October 9, 2017
Prevent Unintentional Doxxing: A Standard for Sharing Private Conversations Online While Still Protecting the Innocent
Those that follow me may know that I was raised Mormon but no longer practice in the religion. As such, I participate in quite a few online forums with other people in various places of the Mormon spectrum. In these forums, private text messages or social media posts from believing and orthodox family or friends are often shared as a way to vent frustration. Most of these forums that I participate in are private, but a few are public. Nevertheless, I'm always shocked at how little the person sharing these things does to redact the text in order to protect...
August 11, 2016
Four Years In Infosec First Year In Vegas: My Thoughts On Def Con and BSidesLV
BSidesLV 2016 and Def Con 24 comprised my first experience of “Hacker Summer Camp”. I’ve now been working in information security for four years, have attended a handful of conferences, and have spoken at a number of both conferences and meetups. I personally feel that I have a good handle and understanding of the culture of the industry and mostly went into the week knowing what to expect. There were some great things and some not so great things. Here are just a few.
January 18, 2016
Patching the Human: Help Them Remember Their Security Training
Sean Cassidy, in a recent blog post explained the workings of LostPass, a phishing framework specifically targeting the popular password manager LastPass. In it, he perfectly articulated an idea that has been bouncing around my mind for a couple of months:
October 13, 2015
Introducing Gavel
This article was originally posted on and has been republished with permission.
October 8, 2015
Identifying Phishing Attack Vectors Using dnstwist and Splunk
This article was originally posted on and has been republished with permission.