Press "Enter" to skip to content

Author: chrisalibby

Things I read today…

I know the title is rather boring, maybe I will think of something more exciting later.  I thought it might be worthwhile to share what I read in regards to information security today, and more importantly why.  We infosec professionals read so many blogs, newspapers, and articles today that I’m surprised we read anything for pleasure.  Hopefully this helps someone, or at least gives me a reference back to something cool I read later on.

The security problem is a people problem…surprise.

Well it’s looks like the new cyber czar is a noob in the eyes of the greater IT community all because of his “you don’t have to be a coder” comment.  First, why would one in the IT field expect someone in management to be able to configure a firewall on their own? j/k  Frankly, the cyber czar or any other management position doesn’t need a detailed IT background to succeed where the real problem exist – between the ears of everyone touching a keyboard, mouse, iPad, or smartphone.

Help prevent corporate phishing by changing your MFP’s default subject line!

It’s all too often I see a threatening email with the subject “Scanned from a Xerox Multifunction Device” which could simply be spam, but it could also carry a malicious payload.  These devices come with enough vulnerabilities as it is, and everyone who deploys them should go through all the default settings.  All too often, the leasing company brings them in and only pops in the bare minimum to get the device up and running on the network.  I try to make my rounds and customize the settings, but how many IT shops actually do.