Bil Corry @bilcorry

CISO at @sardineai. Treasurer of @OWASP Board of Directors. (he/him) qatta' mIghtaHghach.

 Phoenix, AZ
linkedin.com/in/bilcorry/
Joined July 2009
  • Tweets 8,305
  • Following 139
  • Followers 776
Filter
Exclude
Time range
-
Near
Load newest
Replying to @zbraiterman @InfosecVandana @rewtd @FooBar_testing_ @sec_tigger @joubinj @martin @owasp
Thanks!
3
Replying to @Go_SYH_In_A_Pig @kennykeil
That time Madonna uploaded a fake song on P2P networks to swear at the music pirates. mtv.com/news/1471321/madonna…
3
8
"Hello, thank you for inquiring about log4j. This company was vulnerable, however, I exploited it, took over their entire infrastructure, then patched it. This company is no longer vulnerable to log4j."
2
Replying to @m8urnett @jasonhuck
Bummer. I searched briefly and saw various advice, but it explains why I saw nothing definitive.
Replying to @jasonhuck @m8urnett
I wonder if it’s possible to move all the accounts to Personal Gmail accounts? I don’t need any of the admin features.
1
Replying to @jasonhuck @m8urnett
Just got mine too. If you have 6 or less accounts, Microsoft 365 Family at $99 per year might be an option.
Looking forward to another year with these awesome people!
owasp @owasp
25 Jan 2022
Welcome the 2022 OWASP Global Board of Directors Vandana Verma - Chair Grant Ongers - Vice Chair Glenn ten Cate - Treasurer Avi Douglen - Secretary Bil Corry - Member at Large Joubin Jabbari - Member at Large Martin Knobloch - Member at Large owasp.org/www-board/
1
5
Replying to @jasonhuck @cpeterso
“That’s the problem with randomness, you can never be sure.” dilbert.com/strip/2001-10-25
2
Replying to @robertauger
Yeah, considering it.
You know those companies that collect vendor security surveys on behalf of their clients? I just had one use the information they collected to solicit us. Pro-tip: unethical behavior is not the best way to win new clients.
1
4
@ADP I thought it was well-known at this point, but can you ask your CISO to read this article then put in a feature request to remove forced password rotation outside of evidence of compromise? Kthx! ftc.gov/news-events/blogs/te…
This grandma is my hero. insider.com/new-york-grandmo…
2
"The Giving Tree" IRL tldr; a popular massive sand dune is discovered to make beautiful blue glass, and is slowly hauled away until the dune is entirely gone. blog.newspapers.com/indianas…
Replying to @mkonda
Let me guess, their contract did not offer a warranty. It's (not?) surprising how many security contracts disclaim suitability and performance of their product/service. I always insist they either warrant their product or allow immediate termination if it fails.
1
Replying to @frgx
I’m reminded of the time that I created an endorsement of “Babysitting” for @jeremiahg. I’m pleased to see it’s still there #lulz
2
Replying to @jasonhuck @m8urnett
Or maybe the class action lawsuit will change their mind.
1
1
Replying to @m8urnett @hillbrad
I saw that a class-action lawsuit is being considered. androidpolice.com/google-gsu…
1
Replying to @billamend
I loved Marathon. There's an open-source version if you're into it. alephone.lhowon.org/
Super random, but TIL that railroad workers don't pay into Social Security, they have their own retirement program called RRB. en.wikipedia.org/wiki/Railro…
Replying to @miketracy @jeremiahg
I show this “juice jacking” video as part of my security awareness training. Then laugh and tell my audience that NO ONE calls it juice jacking. da.lacounty.gov/community/fr…
1
Load more