Taking SANS FOR610 malware forensics class
The class started tonight via their vLive platform. It looks like a very interesting course. I will post comments as I go. https://www.sans.org/security-training/reverse-engineering-malware-malware-analysis-tools-techniques-54-mid –Chris
Continue reading...APT and attribution
Thursday, October 6, 2011
I read an interesting analysis of the malware involved in the March RSA breach. The analysis was done by J. Oquendo and posted over at Infosec Island. After his analysis of the malware involved he believes that “its inconclusive but points more to RBN than APT.”. Read through his analysis and see what you think. [...]
Continue reading...McAfee acquires NitroSecurity
Tuesday, October 4, 2011
Congrats to the team at, NitroSecurity. They were acquired by McAfee according to this press release today: http://www.mcafee.com/us/about/mcafee-nitrosecurity.aspx Nice job guys and girls. It’s good to see a successful exit. –Chris
Continue reading...Splunk Users Conference
Wednesday, July 6, 2011
For those Splunk users out there the 2011 Splunk Users Conference will be August 15 – 17 in San Francisco. http://www.splunk.com/view/SP-CAAAFCW I’ve been a big fan of Splunk for a number of years. Somtimes you just want to search your logs and create / modify the queries on the fly. Splunk gives [...]
Continue reading...RIM fix your Blackberry S/MIME experience, please?
Sunday, June 19, 2011
From a mobile device in the enterprise standpoint RIM’s Blackberry devices are extremely popular. Also in the government and military circles it’s a very common platform. There is even a STIG (Security Technical Implementation Guide) published by DISA (Defense Information Systems Agency) to secure the Blackberry Enterprise Server. So why then is the experience so [...]
Continue reading...My new job: Fighting APT at RSA
Saturday, June 18, 2011
Starting Monday July 11th I will be working with a newly formed group at RSA / EMC that is focused on APT and SMT. For 3 years I have been on the front lines of this fight as the IT Security Manager for MIT Lincoln Laboratory, a Federally Funded Research and Development [...]
Continue reading...Some things to look for in your SecurID / Remote Access logs
Wednesday, June 15, 2011
The RSA SecurID token has arguably been the defacto second factor authenticator for many years. Despite the recent breach at RSA I do not see many organizations moving to alternate vendors or other second factor technologies, like PKI / SmartCards or telephone based solutions. In the wake of the RSA breach most companies [...]
Continue reading...Call for papers — eCrime Researchers Summit
Sunday, June 12, 2011
For those so inclined The sixth annual APWG eCrime Researchers Summit call for papers is out, as part of eCrime ’11. eCRS 2011 will bring together academic researchers, security practitioners, and law enforcement to discuss all aspects of electronic crime and ways to combat it, Topics of interests include (but are not limited to): [...]
Continue reading...- Record IM video on the network?
- WoW adds 2 factor authentication
- New blog theme
- Twitter + Security = Security Twits
- Security for Web Meetings?
- 3 open InfoSec positions at MIT Lincoln Laboratory
- NAC Panel Discussion: What is the state of NAC?
- ICANN shutting down a Chinese registrar?
- Shoot yourself in the foot in any language
- MIT Lincoln Lab Network Security Software
- Your favorite Mac apps? (8)
- Should I renew my CISSP? (7)
- NAC Panel Discussion: What is the state of NAC? (6)
- Is Data Leak Prevention the next “big thing” in security? (6)
- NitroSecurity files for IPO (5)
- Whitedust.net called it quits? (5)
- Over reliance on industry analysts (4)
- VA loses another PC…36,000 at risk (4)
- Stopping 100% of web proxies? (4)
- Juniper launches a switch line (4)
- APT and attribution
- McAfee acquires NitroSecurity
- RIM fix your Blackberry S/MIME experience, please?
- Some things to look for in your SecurID / Remote Access logs
- WPScan – WordPress Security Scanner
- Do you digitally sign email?
- Giving a presentation on APT tonight in Manchester, NH
- RSA Security breached by APT
- New mass-mailing worm spreading like crazy – VBMania
- Intel to acquire McAfee for $7.7 Billion
Latest Videos
InfoSecPodcast tweets
3 weeks ago
Reading now
Monday, January 16, 2012
0 Comments