Helping people and businesses protecting what matters from cyber threats. Blog and my personal website: vladimir.jirasek.uk #Chess #Cybersecurity
28 followers 51 following 110 posts
view profile on Bluesky
In my previous article, I wrote about the inherent incompatibility of Active Directory with modern enterprise security architectures and cloud strategies. Another design vulnerability was presented at BlackHat USA on 6th August 2025. #cybersecurity vladimir.jirasek.uk/blog/2025/08...
Why ask for age? Instead ask for month and year of birth.
What’s the water temperature?
read the fine print of your insurance policies; the most important section is called “Exclusions”. It is usually cheaper to put MFA in than later not being paid the insurance claim.
These were trying to hide, unsuccessfully I might add, next to a mountain trail.
Personally, I am of opinion that was the default starting point for security hardening should be the vendor guidance; in this case Microsoft; who provide working and tested hardening settings.
How do they upgrade to new versions of Tailscale?
@emilyforlini.bsky.social
😂😂
“Sophisticated” ?
Attending today. Also joined a Lifetime member. Great event, nice venue, insightful speakers and engaging attendees. Well done @owasplondon.bsky.social and thanks to sponsors for their support.
Hey there! I was wondering if potholes are similar to IT issues if we pay road contractors per pothole / IT issue? This approach doesn’t drives improvements. After all, contractors are motivated to fix as many potholes as possible, rather than focusing on long-term quality. What do you think?
How do you learn? If podcasts are the way then have a look at my recommendations. vladimir.jirasek.uk/resources/po...
New blog post. #fintech #apple vladimir.jirasek.uk/blog/2025/05...
Nice
This quote resonates with me: “In life you don’t get what you deserve. You get what you negotiate.” Credit: Yelena in the episode 4 of Tour Friends & Neighbours
This quote resonates with me: “In life you don’t get what you deserve. You get what you negotiate.” Credit: Yelena in the episode 4 of Tour Friends & Neighbours
Our latest @rapid7.com analysis does a deep dive into the #ransomware eco-system revealing "80 active groups in Q1, 16 of them new since January 1. There are also 13 groups that were active in Q4, 2024, but have thus far been silent in 2025" www.rapid7.com/blog/post/20... #malware #cybersecurity
Well done to @troyhunt.com for owning his Mailchimp data breach. Not so much “well done” to Mailchimp for now support FIDO Passkeys yet!!
For IT managers in SME: if you want a secure yet convenient remote access to company devices, I recommend RustDesk and @tailscale.com Configure RustDesk not allow direct IP access and not to advertise anything to the Internet. The security of connection is delivered by Tailscale.
Safari keeps crashing, even after full Safari data reset. Random websites.
@nathanmcnulty.com thank you for the excellent podcast on operational groups. It’s great to see the ingenious ways to plug vast gaps that Microsoft leaves in their disjointed products.
I wanted to thank the team at Cyber Daily for the opportunity to discuss details of our latest research in which we do a deep dive into prevalent #ransomware groups, and the evolving TTPs of APT groups. www.cyberdaily.au/digital-tran... #infosec #cybersecurity
Guessing @proton.me is not monitoring BlueSky yet?
By 1935, the German judiciary had been largely transformed into an instrument of Nazi policy rather than an independent branch of government.
The Nazis replaced judges with party loyalists who would interpret and apply the law according to Nazi principles rather than traditional legal standards.
One of the coolest things about Syncthing is that it supports multiple operating systems and end-to-end encryption when needed. I’m planning to write a blog post about my journey from iCloud to Syncthing soon. Stay tuned!
Since Apple might take away Advanced Data Encryption from existing users in the UK, I’ve been on the hunt for a better alternative. And guess what? I found one. It’s called Syncthing from syncthing.net and is proudly mentioned on the SecurityNow podcast.
Nice article. The author could use Premium plan which is free for up to 3 users. Benefits from Tailscale SSH plus other features. That’s what I use at home. tailscale.com/pricing
And yes, I am a real person. What’s wrong with the commenting system at your site?
I didn’t know I am well-known? 😂😂 @tomsguide.com
What they could have done, apart from better parenting: * Set up Apple Family and add their daughter as a minor to it. * Set up iOS screen time to block changes to account and payment settings, installing new apps, and in-app purchases. What do you think?
This story resonates with me. Technology companies don’t communicate with parents sufficiently about the options available protect their family in these situations. That said, as a parent, I find it strange that it took them so long to even notice this, especially as their daughter is 8 years old.
No to TT
@proton.me Hi. Are there proton apps for Linux (I use Fedora), especially Drive, Mail proxy and Pass?
Watched it and learned a lot. I see you don’t show a prompter.
Interesting setup. Have you got a blog post / video explaining what you and why? I am interested to jump into making own videos. Thank you
website setup and a new page added: Apple resources - useful tools and videos for Apple users. Especially those migrating from Windows. vladimir.jirasek.uk/resources/ap...
Yesterday, 24th February 2025, I received the heartbreaking news that one of the cybersecurity vendors I had worked with since 2006, Skybox Security, has closed its doors. My thoughts are with all the former employees whose lives have been suddenly disrupted. vladimir.jirasek.uk/blog/2025/02...
OWASP Foundation support many initiatives. One of them, OWASP Top 10 for LLM Apps & Gen AI Agentic Security Initiative, have released an updated version of “Agentic AI - Threats and Mitigations” document. Link: genaisecurityproject.com/initiatives/ #agenticai #owasp #threatmodeling
The Series 1 of the Zero Day is behind me. Worth a watch? Yeah! And I must correct my assertion: this is not based on Mark Russinovich book of the same name.
A sunny day in our city. I feel the energy of the Spring just around the corner.
Allegedly the owner of the company “Dr. Schwartz disregarded basic security measures necessary to protect that information from malicious cyberattacks” #health #cybersecurity thanks @404media.co for the article www.404media.co/beverly-hill...
People that call for “let’s go to Mars” might instead focus their resources to “let’s fix Earth”.
Sad day for our privacy. Other governments will demand the same …
It is going to be long evening. A Netflix series based on my favourite book by @markrussinovich.bsky.social is out today!
Don’t US have Direct Debits?
If you use Signal and your threat model includes Russian state actors, make sure your version of Signal is up to date in order to harden your account against these attacks: cloud.google.com/blog/topics/...
Protect Yourself Online: Disposable Browsing & Virtual Environments
Some compromises. Makes iPhone 16 a better choice: MagSafe charging, display, GPU, camera button, macro lens. On paper the price difference £200 is much cushioned by getting discounted renewed iPhone 16 (on Amazon for £700). Of course, for many people the 16e will suffice
Make sure to check out episode 38 of "The AI Fix" podcast, which will be out later today. Other than trying to generate six-fingered gloves you'll also learn how my plans to make a fortune have been scuppered by an #AI with opinions on time travel.
My highlight of the week: your podcast.
This car is a monster. Not homologated for the EU and UK as it would not pass the basic safety requirements. Go figure why it’s passed in the US.
The UK’s secret iCloud backdoor request: A dangerous step toward Orwellian mass surveillance 📖 Read more: www.helpnetsecurity.com/2025/02/13/u... #cybersecurity #cybersecuritynews #privacy #surveillance @jirasek.uk @foresightcyber.com
Great reporting. This is an issue close to my heart and @helpnetsecurity.com published my article on this. www.helpnetsecurity.com/2025/02/13/u...
My take on this issue. Our privacy is at risk www.helpnetsecurity.com/2025/02/13/u...
My take on this issue close to heart. www.helpnetsecurity.com/2025/02/13/u...
My article on the UK - Apple battle. www.helpnetsecurity.com/2025/02/13/u...
This is wrong on so many levels. He head teacher should get a detention for violating their human rights.
This is wrong on so many levels. He head teacher should get a detention for violating their human rights.
My new article submitted to Mirko @helpnetsecurity.com and should be published this Thursday. Topic? Something close to my heart. Stay tuned ….
Our weekly #metasploit wrap-up details a module which exploits CVE-2018-15745, an unauthenticated directory traversal leading to file disclosure in Argus Surveillance DVR 4.0.0.0. www.rapid7.com/blog/post/20... #infosec #cybersecurity
What’s why I prefer Apple Secure Home Video doorbells / web cams, and also local only systems such as Unifi doorbell and cameras.
How would you compare it to DDG?
Oh man, I have so many stories about that "startup". The founder Marshall Webb spent a year harassing me because I posted a research paper on the Mirai botnet (he considered himself to be the sole authority). It later turned out his knowledge came from him personally hosting their infrastructure 1/5
Spring arriving to St Albans?
Use @DuckDuckGo search engine or browser
My new article: How DNS misconfiguration slipped Mastercard’s own RiskRecon service and presented potential risks to everyone communicating with Mastercard and using their public online services. www.linkedin.com/pulse/master...
Love Riyadh Boulevard World.
Buy more Nvidia shares. This nonsense will calm down.
A better measure of success is a distribution of wealth growth. Some could call it better distribution of wealth within a society.
New article by me published on Help Net Security: “A humble proposal: The InfoSec CIA triad should be expanded” www.helpnetsecurity.com/2025/01/16/i...
https://www.csoonline.com/article/3801734/hotel-chain-ditches-google-search-for-duckduckgo-subjected-to-fraud-attempts-daily.html
Does your browser use Google? Then you are opening yourselves to malicious links in search results, typically at the very top. Google has no interest in removing these malicious ads. Change it today https://duckduckgo.com/duckduckgo-help-pages/change-default-search-engine/
For years, I have been advising individuals and businesses not to use Google Search in their web browsers, and instead switch to DuckDuckGo search engine. Despite its unfortunate name, DuckDuckGo protects against malicious links in the ads it serves.
This article from Csonline really resonates with me as it shows how Google Search enables criminals to compromise your computers to install ransomware!
Is it time to leave Facebook and Twitter behind? Both seem rather toxic.
Get to 1500 ELO
My take on Magnus dress code stand off with FIDE: it’s the brain that matters, not how they dress. Similarly in business, look at great business leaders - they would all fail the FISE dress code, yet we all accept them. Rules must change.
My take on Magnus dress code stand off with FIDE: it’s the brain that matters, not how they dress. Similarly in business, look at great business leaders - they would all fail the FISE dress code, yet we all accept them.
My take on Magnus dress code stand off with FIDE: it’s the brain that matters, not how they dress. Similarly in business, look at great business leaders - they would all fail the FISE dress code, yet we all accept them.
@yubico.com Hi. Is there Yubikey manager app for iPhone / iPad, please?
💯👍 My favourites: accounts without admin privs (especially on windows); servers blocked from initiating connections to internet; DNS Security filtering service (I use NextDNS)
That’s what the full backups are for. I am sure you have one.
@stevenlevy.bsky.social just read your article “THE WATCHFUL INTELLIGENCE OF TIM COOK” (on Apple News so I hope the title is correct :). Tim Cook mentioned that he gets loss of emails from users. Yet his email address is not published. When I email Craig Federighi I received “non deliverable”.
Safari is free in Mac. And web apps are also free from Microsoft if you login with your Microsoft account.
Use Safari to browse and open web apps from Microsoft.
Try Spinrite. Works for me almost every time. www.grc.com/sr/spinrite....
@chess.com kudos
I first learned chess when I was 10 during a summer holiday in Slovakia. Have been playing since and making lots of mistakes. With Chess.com, I train myself with puzzles. Let’s play, or as Beth Harmon said “Давайте играть” #chess
@malwaretech.com Hi. What do you think of this malware? Would the infection be prevented if windows use did not have admin rights? www.securonix.com/blog/analyzi... Sadly, Securonix is not on BSky yet.
Our latest video covers how to get started with Tailscale on macOS, from the nuances of installation to all the ways you can use the client
Thanks for sharing the great report. It is truly shocking that in 2024, there still are organisation not being able or willing to enforce MFA on externally facing systems. 56% of initial access intrusions enabled due to missing / improper MFA…
As we close out 2024, @rapid7.com Labs reflects on a year of critical insights from #ransomware trends to exploited CVEs and #malware strains. Details of the most notable access vectors, common malware strains plus links to critical resources available here: www.rapid7.com/blog/post/20...
And it’s getting closer in break-neck speed close to 400000 km/hour.
Isn’t it amazing that using this simple tool we can still count every single human living today? Do you agree?
Is that what’s the + button is for to create a string of posts?
I knew there was a reason for me to love very dark chocolate so much!
What Banksy says…
