Mar 22 2014

Password managers, why isn’t everyone using them already?

keep calm and carry

I am very surprised that people, still today, do not have sufficient knowledge of the existence of password managers. They make IT life so much easier for us! Think about what us security people are preaching: “You need to have a unique password for every single account”. That’s pretty rough demand, especially if the password …

Continue reading »

Permanent link to this article: http://www.securesolutions.no/password-managers-why-isnt-everyone-using-them-already/

Feb 13 2014

Video demonstration: Local File Inclusion going for Code Execution (Shell)

I’ve just done a video demonstration for SANS Spectacular Pentest Video Contest. I hope you enjoy it!

Permanent link to this article: http://www.securesolutions.no/video-demonstration-local-file-inclusion-going-for-code-execution-shell/

Dec 29 2013

Security Management for 2014

Security seems to be, for many, the idea of keeping everything clinical clean, not getting hacked and preventing introducing new risk to the equations. Well guess what, there’s no such thing as clinical clean in security, and I hate to break it to you, but IT security is about minimizing loss and reducing risk. It …

Continue reading »

Permanent link to this article: http://www.securesolutions.no/security-management-for-2014/

Dec 16 2013

Repeating success; Hacking Techniques, Exploits & Incident Handling January 2014 in Bergen (Norwegian)

Kurset som avholdes er det meget kjente “SEC504: Hacker Techniques, Exploits & Incident Handling” utviklet av den velkjente sikkerhetsguruen Ed Skoudis. Kurset gir studenten god ryggdekning til å bli sertifisert ved å bestå GCIH eksamen(GCIH – GIAC Certified Incident Handler). Det er et meget bra kurs som mange kan ha nytte av, spesielt dem som …

Continue reading »

Permanent link to this article: http://www.securesolutions.no/repeating-success-hacking-techniques-exploits-incident-handling-january-2014-in-bergen-norwegian/

May 28 2013

Setting up backup for a headless LAMP stack using Dropbox

backup

I currently run a LAMP stack, and I was in the need of a simple automatic backup process for my websites. This article will show you how you can easily implement backup for the services implemented through Dropbox, crontab and with a retention period to avoid running out of storage space.

Continue reading »

Permanent link to this article: http://www.securesolutions.no/setting-up-backup-for-a-headless-lamp-stack-using-dropbox/

May 04 2013

My reflections as a CISO

Stepping into the management role can be a daunting task. In this article I will do my best in explaining how my experience has been, going forward as a Chief Information Security Officer (“CISO”). 

Continue reading »

Permanent link to this article: http://www.securesolutions.no/my-reflections-as-a-ciso/

Mar 04 2013

It’s so easy to pick locks that only have 3 pins

These types of locks, with 3 pins, are good for newbies to learn lock picking.

Permanent link to this article: http://www.securesolutions.no/its-so-easy-to-pick-locks-that-only-have-3-pins/

Jan 04 2013

Why it’s easy being a hacker – A SQL injection case study

Finding SQL injections today is like picking apples from an apple tree. It’s very easy, and anyone can do it. Ask any hacker you want, SQL injection is everywhere. There have been many folks predicting the end of SQL Injection, however, year after year we see it in the OWASP Top 10.

Continue reading »

Permanent link to this article: http://www.securesolutions.no/why-its-easy-being-a-hacker/

Dec 23 2012

Is social engineering an actual threat?

A question was raised on a security community (security.stackexchange.com) on whether or not social engineering is still a threat. The question refers to Kevin Mitnick’s book from 2002: “The Art of Deception: Controlling the Human Element of Security” which is also featured in my web shop  The person writing the question asks if we shouldn’t be immune to …

Continue reading »

Permanent link to this article: http://www.securesolutions.no/is-social-engineering-an-actual-threat/

Nov 27 2012

SANS Hacker Techniques, Exploits & Incident Handling kommer til Bergen! (Norwegian)

I 2013 tilbyr SANS mentor basert studium her i Bergen, oppstart 6. Mars. Kurset som avholdes er det meget kjente “SEC504: Hacker Techniques, Exploits & Incident Handling” utviklet av den velkjente sikkerhetsguruen Ed Skoudis. Kurset gir studenten god ryggdekning til å bli sertifisert ved å bestå GCIH eksamen(GCIH – GIAC Certified Incident Handler). Mentor er …

Continue reading »

Permanent link to this article: http://www.securesolutions.no/sans-hacker-techniques-exploits-incident-handling-kommer-til-bergen-norwegian/

Older posts «