Wbjwilliams

@Wbjwilliams@infosec.exchange
59 Followers
102 Following
256 Posts

BSidesLV 2025 - Call for Volunteers is OPEN!

Be part of a volunteer-organized event, put on by and for the community. Sign up @ https://volunteer.bsideslv.org

See the Volt Guide (https://bsideslv.org/volt-guide) for details on the different opportunities.

Ideas for the TDI Quiet Room at DEF CON

Diana Initiative's overall goal: We want to support the underrepresented and underserved community at DEF CON. Quiet Room: A quiet environment where people can safely have a meltdown, stim, and take time to recenter and calm down or recharge before going back out to experience more DEF CON. What we currently have: yarn, colored pencils, pens, a color printer What we need from you: ideas on quiet things to have in the room. What can you recommend we print (with a color printer or 3D printer) - specific links to specific free coloring pages, word searches, crosswords or other things which help you fidget/calm Donations of fidget toys, puzzles or other similar quiet activities Your ideas on what you might like to see in the space if we can find donors or sponsors

Google Docs

There is a company that wants to interview me on whatsapp and pay me only in cryptocurrency which i'd have to then turn into $ and put into a bank account.

They're a cryptocurrency firm - so the later is expected.

Should I presume a scam? Or that because of the large Singapore presence they don't know not to use whatsapp?

The people at Microsoft sometimes have no clue about security. This is one of those: https://arstechnica.com/security/2025/04/windows-rdp-lets-you-log-in-using-revoked-passwords-microsoft-is-ok-with-that/
Windows RDP lets you log in using revoked passwords. Microsoft is OK with that.

Researchers say the behavior amounts to a persistent backdoor.

Ars Technica
Love how Ron Gula is reminding us that for the most part what we do is successful. Too many CISOs are preaching "They sky is falling" and will fall if you don't do X, Y, and Z. And we wonder why business leaders don't listen. Those of us who lead a cybersecurity organization need to change our tune, discuss how we're enabling business growth and development which is what risk management should be all about. #Unicon.
Loving that Unicon is happening on National Unicorn Day. Sometimes my day job and my secret identity as an author collide in delightfully silly ways.
Today we're publishing a monster feature that dives deep into the initial six weeks over Elon Musk's government takeover. Our entire newsroom came together to help make this story happen. Read this culmination of our blood, sweat, and tears:

Inside Elon Musk’s ‘Digital Co...
Inside Elon Musk’s ‘Digital Coup’

Musk’s loyalists at DOGE have infiltrated dozens of federal agencies, pushed out tens of thousands of workers, and siphoned millions of people’s most sensitive data. The next step: Unleash the AI.

WIRED

The last two days I attended SecureWorld Boston. I found the following people the most worth listening to, with the freshest ideas:

Keavy Murphy
Kayla Williams
Edna Conway

Notice something? Yes, they're all women.

Our profession is very male dominated but we benefit so much from listening to the women who have overcome all the barriers of entry into our profession.

As an example of those barriers, one of the most infuriating things that ever happened to me was when I was told I couldn't hire the right candidate for the job because that person was a woman, I was forced to hire a man for the role. If I had had the resources, I would have resigned on the spot, and am very glad to no longer be associated with that organization (which I will not name as this is not about them it is about what women still face in this day and age)

The barriers for entry are very real.

Our profession NEEDS to have women's voices heard. It also needs the voices of other "minorities" heard.

I am glad SecureWorld Boston helped me hear what they had to say.