Career progression requires a shift of mindset. Having the wrong mindset, at the wrong time, isn’t necessarily bad, it just means that traditional career progression may not apply. Adopting the mindset of the next rung of an organizations ladder will expedite your progress. There is no ideal mindset. Each individual...

As a regular reader of the Farnam Street project, I’ve come to appreciate mental models and how they can help us make decisions. In regards to the information security industry, since we are still likely in the “pre-Galilean” period, it suffices to say that applying mental models to the way...

In Peter Thiel’s book Zero to One: Notes on Startups, or How to Build the Future, he talks about the best interview question. The question is this: “What important truth do very few people agree with you on?” Something I’ve had a gut feeling about for a while without any...

What do you think when you hear the term zero day? Most of us think of high dollar zero days that organizations such as Zerodium peddle. These types of zero days represent a minuscule amount of the zero days that one: currently exist, and two: are being released every day....

“Risk is a factor in decisions, as well as costs, interests, and even our ability to frame decisions around a risk.” - Ryan McGeehan The sole reason for ranking risk is so that decisions makers can use it as a factor for making some decision. If that risk ranking is...

Application: ForeScout CounterACT Secure Connector Operating System tested on: Windows 10 1809 (x64) Vulnerability: ForeScout CounterACT SecureConnector Local Privilege Escalation through Insecure Folder Permissions Overview: This vulnerability exists due to the permissions set on the logs directory used by the ForeScout SecureConnector application. Every several seconds, a new log entry...