massyn The AWS Security guy

Security in a Development environment

As a security professional, you would most often be dealing with teams that are directly responsible for the security of a system. In many cases, developers will have the ability to make or break the security of their particular solutions, and in many situations, too much frustration for the security team. I have observed firsthand how adversa... Read more

Threat Modelling

Threat modeling is a process used by developers and engineers to understand the threats that exist that may exploit a weakness or vulnerability in a software application or platform. The Manifesto Before we dive into some practical threat modeling ideas, I would invite you to read the It’s a quick easy read and se... Read more

Optus breach of 2022

Optus, one of the largest telcos in Australia has suffered a major security breach, losing the sensitive information of close to 10 million Australians. A lot has been said already on the topic. I wanted to focus on the psychology behind a breach. What we know so far Like with most breaches, the actual mechanism used by the attacker will mos... Read more

The Uber Hack of 2022

It’s been a wild year for Uber which has suffered through another security breach. The reactions to the hack have been mixed, and I’ve been contemplating how to respond. Here’s my take… What happened? I’m seeing some conflicting reports of what happened, but at a high level, here’s what I’ve been able to determine. User credentials were ... Read more

Raspberry Pi Pico

Key Links Pico Pinout Pico W PinOut Documentation MicroPython examples Flash a LED Connect an LED (ground) to pin 3 (GND), and via a 220 ohm resistor to pin 5 (GP3) from machine import Pin import utime LED = Pin(3,Pin.OUT) # The Pin function takes the GP value while True: LED.toggle() utime.sleep(.1) Flash the onboa... Read more