There are recon tools, and there are recon tools. @tomnomnom—also called…

A lot of people are surprised when I tell them that computer security isn’t…

I am often asked for my thoughts on the Bug Bounty / RECON / Asset Inventory /…

I think there are four main trends that will play out in the field of information…

I have an unpopular opinion about the security conference scene. Basically, it’s…

VPNs are more popular than ever, but I think many are confused about why they’re…

I’ve been writing a lot on ransomware recently, and wanted to comment on…

The US is currently being ravaged by ransomware. Google News Results for US Ransomware…

Since 2007 the InfoSec industry has been talking about TheBigOne™—the…

Threat modeling is a superpower. When done correctly it gives you the ability…

I just came across another post on Hacker News talking about why you shouldn’t…

I think we’ve lost the plot on disinformation. It’s not the attacks that…

Shoshana Zuboff came out with a brilliant work called Surveillance Capitalism…

Download the Slides. I presented at DEFCON’s Red Team Village on August…

I’ve been in security for over 20 years now and have received thousands of emails…

I have been following the bug bounty and security creator/influencer scenes since…

I was thinking about the recent Twitter hack the other day and thought of a simple…

Whenever the topic of Trump’s behavior towards Russia and Putin comes up,…

If you want to have a productive discussion on a difficult topic, start by discarding…

I’ve been thinking a lot about this Zoom situation. It’s fascinating…

I’ve been processing my thoughts on the Zoom Security stuff for a couple…