Daniel Cid

@danielcid

CTO/Founder at Sucuri, Inc. Also founder of the OSSEC HIDS. Open source & information security -

Canada
dcid.me
Joined February 2009
60 Photos and videos Photos and videos

Tweets

@danielcid is blocked

Are you sure you want to view these Tweets? Viewing Tweets won't unblock @danielcid.

  1. Jan 5

    Looks like was hacked (DNS hijacking). This is how their home page looked like a few min ago:

    1 reply 8 retweets 4 likes
  2. 22 Dec 2016

    Great post. Highly recommend using the free sitecheck to check if a site is blacklisted (or with hidden malware):

    Ever have someone say "But we don't have anything of value on our site anyway" as an excuse for poor security?
    2 retweets 3 likes
  3. 9 Dec 2016

    For every story about how "AV makes you a bit more vulnerable" there are hundreds not written about the infections stopped/detected by AV.

    11 replies 45 retweets 88 likes
  4. 18 Dec 2016

    NIST is deprecating 2FA via SMS.

    1 reply 1 retweet 1 like
  5. 17 Dec 2016

    Adding a phone number to your Google account can make it LESS secure: -- Good post by

    3 replies 8 retweets 7 likes
  6. 16 Dec 2016

    “There is nothing quite so useless as doing with great efficiency something that should not be done at all.” ->

    1 reply 3 likes
  7. 13 Dec 2016

    Shell upload vuln, followed by a vulnerability that allows for changing the password of other accounts. Update now.

    Joomla 3.6.5 is out fixing a high level security issue. We recommend you update as soon as possible.
    22 retweets 16 likes
  8. 9 Dec 2016

    3+ hours of downtime already. Also affecting Hostmonster and JustHost.

    BlueHost is currently down, affecting hundreds of thousands of sites.
    2 replies 3 retweets
  9. 9 Dec 2016

    BlueHost is currently down, affecting hundreds of thousands of sites.

    1 reply 14 retweets 12 likes
  10. 5 Dec 2016

    Perfect explanation of the HTTPS and "website security" issue.

    I believe in , I also believe we have a responsibility to be mindful of our messaging via
    1 like
  11. 4 Dec 2016

    My server is secure because I use SSH. Sounds silly, but most people say that for their sites: "This site is secure because of HTTPS"

    3 replies 37 retweets 33 likes
  12. 3 Dec 2016

    Go find and the rest of the team to talk website security at

    If you want more actionable website security content at feel free to track me down in vendor row. Let's get a learning group going :)
    1 reply 7 retweets 9 likes
  13. 3 Dec 2016

    It makes me sad that at there are no talks... talks to my points here: cc

    3 replies 4 retweets 12 likes
  14. 3 Dec 2016

    Ha.. be sure to find the crew crew at

    Isn't it great to reconnect with friends? The team is stoked to be here. Come get a photo with us!
    3 retweets 3 likes
  15. 3 Dec 2016

    Most compromised sites we have been cleaning up lately are using https. - HTTPS is great, but a small part of your overall security

    The idea that secures your website is what contributes to the problem of "false sense of security" with most website owners
    2 replies 22 retweets 20 likes
  16. 3 Dec 2016

    1. Be impeccable with your word. 2. Don't take anything personally. 3. Don't make assumptions. 4. Always do your best. -

    24 retweets 43 likes
  17. 1 Dec 2016

    If you insist on comparing engineering to security, it helps to think more like combat engineers, who build bridges while being shot at.

    5 replies 32 retweets 58 likes
  18. 29 Nov 2016

    Agree 100% here. Learned from experience.

    Hiring people with a strong sense of entitlement very rarely works out, no matter how good they are on other axes
    1 reply 1 like
  19. 21 Nov 2016

    Thanks to for sponsoring me again this week. After yesterday's post, they'd have a lot of exposure!

    2 replies 11 retweets 26 likes
  20. Daniel Cid followed , , and 2 others

@danielcid hasn't tweeted yet.

Loading seems to be taking a while.

Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.

    You may also like

    ·