Clik here to view.
Microsoft: Takedown of 153 CnCs Out of 156 is a Great Start
In an article yesterday, FireEye talks about how the recent Zeus takedown by Microsoft resulted in only 153 command-and-control domains being disabled instead of the full 156 domains. While it would be...
View ArticleClik here to view.
Are they singing or speaking, or both?
NPR attempts to provide a comical and historical look at the problem of data classification, in terms of a debate over singing and speaking Speak-singing, the murky marriage of spoken lyrics and sung...
View ArticleClik here to view.
Mac Flashback Trojan: If you use Java the time to patch your Mac is now
If you are a Mac user and you have Java installed on your Mac, then right now would be a good time to run Software Update… from the Apple menu to make sure you have installed the latest Java for Mac OS...
View ArticleClik here to view.
Root the Box – April 7th, 2012 – Chandler, AZ
Today I talked with Zachary Julian, a student at the University of Advancing Technology, about a competition called Root the Box in Chandler, AZ this weekend, April 7th. Root the Box is a computer...
View ArticleClik here to view.
Cost of a Cellphone Tap
Forbes has an interesting summary of recent ACLU work on the business of cellphone taps in America Wiretaps cost hundreds of dollars per target every month, generally paid at daily or monthly rates. To...
View ArticleClik here to view.
DirecTV and the Hogtied Remote
This post is a brief tale about my experience switching from Comcast cable services to DirecTV. While I didn't anticipate anything security-centric coming out of my decision, amazingly, DirecTV found...
View ArticleClik here to view.
Cloud Load Balancing Services
Load-balancers are all about availability, scalability and performance of mission critical web-based applications. Therefore, cloud load balancing services are needed to enable enterprises to migrate...
View ArticleClik here to view.
Your AT&T wireless bill may link to malware
Large outbreaks of phony AT&T wireless emails have been distributed in the last 2 days. The emails describe very large balances ($943 in the example below), that are sure to get aggravated...
View ArticleClik here to view.
Trust in Computing Research: 2 : Computing and the Internet (Audience breakdown)
In the first part of the series , we looked specifically at the general use of computing and the Internet. While some of the findings are as we had anticipated, we found several interesting results:...
View ArticleClik here to view.
Vulnerability Management Evolution: Scanning the Infrastructure
As we discussed in the Vulnerability Management Evolution introduction, the traditional vulnerability scanner focused on just infrastructure devices does not provide enough context to help...
View ArticleClik here to view.
Online Espionage: Mikko Hypponen at SecTor IT security conference
What is the present-day governmental and nation states espionage like and how should security companies treat it? How do emails with contagious attachments transform into critical privacy problems?...
View ArticleClik here to view.
iOS struggles against Linux phones
A colleague who recently returned from China told me he bought an iPad in a market for $50. He then said it really just looked like an iPad but was actually running Android. He thought it was terribly...
View ArticleClik here to view.
AppSecDC Recap: SharePoint Security 101
I’ve written about SharePoint security before and my opinion was that it’s getting much better however they have a lot of insecure stigma to shake off. Additionally, securing it can be done however it...
View ArticleClik here to view.
Incident Management
When you’re faced with an incident what do you do? Do you even realise there’s an incident? Do you ignore it? Or do you hide under the covers? All these things happen and usually the best laid plans...
View ArticleClik here to view.
No Value to Jihadist Websites?
In my experience, the forums produced information through the initial sharing of public keys for Mujahideen Secrets that led to three layers of penetration that took nearly four months. This included...
View ArticleClik here to view.
Slides & Career Kit from AppSecDC Presentation
Yesterday I had the opportunity to give another one of my infosec career talks … this time AppSecDC. In an effort to better link the general strategic advice we all usually get with more actionable...
View ArticleClik here to view.
Clik here to view.
Clik here to view.
Clik here to view.
"Digital Forensics Case Leads: Macs do need antivirus after all and Pastebin...
This week's Case Leads brought us anoutbreak of a trojan exploiting a Java flawthat has infected hundreds of thousands of Macs,several new tool releases, news (and humor) about forensic awards, and an...
View Article