It’s Not Who You Know, But What You Don’t Know…

I’ve discussed the issue of IT Security having access to accurate, comprehensive and up-to-date information on the IT infrastructure in previous posts, but after a recent conversation with a customer regarding incident response I wanted to revisit the subject in a somewhat oblique manner. With incident response there are two dimensions of information you need…

The Patient Hacker

It was not that many years ago that a successful security breach was based on speed. The hacker would perform reconnaissance to find the weak point in an organization’s defenses and use that as a vector to launch the attack. The attack would overwhelm resources, and before a meaningful defense could be launched by the…

There is nothing like first-hand evidence

It’s a matter of fact that when a security incident occurs, it creates artifacts and traces either in a system or network. (Locard’s Exchange Principle). The exponential growth of end-user devices and the Internet of Things has led to an unprecedented expansion of the attack surface available. As result, security incidents have moved well beyond…

Zeus Toolkit infected with a Ramnit Worm

RSA Research monitors and analyzes the malicious activity of online cybercrime infrastructures on an ongoing basis. In a recent discovery, the lab’s researchers studied the workings of a customized Zeus Trojan Admin panel, which had apparently picked up a Ramnit worm that infects any machine that installs the Zeus Panther Admin panel. A History Lesson…

I’m sorry, I don’t speak security Klingon

“I’m just a soul whose intentions are good. Oh Lord, please don’t let me be misunderstood” From Don’t Let Me Be Misunderstood by The Animals Recently, I was speaking with a customer who told us their company’s top priority for the year was increasing their information security capabilities. Their biggest competitive advantage like many other…

We’re not gonna take it!

After listening to the White House Summit on Cybersecurity and Consumer Protection last Friday, I went out to dinner with some friends in the security industry and we jokingly discussed “if the cybersecurity industry had a theme song what should it be?”  We all agreed that Twisted Sister’s “We’re not gonna take it” would be…

Microgrids and Smart Grid Resilience

Photo by Rob Ward, (Landis+Gyr): SPARKS Advisory Board and Project Team meetings January 2015 The SPARKS project team held a 3-day meeting recently, including both a 1-day workshop with the project’s advisory board and a 2-day workshop on our near-term deliverables. I spent much of my time working on the evaluation of various reference architectures, methodologies…

Secure Crypto: Leaving Insecurity Behind

There are a number of TLS protocols vulnerabilities that have been discovered in recent years. Of those there are three that can and should be prevented by design: Renegotiation Attack, Triple Handshake Attack and CRIME. The Renegotiation and Triple Handshake Attacks both rely on failures in the design of the renegotiation feature. The original Renegotiation…

Will Obama’s Cybersecurity Executive Order Make a Difference

We continue to live in a world that is exciting with new technology, easy to use, and yet allows all of us to be more effective and efficient in our business and personal lives. Yet this very ease of use of technology puts all of us at risk. President Obama and many in government and…

Covert Two Factor Authentication: What you can’t see can secure you

We hear a lot about the importance of two factor authentication these days. How every major consumer application – from Gmail to Facebook to Dropbox – offers “stronger than password” protection by using a second factor methodology. Of course, this is important. A simple username and password is never enough.  Hackers guess, use brute force…