Archive | Security RSS feed for this section
APT and attribution
I read an interesting analysis of the malware involved in the March RSA breach. The analysis was done by J. Oquendo and posted over at Infosec Island. After his analysis of the malware involved he believes that “its inconclusive but points more to RBN than APT.”. Read through his analysis and see what you think. [...]
Continue reading...McAfee acquires NitroSecurity
4. October 2011
Congrats to the team at, NitroSecurity. They were acquired by McAfee according to this press release today: http://www.mcafee.com/us/about/mcafee-nitrosecurity.aspx Nice job guys and girls. It’s good to see a successful exit. –Chris
Continue reading...RIM fix your Blackberry S/MIME experience, please?
19. June 2011
From a mobile device in the enterprise standpoint RIM’s Blackberry devices are extremely popular. Also in the government and military circles it’s a very common platform. There is even a STIG (Security Technical Implementation Guide) published by DISA (Defense Information Systems Agency) to secure the Blackberry Enterprise Server. So why then is the experience so [...]
Continue reading...Some things to look for in your SecurID / Remote Access logs
15. June 2011
The RSA SecurID token has arguably been the defacto second factor authenticator for many years. Despite the recent breach at RSA I do not see many organizations moving to alternate vendors or other second factor technologies, like PKI / SmartCards or telephone based solutions. In the wake of the RSA breach most companies [...]
Continue reading...WPScan – WordPress Security Scanner
9. June 2011
I came across an interesting tool for us WordPress bloggers..WPScan from http://www.ethicalhack3r.co.uk/security/introducing-wpscan-wordpress-security-scanner/ WPScan is a black box WordPress Security Scanner written in Ruby which attempts to find known security weaknesses within WordPress installations. Its intended use it to be for security professionals or WordPress administrators to asses the security posture of their WordPress installations. The [...]
Continue reading...Do you digitally sign email?
2. June 2011
I’ve been a fan of digital signatures ever since I worked for a PKI company (CertCo) back in 2000. I like the idea that I can send an email and the recipient can tell if someone has tampered with it. Even though I think there have been a couple “year of PKI” it has never [...]
Continue reading...Giving a presentation on APT tonight in Manchester, NH
21. April 2011
At the last meeting of the New Hampshire chapter of ISSA the subject turned to Advanced Threats (APT, SMT, etc). This was driven mostly by the RSA announcement of their breach that happened just prior to the meeting. I was asked to put something together to share at the next meeting. Most of the presentation [...]
Continue reading...RSA Security breached by APT
17. March 2011
EMC has announced that their RSA division has been compromised. It seems the focus of the attack was information on their SecurID product. RSA in the letter from Art Coviello said: While at this time we are confident that the information extracted does not enable a successful direct attack on any of our RSA SecurID [...]
Continue reading...- Record IM video on the network?
- WoW adds 2 factor authentication
- New blog theme
- Twitter + Security = Security Twits
- Security for Web Meetings?
- 3 open InfoSec positions at MIT Lincoln Laboratory
- NAC Panel Discussion: What is the state of NAC?
- ICANN shutting down a Chinese registrar?
- Shoot yourself in the foot in any language
- MIT Lincoln Lab Network Security Software
- Your favorite Mac apps? (8)
- Should I renew my CISSP? (7)
- NAC Panel Discussion: What is the state of NAC? (6)
- Is Data Leak Prevention the next “big thing” in security? (6)
- NitroSecurity files for IPO (5)
- Whitedust.net called it quits? (5)
- Over reliance on industry analysts (4)
- VA loses another PC…36,000 at risk (4)
- Stopping 100% of web proxies? (4)
- Juniper launches a switch line (4)
- APT and attribution
- McAfee acquires NitroSecurity
- RIM fix your Blackberry S/MIME experience, please?
- Some things to look for in your SecurID / Remote Access logs
- WPScan – WordPress Security Scanner
- Do you digitally sign email?
- Giving a presentation on APT tonight in Manchester, NH
- RSA Security breached by APT
- New mass-mailing worm spreading like crazy – VBMania
- Intel to acquire McAfee for $7.7 Billion
Latest Videos
InfoSecPodcast tweets
3 weeks ago
Reading now
6. October 2011
0 Comments