Wired: How a Hacker’s Mom Broke Into a Prison—and the Warden’s Computer

Wired: How a Hacker’s Mom Broke Into a Prison—and the Warden’s Computer. “John Strand breaks into things for a living. As a penetration tester, he gets hired by organizations to attack their defenses, helping reveal weaknesses before actual bad guys find them. Normally, Strand embarks on these missions himself, or deploys one of his experienced colleagues at Black Hills Information Security. But in July 2014, prepping for a pen test of a South Dakota correctional facility, he took a decidedly different tack. He sent his mom.”

The Daily Swig: New tool searches for misconfigured Google cloud storage

The Daily Swig: New tool searches for misconfigured Google cloud storage. “A new tool is helping security researchers discover misconfigured Google data storage, as more and more businesses move their workflow over to the cloud. GCPBucketBrute – the open source tool recently released by Rhino Security – allows pen testers to discover open buckets found on the Google Cloud Platform (GCP). The tool can also determine if privilege escalation can occur on a particular cloud instance.”