Clik here to view.
Elemental: Leveraging Virtualization Technology For More Resilient &...
Yesterday saw the successful launch of Bromium at Gigamon’s Structure conference in San Francisco. I was privileged to spend some time yesterday with Stacey Higginbotham and Simon Crosby (co-founder,...
View ArticleClik here to view.
Hello to everyone who’d forgotten about Google+ until Twitter went down ;-)
Hello to everyone who'd forgotten about Google+ until Twitter went down ;-)
View ArticleClik here to view.
Cloud Fundamentals Video Series: Recoverability in the Cloud
Posted by: Tim Rains, Director, Trustworthy Computing Earlier this month, I wrote about reliability and the importance of customers knowing what measures their cloud provider has in place to deal with...
View ArticleClik here to view.
Etsy has been one of the best companies I’ve reported holes to.
Etsy has been one of the best companies I’ve reported holes to. Now this is how you do security: They had detected my requests and pushed a patch Saturday morning before I could email them. This was...
View ArticleClik here to view.
PrivateCore: Another Virtualization-Enabled Security Solution Launches…
On the heels of Bromium’s coming-out party yesterday at Gigamon’s Structure conference, PrivateCore — a company founded by VMware vets Oded Horovitz and Carl Waldspurger and Google’s Steve Weis —...
View ArticleClik here to view.
Job: CDAP – Penetration Tester in Alexandria, VA
Hey, CGI Consulting is hiring! They are looking to hire a Penetration Tester for their office in Alexandria, VA. Looks like a pretty fun job. It only requires a Security+ so we don’t imagine this...
View ArticleClik here to view.
IPv6 Day 2012 – The Aftermath
Now that we’ve had a few weeks to consider the aftermath of IPv6 Day 2012, we wanted to look into what the industry is saying are the key takeaways – so far – from this year’s event, in which thousands...
View ArticleClik here to view.
SANS Mentor brings Security 542: Web App Penetration Testing and Ethical...
I’m proud to be teaching SANS Security 542 here in Cleveland through the SANS Mentor Program beginning in August. The SANS Mentor Program allows you to save thousands on your training budget and still...
View ArticleClik here to view.
Are enterprises really hacking the hackers?
There is a highly sensational news story being circulated from the AP currently about companies hacking back at hackers... is this a good idea? Is it legal? Will it achieve anything besides causing...
View ArticleClik here to view.
Hack in Paris 2012 Wrap-Up Day #1
Back at the hotel, here we go with my wrap-up for the first day! I joined Disneyland Paris early from Belgium. It’s always frustrating for your kids when you tell them that you’ll “visit Mickey”...
View ArticleClik here to view.
Microsoft In-The-Wild Coverage – CVE-2012-1889 and CVE-2012-1875
As a security professional, there's very little I hate more than Microsoft vulnerabilities announced after patches are sent out each Microsoft Tuesday. Not only do they mean that folks like me have to...
View ArticleClik here to view.
Understanding the recent Fujitsu discrete log calculation
The recent announcement by Fujitsu Laboratories, NICT and Kyushu University researchers concerning their record-setting discrete logarithm calculation has led to all sorts of incorrect statements on...
View ArticleClik here to view.
Bromium Micro-Virtualization: New Approach to endpoint security
Bromium is emerging from stealth mode with their announcement of a $26.5 million B venture capital round, participation in GigaOm Structure, and a lengthy blog post from CTO Simon Crosby explaining...
View ArticleClik here to view.
Virus That Attacks Printers
There are some pieces of malware over the years that made one scratch their head. Like the “stoned” virus. Not really sure what the point of that was. Another example is this annoying one that causes...
View ArticleClik here to view.
A Forensic Analysis of Android Network Traffic
Lake Missoula Group’s Director of Research Eric Fulton introduces his Defcon 19 talk about Android privacy risks and security vulnerabilities emanating from smartphone apps. Hi there! My name is Eric...
View ArticleClik here to view.
Is What We Need…An OpSec K/T Boundary Extinction-Level Event?
Tens of millions of Aons (a new quantification of time based on Amazon Web Services AMI spin-ups) from now, archeologists and technosophers will look back on the inevitable emergence of Cloud in the...
View ArticleClik here to view.
Fujitsu’s crypto research claims – what does this really mean ?
In addition to Luther’s post on the topic, here’s how the recent Fujitsu results relate to our products and commentary from a world-wide recognized expert on pairing based cryptography - Prof. Dan...
View ArticleClik here to view.
Cisco releases Updates for ASA, ACE, VPN
Cisco yesterday released updates for vulnerabilities in its ASA and CATALYST line, its ACE appliances and its AnyConnect VPN client. The most severe vulnerability with a CVSS score of 9.3 is found in...
View ArticleClik here to view.
Why do Nigerian Scammers Say They are from Nigeria?
A few days ago I started a blog post with this: At the RSA SF Conference in 2010 my mother and I presented a talk called "There's No Patch for Social Engineering". One of the key findings revealed in...
View ArticleClik here to view.
Weird science for Facebook users: Ford reduces friction, improves...
Where would you go looking for a keyfree login system to get you online to your social networking accounts faster than ever? Ford Motor Corporation, of course. But do apps of this sort really improve...
View Article