has been spent predominantly on my music website, The Useless Critic, which I have operated since the late 2000s. I have had bylines in the Phoenix New Times and The Spec, and I have ghostwritten for a number of publications over the years including Forbes and the Christian Science Monitor.
Cybersecurity
Historically, cybersecurity has been an industry dominated by men. But that's been changing - and here at Bishop Fox, we have some of the most badass women in the industry working with us. No matter their background or how they ended up in security, these women are all united by a true passion for helping people stay secure.
Last year was eventful (again!) in information security. Honestly, is there ever a "boring or quiet" year in infosec? Lots of research, security talks, and vulnerabilities caught our attention this past year.
It's become something of a tradition - like turkey and cranberry sauce - the past few Novembers for us to publish a list of pen testing tools we've found useful. November 2021 is no different than 2019 ( see that year's pen testing tool list) or 2020 ( see that year's pen testing tool list).
There's no shortage of OSINT tools, techniques, and other resources - in fact, there's so much stuff, it's a little overwhelming to try and sort through it all. Writing a "best of" or otherwise "cumulative" list would be a futile endeavor, so instead, we compiled 9 OSINT tools and other miscellaneous resources we find useful.
After exploiting a vulnerability and getting inside a network on an engagement, we often want to show what trophies we can collect as a way of demonstrating impact to the client. To tackle these post-exploitation efforts, we regularly leverage various tools to improve our efficiency.
No matter if you're working from home for only a period of time or you're permanently remote, you want a home workstation that makes doing your job as productive and as comfortable as possible. Well, as comfortable as one can be working and not, say, resting on the beach of a tropical island.
There's no shortage of books about security, and it can be difficult to determine which titles are worth your time. Security how-to books also run the risk of becoming outdated quickly as methodologies and techniques grow more advanced or technologies change.
Now that we are in the heart of security conference call for presentation (CFP) season, the time to act is now - actually, maybe yesterday - if you're considering submitting to any of the big-name conferences.
From the perspective of working at a security consultancy, a few of the things that we are grateful for this holiday season are: copious supplies of cold brew coffee, hacking alongside some brilliant folks, and of course, the tools we use daily that make our lives much easier.
One thing is for sure about 2020: it's a year that will stick out in our memory for the rest of our lives. Luckily, in spite of many on-site, in-person events being cancelled, many transitioned to a virtual environment. While the scene may have shifted drastically, we still saw some amazing security research, trainings, and content.
2019 (like so many years before it) has been full of noteworthy CVE releases from both independent researchers and organizations. As we end this year and start a new one, we're taking a look back at some of the vulnerabilities that made headlines, scared us a little bit, or - at the very least - stirred us to apply the appropriate patches ASAP.
DEF CON 28, aka DEF CON Safe Mode, was clearly unlike any of its predecessors as the whole conference was both a.) free and b.) completely virtual. And as such, DEF CON 28 was arguably the most accessible of DEF CONs to date.
Around this time last year, we released a list of our favorite pen testing tools for client engagements and in our own research. This year, we're updating that list with some new additions (thanks to Jim Holcumb, Matt Keeley, and Chris Davis for their help compiling this new-for-2020 list.)
The Open Web Application Security Project, or OWASP, is a nonprofit that strives to educate the cybersecurity industry (its practitioners, researchers, and developers) about prominent web application bugs and the risks they present. Every three or four years, OWASP reaches out to the companies and organizations with a high-level and wide-sweeping view of the most common and highest risk vulnerabilities for feedback on common and emerging threats.
In late 1995, the movie "Hackers" hit theaters across the United States. Although it received mixed reviews and lackluster box office sales at the time of its release, "Hackers" would go on to achieve cult classic status. Now, if you mention the quote "Hack the planet!"
We recently covered the most up-to-date list of OWASP Top 10 vulnerabilities. In subsequent future posts, we'll be discussing some of those more prominent vulnerabilities in a little more depth. Starting with cross-site scripting (XSS), the common cold of security vulnerabilities. XSS is a type of injection attack, which is another finding on the OWASP Top 10 vulnerabilities list.
Founded in 1994, Parrot has become a pioneer among companies specializing in drone technology. In 2010, they launched the world's first ready-to-fly drone controlled via smartphone, helping to cement their role in the booming drone industry over the next decade. In recent years, Parrot's primary focus has shifted to manufacturing commercial drones.
In honor of today being the spookiest day of the year, we decided to share some especially scary stories from the cybersecurity crypt. Some of these stories reflect the work our consultants have performed, and some are growing threats that the security community is currently monitoring.
Well, this feels a little like déjà vu, doesn't it? Last year, we proudly announced that we were named by CareerBuilder as a Top Company to Work For in Arizona. This year, the same is true once again.
As Google's Project Zero team stated in their must-read blog post, 2020 was a year of some serious 0-day vulnerabilities. And although we've barely scratched the surface of 2021, this year just may follow suit if the past few weeks have been any preview of things to come.
Music + Entertainment
Pop culture at its finest - or, at its worst; since 2009, the Useless Critic has been celebrating it all. Read it for yourself today!
Pop culture at its finest - or, at its worst; since 2009, the Useless Critic has been celebrating it all. Read it for yourself today!
I Support Local Community Journalism Much like the city that the band Panic Baby call home, their debut album could be likened to a phoenix rising from the ashes. It was an album that almost didn't happen. Almost. But after a torched first attempt that the band dropped by the wayside, Don't saw the light of day in October.
I Support Local Community Journalism In December, Thievery Corporation played to another sold-out crowd at the Van Buren. Now nearly two months later, on February 9, one half of that legendary electronic duo - Rob Garza, known professionally as GARZA - will make his inaugural solo performance at Crescent Ballroom.
V V Brown would be all too easy to forget about. In fact, it's tempting. She emerged on to the mainstream music radar in the late 2000s along with other similarly feisty British females, such as Lily Allen and Kate Nash.
Australian electronic-dance duo The Presets returns with a manic and upbeat track " Goodbye Future." Starting with vocalist Julian Hamilton's whispery falsetto, the song soon falls into familiar territory for The Presets. It's a grower, but it's the sort of catchy material we have come to expect from the members, who are the undeniable kings of the Down Under electro-music scene.
I Support Local Community Journalism While it might not be Santa Claus flying into town complete with one sleigh and eight reindeer, Jared & The Mill are back in the Valley to play their annual holiday show this coming weekend. And it just could be their biggest one to date - yet, at least.
Will Wiesenfeld, better known as , will be bringing his sensual electronic sound to Phoenix on . His latest album, , was released in May of last year- and, as he revealed to , there is another EP en route. The Spec: Critically speaking, Obsidian has been a well-received record.
Miscellaneous
I never type up such things for my personal writing blog or The Useless Critic - which I've actually considered pulling the plug on lately - but this time around, it felt different. When my buddy Al and I headed to Sweden in Fall 2010, we both took turns hitting up internet cafes to update The Useless Critic (and, for me, my respective Tumblr.
Books
Impeccable Kindness : Poetry from 2009 to 2020 - Kindle edition by Kemp, Britt. Download it once and read it on your Kindle device, PC, phones or tablets. Use features like bookmarks, note taking and highlighting while reading Impeccable Kindness : Poetry from 2009 to 2020.
Do Not Give Up Kid - Kindle edition by Kemp, Britt. Download it once and read it on your Kindle device, PC, phones or tablets. Use features like bookmarks, note taking and highlighting while reading Do Not Give Up Kid.
Other People's Lives - Kindle edition by Kemp, Britt. Download it once and read it on your Kindle device, PC, phones or tablets. Use features like bookmarks, note taking and highlighting while reading Other People's Lives.