Jump to content
Hak5 Forums


Active Members
  • Content count

  • Joined

  • Last visited

  • Days Won


About WaterRide

  • Rank
    Hak5 Fan
  1. GDPR

    Keen to learn how involved you or your security colleagues are in the new general data protection legislation changes at your company? Have you undertaken any external courses to help you?
  2. Dark web screenshots

    I’m due to give a presentation later this month and going to reference the dark web. I’ve never used it but wondering if anyone here does or has, and if they can share with me screenshots of what it looks like, particularly the homepage as you enter the dark web. I would like to include these images in my presentation
  3. Many of our users have access to Office 365 / SharePoint but the way it is currently configured staff are able to access everything they have been given permission to outside the corporate network. Any one here use SharePoint in business? If so, what have you done to block all (or limit) external access to Office 365 for members of designated groups. TIA
  4. Last night I was having drinks in the bar where I met and chatted to a lady. She's a graduate and currently working for Deloitte. She was fascinated with what I do and mentioned she tried to get into cyber consultancy at her firm but was put off by the men who was sexist and belittled her. She's not the first female to be put off working in this industry because of the actions of few. The old-boys networks still dominate this industry when it comes to hiring staff; and the lack of female role models in the field means a cyber security career can seem unrealistic to most. I offer mentoring and access to my network for some, but how can we encourage more women into this field? How do we change the behaviours of some (a lot of) men who still see girls as eye candy or only good for admin tasks?
  5. Security Awareness Talk For Staff

    Computer Security Day is on 30th Nov, will you be doing any awareness campaigns at your office? We are planning a week of events related to online privacy as well as protecting corporate data.
  6. We're looking to implement DLP. If you have it where you are, what are the strengths and weaknesses of DLP products you currently have?
  7. Software keylogger

    Rather than a USB, I'm looking to experiment with a software keylogger which can be discreetly loaded onto a mobile phone when the user clicks a link. Anyone tried this?
  8. The CISO Role

    Your final quote is worthwhile, thanks. I guess it shows that a contracted CISO from a consultancy may benefit from us implementing certain products (e.g. getting a bonus or cut of the sale).
  9. How to find IP address of blog visitors

    Thanks for your question and comments digininja and digip. I have blocked some random accounts, but I want to find the source. I have reported the incident to the police but they said they cannot (won't?) do anything about it. I have noticed that unless there is the risk of physical harm the police continue to ignore online trolling/abuse/harassment/bullying....etc... I was planning on doing the police's job for them. My blog is on blogger. I have used google analytics but its does not give an IP address.
  10. I have a blog and currently use google analytics to identify trends. Recently, I'm getting silly comments posted on my blog and would like to identify the source. Does anyone know how I can find the IP address of a visitor to my blog? TIA
  11. Best Password Manager?

    Just wanted to share this link if anyone is interested: http://uk.pcmag.com/password-managers-products/4296/guide/the-best-password-managers-of-2016
  12. The CISO Role

    I love meeting other InfoSec professionals at other companies as it opens my eyes to what their risk priorities are and how they educate their staff good security behaviour, for example. Recently I hmet mates in one company where they do not have a CISO per say, rather a senior manager who they report to - do you think an explicit CISO role is needed? I would say "yes" as this person is an expert and has their team's interest at heart and take ideas and concerns to the Senior Managers. Also, one company had a CISO who is contracted from an external consultancy firm - should a CISO be a permanent employee? As much a CISO should bring knowledge, does having a contracted CISO bring potential conflicts of interest (especially if they are from a consultancy firm)?
  13. Is anyone aware of a table that lists the key security frameworks (e.g. SANS Top 20, UK HMG Top10, PCI DSS, COBIT 5, ISO207001...etc...) and compares them for various key security topics such as Policies, Awareness, Patching SCADA, Vetting...etc..? I'm sure there was one around but cannot find it on the web!
  14. Uncovering trolls/cyber bullies

    Thanks for your tips. I appreciate it. I think the best course of action is for the user to report to Police and the Website for them to deal with, as y'all have mentioned. Thanks