I haven't been here for a while?
What's new peeps?
Peter Skaronis 
- 13 Followers
- 38 Following
- 40 Posts
Cybersecurity Consultant, Polymath | CEO @ https://techimpossible.com | I post about #cybersecurity, #writing, #learning and #Technology
How are pedophiles allowed on mastodon?
https://www.secjuice.com/osint-mastodon-paedophile-csam-child-porn-problem/
Sergiu GatlanA new exploit chain is being used by Play ransomware affiliates to bypass ProxyNotShell mitigations and gain remote code execution on unpatched Microsoft Exchange servers through Outlook Web Access (OWA).
CrowdStrike incident responders discovered the exploit (dubbed OWASSRF) while investigating recent Play ransomware attacks where compromised Exchange servers were used to infiltrate the victims' networks.
Just figured out how to add the verified blue checkmark.
Edit your profile and next to your name add verified like this.
Edit your profile and next to your name add verified like this.
@SheHacksPurple how do you find out about infosec events in Vancouver?
I tried adding my new mastodon account on my Twitter profile. Turns out mastodon is malware.
With great power comes great responsibility.
Labelling something as malware for competitive reasons is plain wrong. Affecting public opinion my misusing cybersecurity terminology. #twitter
With great power comes great responsibility.
Labelling something as malware for competitive reasons is plain wrong. Affecting public opinion my misusing cybersecurity terminology. #twitter
Since I'm new here and this is a community, I thought I'd introduce myself.
I am originally from Greece and in the past 15 years I've lived in the UK and now Canada in the past year.
I'm working on my Jason Bourne passport collection, Greek, British and Canadian.
I've been tinkering with computers since 1993 when I built my first Intel 286 PC and have been in Cybersecurity since 2011. I've worked for different industries in Greece UK and Canada between perm roles and contracts.
One observation I've made is that we have all these wonderful standards and frameworks but small businesses are unaware of these, don't have the budget to hire a dedicated security person, and don't know where to start. At the same time vendors have entry tax to technologies like SSO and enterprise controls and don't bother for companies between 1-25 users. Not to mention the increase in SOC2 interest for SaaS companies since COVID and the gap they have to close.
I digress, so I started with ISO 27001 and business continuity planning back in 2011 working at the UK Parliament and then moved on to vulnerability management, incident response, cyber engineering setting up EDR, WAF, Microsoft Azure and loads of other stuff, internal audits and now SOC2, PCI-DSS and ISO 27001 readiness for businesses.
On the side I've been working on content to help infosec peeps to get involved with SOC2, PCI and ISO27001 and help companies achieve certification and attestation.
I am creating Notion templates for various engagements I've done in the past and still use, like CIS benchmarks, CIS controls, SOC2, NIST and others including policies, procedures and recurring activities.
A lot of stuff I've seen online talk about the theory of things but not how you actually do the thing.
I'll share more once I have something decent completed.
Let me know if you would be interested.
It's nice to be here. Fresh arrival from the blue bird.
Thanks @jerry for hosting this server.
Hello, world!