Posts by Guillaume Ross

7 min Haxmas

12 Days of HaXmas: What Home Alone Can Teach About Active Defense

This post is the fourth in the series, "The 12 Days of HaXmas." As you venture from the world of defense, including protecting and monitoring systems, into the realm of active defense, who can be your mentor? Who can make you as cool as Frosty? Does anyone know enough about active defense to make a movie out of it? OF COURSE! Macaulay Culkin is the mentor you are looking for. More precisely, Kevin McCallister [], from the Home Alone fra

12 min Apple

Reduced Annoyances and Increased Security on iOS 9: A Win Win!

Introduction Early this year, I posted an article [/2015/02/26/the-gif-guide-to-ios-security] on iOS Hardening that used animated GIFs to explain most of the recommended settings. Since then, iOS 9 was released, bringing along many new features [], including better support for Two-Factor Authentication, as iMessage and FaceTime now work without the need for app-specific passwords, and as your trusted devices now automatically get trusted when you authentic

4 min Microsoft

Microsoft Attack Surface Analyzer (ASA): It's for defenders too!

Attack Surface Analyzer [], a tool made by Microsoft and recommended in their Security Development Lifecycle Design Phase [], is meant primarily for software developers to understand the additional attack surface [] their products add to Windows systems. As defenders, this tool can be very useful. The tool is meant to identify changes on

2 min

Are you really protected against Group Policy Bypass and Remote Code Execution? MS15-011 & MS15-014

In February, Microsoft published two hotfixes to address issues with Group Policies. * Microsoft Security Bulletin MS15-011 - Critical [] * Microsoft Security Bulletin MS15-014 - Important [] Together, these patches address the following issues: * CVE-2015-0008 MS15-011: Vulnerability in Group Policy Could Allow Remote Code Execution (3000483) | Rapid7 [h

5 min Apple

Top 10 list of iOS Security Configuration GIFs you can send your friends and relatives

Easily share these animated iOS Security tips with friends and relatives! While iOS is generally considered to be quite secure, a few configuration items can improve its security. Some changes have very little functionality impact, while others are more visible but probably only needed in specific environments. This guide contains some of the most important, obvious ones, and contains a GIF for each configuration step to be taken. If you already know everything about iOS security, use this a