-
Continue reading →: The Infosec Introvert Travel Blog(Updated 2/3/2020) So, you’ve finally landed that infosec job of your dreams! The clouds have parted and angels have descended from the sky singing Aphex Twin. Congratulations, I believed in you all along. One small problem: they say you’re going to have to travel. Maybe to a customer site. Maybe…
-
Continue reading →: The Infosec of Ready Player One – A ReviewA Ready Player One major motion picture directed by Steven Spielberg is scheduled for release in March 2018, resulting in a recent resurgence of popularity of the Ernest Cline cyberpunk novel which serves as its inspiration. So, this seems like as good a time as any for me to briefly…
-
Continue reading →: Whose Fault Is It? (A brief discussion on misconceptions about Equifax)
Our personal financial identities are exposed, and we’re mad. A sick, visceral, exhausted anger that hits us in the pit of our stomachs and makes us feel powerless. People are understandably furious about the Equifax breach- to a degree that makes it tough to have a rational discussion about what…
-
Continue reading →: Credit Card Security InfographicI commissioned the very talented artist Bryan Ward to make a good quality version of my previous credit card security infographic. This is meant as a tool to educate and inform people who post photos of their credit cards on the internet, and you may link to or repost it…
-
Continue reading →: Why NotPetya Kept Me Awake (& You Should Worry Too)NotPetya may not have been the most sophisticated malware ever written. However, it was exceptionally effective due to the authors’ savvy exploitation of common security misconceptions and their deep understanding of poor security architecture. I want to briefly express my personal thoughts on why I found NotPetya particularly concerning and…
-
Continue reading →: Consolidated Malware Sinkhole ListA common practice of researchers studying a piece of malware is to seize control of its malicious command and control domains, then redirect traffic to them to benign research servers for analysis and victim notification. I always highly recommend monitoring for traffic to these sinkholes – it is frequently indicative…
-
Continue reading →: College and Infosec: To Degree or not to Degree?So, you love to hack, and you’re going to get that dream job in infosec! Except, now what? A wide array of certification firms and colleges are willing to sell you an infosec program, with shiny advertisements and clever sales pitches. Unfortunately, college is massively expensive in the US, and…
-
Continue reading →: What’s in my (Hacking Con) bag?A number of people have asked about what I carry at a typical hacking con. In the blog below, I provide a brief overview. This article isn’t meant to be an endorsement and was in no way sponsored. Use what works for you, but I have included links for things…
-
Continue reading →: Ask Lesley InfoSec Advice Column: 2017-04-26
I was sent some very challenging scenarios this week, from entry level remote work to anonymity. As always, submit your problems here! Hi Lesley, I’ll add a little background before my question I’ve always wanted to break into the infosec industry as I love tinkering and figuring out how…
Hello,
I’m Lesley, aka Hacks4Pancakes
Nice to meet you. I’m a long-time digital forensics and incident response professional, specializing in industrial control and critical infrastructure environments. I teach, lecture, speak, and write about cybersecurity.
I’m from Chicago, living in Melbourne.
Follow Me on Social!
ai career careers certification cfp challenge coins conferences cybersecurity cybersecurity careers dfir digital forensics education featured ff giac hacking health and wellness ics incident response information security infosec infosec education iot management mastodon mentoring nation state attacks off topic osint phishing podcast privacy security security education security operations self study social media talks technology threat attribution threat intelligence university video volatility women in tech
Recent posts
Join the fun!
Stay up-to-date with my recent posts, podcasts, and blogs!
Lesley Carhart's Cybersecurity Blog 