Casey Ellis (of Bugcrowd fame) had a great post on Twitter today about security…

I was on Twitter the other day and saw someone suggest that we could fix people…

If you know anything about internet security then you likely spend a lot of your…

There are recon tools, and there are recon tools. @tomnomnom—also called…

A lot of people are surprised when I tell them that computer security isn’t…

I am often asked for my thoughts on the Bug Bounty / RECON / Asset Inventory /…

I think there are four main trends that will play out in the field of information…

I have an unpopular opinion about the security conference scene. Basically, it’s…

VPNs are more popular than ever, but I think many are confused about why they’re…

I’ve been writing a lot on ransomware recently, and wanted to comment on…

The US is currently being ravaged by ransomware. Google News Results for US Ransomware…

Since 2007 the InfoSec industry has been talking about TheBigOne™—the…

Threat modeling is a superpower. When done correctly it gives you the ability…

I just came across another post on Hacker News talking about why you shouldn’t…

I think we’ve lost the plot on disinformation. It’s not the attacks that…

Shoshana Zuboff came out with a brilliant work called Surveillance Capitalism…

Download the Slides. I presented at DEFCON’s Red Team Village on August…

I’ve been in security for over 20 years now and have received thousands of emails…

I have been following the bug bounty and security creator/influencer scenes since…

I was thinking about the recent Twitter hack the other day and thought of a simple…

Whenever the topic of Trump’s behavior towards Russia and Putin comes up,…