Bil Corry @bilcorry

CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.

 Phoenix, AZ
linkedin.com/in/bilcorry/
Joined July 2009
  • Tweets 8,305
  • Following 139
  • Followers 776
Filter
Exclude
Time range
-
Near
Load newest
Replying to @LisaForteUK
In 2008, a woman was scammed $400k even though the bank, local police, and FBI all told her it was a scam, but she kept sending money anyway. She only stopped when the FBI threatened to arrest her if she sent more money. That’s what you’re up against. theguardian.com/technology/2…
1
1
As fun as this slow-rolling dumpster fire has been, I don't actually have the time to play "Am I enrolled in eStatements?" Pretty sure this card is headed for the "closed account" enrollment. 3/3
More confusing, I keep getting letters in the mail that say I need to enroll in eStatements, yet each time when I log in it shows I'm already enrolled ... until today, when it shows I'm not enrolled because @AskSynchrony unenrolled me without me asking. So I reenrolled. 2/3
2
Got to love @AskSynchrony account management. It says I enrolled in eStatements at the top, unenrolled in eStatements at the bottom, there's a link to unenroll which implies I'm enrolled, yet there's an ad to enroll, which implies I'm not enrolled. 1/3
1
TIL that Mavis Beacon isn't a real person. vice.com/en_us/article/kwx5a…
Replying to @ashtonkrichards @j_winterton
Maybe @RachelRecruitin knows of internships in PHX.
1
2
Replying to @vcsjones
Likely price pressure from upcoming tariffs. tomshardware.com/news/trump-…
Yes, check out the AppSec Specialist roles at @whitehatsec. That’s where I got my foot in the door in 2009 and I pivoted to PayPal in 2010. whitehatsec.com/company/care…
4
This talk at Stanford by @GiladRosner on IoT 'permission' looks to be an interesting intersection of privacy and policy. cyberlaw.stanford.edu/events…
Replying to @skamille
Nuclear option: ditch DNS and go with IP addresses instead.
Replying to @jasonhuck
They probably started with a modern design, then iterated until the CEO liked it, which ended up being mostly the old logo.
Replying to @quixotal @alexstamos @GrayManActual
One more threat is someone accessing the accounts of celebrities and politicians, either out of curiosity/fandom or on behalf of tabloids.
2
Replying to @roessler
Vigilante justice, bring your own wheel clamp? amazon.com/dp/B07MK1ZZYJ/
Replying to @NSQE
Read The Manager’s Path by @skamille. It’s targeted to engineering teams, but can apply to other teams (I’m in InfoSec). What I like most is the very practical, hands-on advice. It’s not a book of theories.
1
2
Replying to @j_winterton
The other way is to donate $500 (or more), then they’ll personally call you each election season.
Replying to @dangoodin001 @schneierblog
I’m going to chain this attack with shooting lasers out of my eyes. Just need eye lasers to make it work.
Replying to @j_winterton
Humans are terrible at risk assessment.
1
US-based companies, be sure to get proper legal advice for SMS consent. Do NOT do what @SUBWAY does, because a super-hip opt-in may not work ("Reply Y as ur sig 2agree"). tcpaworld.com/2019/10/23/tcp…
Replying to @TaliaShadwell @swagitda_
Big retailers do it too. @Target used data mining to figure out a high school student was pregnant before her father knew. forbes.com/sites/kashmirhill…
Load more