Hackers | Fabricants | Magazines | Virus / Malware
Schneier
IT Security
- Putting FUD Back in Information Security 8 mai 2018
FUD is Fear, Uncertainty and Doubt. A tactic well played in the early days of Information Security. I never liked it because… well you know that Boy Who Cried Wolf story, right? It appears to me that FUD is making a strong comeback. This time instead of being used to help bolster InfoSec budgets or […] - Windows 10 Update Disrupts Pen Input; Microsoft Offers Potentially Dangerous Fix 16 avril 2018
A recent Microsoft security update – according to Wacom’s support pages, the OS build 16299.334 – has had a rather unexpected side-effect. Many users of have been experiencing issues where drawing apps, such as Photoshop, no longer function correctly. For example, pressing the pen to the tablet device does not “draw” as it should, but […] - Information Security and the Zero-Sum Game 1 avril 2018
A zero-sum game is a mathematical representation of a situation in which each participant’s gain or loss is exactly balanced by the losses or gains of the other participant. In Information Security a zero-sum game usually references the trade-off between being secure and having privacy. However, there is another zero-sum game often played with Information […] - Google’s new Gaming Venture: A New Player? 16 mars 2018
Google in Gaming – Facts and Speculation In January 2018, game industry veteran Phil Harrison announced that he was joining Google as a Vice President and GM. With Harrison’s long history of involvement with video game companies – having previously worked with Sony and Microsoft’s Xbox division – this immediately prompted speculation and rumours about […] - Bubble Economies and the Sustainability of Mobile Gaming 9 février 2018
Old Bubbles and New Bubbles Gaming is a technology-based market, and tech markets are no strangers to economic bubbles and the effects of them bursting. The market recession of the early 2000s, most commonly known as the Dotcom Crash, is probably the biggest and most influential ‘burst bubble’ of the internet era. The Dotcom Bubble […] - GDPR Material and Territorial Scopes 8 février 2018
The new EU General Data Regulation will enter into force 25 May of this year. The GDPR contains rules concerning the protection of natural persons when their personal data are processed and rules on the free movement of personal data. The new regulation is not revolutionary but an evolution from the previous Data Protection Act 1998 […] - Uh Oh 365 10 janvier 2018
In an earlier post, I talked about how some vendors tend to push enterprises into a weaker security posture. In this post, I continue with information relating to Office 365. Microsoft’s cloud implementation of the Office suite is mind boggling in its complexity and sheer want of native connectivity. If you are using a proxy, […] - Deceit and duplicity in the pursuit of monetizing social media 7 janvier 2018
One thing I really dislike is deceit and duplicity in the pursuit of monetizing social media. LinkedIn is a prime example, especially after its acquisition by Microsoft. Ever since Nadella took the helm, Microsoft seems hell bent on monetizing anything that moves — and I think we’re just seeing the beginning with LinkedIn. LinkedIn members […] - The Gaming Industry Going Into 2018 4 janvier 2018
Is the Game Industry Today Mirroring the Landscape of the 1983 Crash? Given the industry’s early years, the continued strengthening of the economics of video games has enjoyed phenomenal longevity since its last recession. With the industry having survived two severe crashes in quick succession – in 1977 and then in 1983 – the fact […] - Credit Due Where Credit Deserved – Microsoft 21 décembre 2017
In the past, I have criticized Microsoft for the privacy invasive defaults of Win10. I failed to mention a feature that sheds a bit of light on what they collect. Beyond changing many of the settings using tools (which I highlighted here), you can actually review and delete some of the metadata being collected. If […]
TAO Security
- The Origin of the Quote "There Are Two Types of Companies" 18 décembre 2018
While listening to a webcast this morning, I heard the speaker mentionThere are two types of companies: those who have been hacked, and those who don’t yet know they have been hacked.He credited Cisco CEO John Chambers but didn’t provide any source.That didn’t sound right to me. I could think of two possible antecedents. so I did some research. I confirmed my memory and would like to present what … - The Origin of the Term Indicators of Compromise (IOCs) 25 novembre 2018
I am an historian. I practice digital security, but I earned a bachelor’s of science degree in history from the United States Air Force Academy. (1)Historians create products by analyzing artifacts, among which the most significant is the written word.In my last post, I talked about IOCs, or indicators of compromise. Do you know the origin of the term? I thought I did, but I wanted to rely on my h … - Even More on Threat Hunting 24 novembre 2018
In response to my post More on Threat Hunting, Rob Lee asked:[D]o you consider detection through ID’ing/“matching” TTPs not hunting?To answer this question, we must begin by clarifying « TTPs. » Most readers know TTPs to mean tactics, techniques and procedures, defined by David Bianco in his Pyramid of Pain post as:How the adversary goes about accomplishing their mission, from reconnaissance all the … - More on Threat Hunting 23 novembre 2018
Earlier this week hellor00t asked via Twitter:Where would you place your security researchers/hunt team?I replied:For me, « hunt » is just a form of detection. I don’t see the need to build a « hunt » team. IR teams detect intruders using two major modes: matching and hunting. Junior people spend more time matching. Senior people spend more time hunting. Both can and should do both functions.This insp … - Cybersecurity and Class M Planets 2 novembre 2018
I was considering another debate about appropriate cybersecurity measures and I had the following thought: not all networks are the same. Profound, right? This is so obvious, yet so obviously forgotten.Too often when confronting a proposed defensive measure, an audience approaches the concept from their own preconceived notion of what assets need to be protected.Some think about an information tec … - Have Network, Need Network Security Monitoring 25 octobre 2018
I have been associated with network security monitoring my entire cybersecurity career, so I am obviously biased towards network-centric security strategies and technologies. I also work for a network security monitoring company (Corelight), but I am not writing this post in any corporate capacity.There is a tendency in many aspects of the security operations community to shy away from network-cen … - Network Security Monitoring vs Supply Chain Backdoors 5 octobre 2018
On October 4, 2018, Bloomberg published a story titled “The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies,” with a subtitle “The attack by Chinese spies reached almost 30 U.S. companies, including Amazon and Apple, by compromising America’s technology supply chain, according to extensive interviews with government and corporate sources.” From the article:Since the implants were … - Firewalls and the Need for Speed 18 septembre 2018
I was looking for resources on campus network design and found these slides (pdf) from a 2011 Network Startup Resource Center presentation. These two caught my attention:This bothered me, so I Tweeted about it.This started some discussion, and prompted me to see what NSRC suggests for architecture these days. You can find the latest, from April 2018, here. Here is the bottom line for their su … - Twenty Years of Network Security Monitoring: From the AFCERT to Corelight 11 septembre 2018
I am really fired up to join Corelight. I’ve had to keep my involvement with the team a secret since officially starting on July 20th. Why was I so excited about this company? Let me step backwards to help explain my present situation, and forecast the future.Twenty years ago this month I joined the Air Force Computer Emergency Response Team (AFCERT) at then-Kelly Air Force Base, located in hot bu … - Defining Counterintelligence 22 juillet 2018
I’ve written about counterintelligence (CI) before, but I realized today that some of my writing, and the writing of others, may be confused as to exactly what CI means.The authoritative place to find an American definition for CI is the United States National Counterintelligence and Security Center. I am more familiar with the old name of this organization, the Office of the Natio …