Showing items from Posts

Management Interfaces - Attack Surface Hidden in Plain Sight

Lari Huttunen
Date : June 14, 2022
Categories : Public exposure ,External attack surface ,Cyber threat

A management interface, who is it for? Modern web-based management interfaces help with the economy of scale. If you are a software vendor making a solution, supporting it is easier with clearly defined UI options rather than debugging obscure configuration file parameters. If you are an end-user, a management interface is there to make life easier for you as well. Having a management interface helps you: deploy the solution make complex changes to it generate management level reporting for the key KPI. These features often become tender items and a vendor will find itself in a position where developing a management interface web UI is a must have instead of a nice to have. Too often features are implemented in software through a tick box comparison, since the rationale is that we must have them since our competitor has them. It doesn’t really matter, whether the features actually serve the customer and their business function or not.

Tools for Sysadmin - Managing IT Assets the Right Way

Tuomas Haarala
Date : May 24, 2022
Categories : Public exposure ,It asset management

Managing IT Assets: Where do I begin? In the previous write-up, I looked at IT asset management from a bird’s eye view. Below, we will dive into the tools and techniques for managing IT assets from a technical perspective. Which tool is the most important one to have? First and foremost, what you need to have is knowledge. This naturally includes the actual knowledge of your profession, but also knowledge of the resources and environments you have to work in. IT asset management, in a minimal technical sense, should answer these questions: What do you have? How can it be accessed? Where is it? What does it do? Access is a wider, more sensitive question; documenting access procedures with passwords and pin codes is not something that should be done as an asset management function, or even be considered. On the other hand, it’s good to keep in mind while finding out what you have: are there access methods or routes that shouldn’t be there?

A Discrete Affair

Antti Kurittu
Date : April 19, 2022
Categories : Public exposure ,Fraud ,Cyber threat

How much do you need to know about a person to fall in love with them? Do you need to see their face or touch their body to form a strong emotional bond? Or can you fall in love with someone over the telephone? A new reality show called “Love Is Blind” explores this question, having contestants exclusively talk to each other through an opaque wall and then decide whether to get married or not. Real emotions are at play as contestants fall in love with disembodied voices upon which they project all the qualities they cannot observe. Sometimes disappointments follow, such as when deep conversations are replaced with a mundane reality. The recently released Netflix documentary The Tinder Swindler explores similar themes. It details the exploits of Simon Leviev, a man of unexceptional looks, flashy clothes, and an expensive taste that left his victims with a broken heart and neck-deep in debt.