• 14 Aug 2008

    Knowledge is power but…

    I came across this quote that applies to what we do in information security:"Knowledge is power, but enthusiasm pulls the switch" - Ivern BallIt applies to our careers and how successful we are....Knowledge is really the easy part.It also applies to how well we manage risks...It's all a matter of choice....

    Continue Reading...
  • 13 Aug 2008

    Very clever way of recovering passwords from MD5 hashes

    In his infinite wisdom, Vladimir Katalov with Elcomsoft has developed tool called MD5 Password Cracker that uses the computing power of NVIDIA graphics cards to recover passwords from MD5 hashes. Very cool. And it's free.According to Elcomsoft, for comparison, this type of cracking on a 2.2 GHz Intel Core 2 Duo E4500 processor only yields about 30 million passwords per second and around 70 million per second on Intel Core ...

    Continue Reading...
  • 11 Aug 2008

    Good recap of Black Hat Briefings

    My colleague Mike Rothman over at SecurityIncite (great blog with lots of good stuff) has a couple of posts recapping the Black Hat show from last week...I was going to go until I realized it conflicted with some family stuff...anyway, good reads:Black Hat 2008 Day 1: We're Screwed!Black Hat 2008 Day 2: Web 2.0 mayhem...

    Continue Reading...
  • 11 Aug 2008

    Back in action….

    Had to take a mini-sabbatical to handle some cool things at home...hence the disconnection over the past 3 weeks.Anyway, I'm back in action with lots of new ideas and content....AND, I'm working on my next Security On Wheels audio program - due out soon!...

    Continue Reading...
  • 01 Aug 2008

    My security content from this week

    Here's a screencast I just recorded for TechTarget that you may be interested in:Hacking Windows VistaEnjoy!As always, check out www.principlelogic.com/resources.html for all of my past articles, webcasts, podcasts, and more....

    Continue Reading...
  • 01 Aug 2008

    U.S. randomly confiscating laptops of international travelers

    Yet another reason to encrypt your hard drive...This isn't entirely new but apparently is being brought up again. I just saw on Fox News that international travelers are going to have their laptops randomly confiscated without cause. I presume that's when they're coming back in via U.S. airports.Want my laptop U.S. Customs? Go for it! You're not going to get a bleepity thing off of it...All the name of "fighting ...

    Continue Reading...
  • 25 Jul 2008

    My security content from this week

    Well, again, there is none but I've just written several pieces that'll be out soon. Have a great weekend!Until later......

    Continue Reading...
  • 25 Jul 2008

    Saved by using multiple Web scanners…again.

    I'm in the middle of a project analyzing the security of an e-commerce system. I found a lot of good stuff using WebInspect including one cross-site scripting flaw. However, the cross-site scripting issue was a little lame and next to impossible to re-create. So I decided to turn Acunetix Web Vulnerability Scanner loose on it just to see what it could find. Low and behold...four more cross-site scripting vulns! Wow.Like ...

    Continue Reading...
  • 23 Jul 2008

    $25 billion for information security gaffes?

    What if the government could come running to protect us every time we or one of our colleagues made a bad security decision - intentional or not? Imagine:setting an Allow All rule in your firewallmaking all of your databases accessible via the Internetrevoking any and all password policiesnever testing your systems for vulnerabilities....or,avoiding data backups because, well, you just can...Everything we do in life - every choice we make has ...

    Continue Reading...
  • 23 Jul 2008

    Got a kick out of this “Worry-Free Online Ordering” policy

    I just stumbled across this "worry-free" policy located on an e-commerce site. Very cute...yet sad that a lot of people think SSL and "trust seals" are all that's needed to secure sensitive information in Web apps. ***Your information is safe with us.SOME~ONLINE~STORE ensures your safety and security by employing the highest level internet security system available. All information you provide us via this web site is encrypted using an SSL ...

    Continue Reading...

Resources

Client Testimonials

“A business associate referred our company to Principle Logic when we were seeking a resource to perform vulnerability /penetration testing for our external and internal networks. We found Kevin Beaver to be professional, well informed, and easy to work with. His testing did not disrupt our networks, and his progress updates were timely.

His final report was very thorough and included security recommendations for our network environment. The executive leadership was so impressed with Kevin’s security expertise, they have extended their agreement to continue to perform periodic testing. We highly recommend Kevin Beaver and Principle Logic as a resource for network security testing.”

(IT managed services firm)
Read More

 

I’ve written/co-written 12 books on information security including one of the best-sellers of all time:


Hacking For Dummies, 8th edition penetration testing book

Tags

AI appsec basics books Career Networking careers censorship cervical instability CIO compliance coronavirus covid-19 cybersecurity data breaches discipline eagle syndrome hacking Hacking For Dummies health helmet communications incident response keynote speaker leadership NCAA football networking outsourcing passwords policy enforcement Power Four rare diseases resilience Russian hacking security security leadership security speaker social engineering speaking engagements tethered spinal cord tiktok time management underimplemented vulnerability and penetration testing web security willingness zero-based thinking

© Copyright 2001-present, Principle Logic, LLC - All Rights Reserved.