The Verizon RISK Team has once again released their annual Data Breach Investigations Report. [Grab it Here] Once more, the report makes for interesting reading and this year the discussion point is bound to be the marked decline noted in compromised records (From 361 million in 2008, to 144 million in 2009, to 4 million in 2010). We will kick off a ThinkstScapes adhoc update to customers analyzing the report, but thought one of the interesting points to note was …
Year: 2011
I wrote a piece on Cyber War, and what the recent HBGary breach teaches us about the current landscape. While I still feel bad for anyone who has their mail spool exposed to the world, the HBGary mails give us an interesting insight into a part of the world seldom seen by all. Check it out [here] …
(This Post was written for ITWeb for the Upcoming ITWeb Security Conference) A security guy talking about impending doom. How rare! Except I’m not talking about the next Botnet, virus or nuclear reactor destroying worm, I’m talking about the crisis of confidence that’s heading our way, and the fact that we seem completely oblivious to its arrival. We (in the field) have been building a house of cards, and some day really soon it’s going to come down around us. …
The guys over at the Eurotrash Information Security Podcast had me on last week. We discussed HBGary, Thinkst, ZaCon and a bunch of other stuff.. It was pretty enjoyable (although i tried listening to myself and think its a lucky thing i dont do this too often). You can grab it [here] …
A quick note to Welcome Jameel Haffejee (email) to Thinkst. Some of you might remember him as “the guy who did the Power Shell talk at Zacon2”.. (The talk was cool, but (in truth) I remember him as the guy that sponsored the coffee!) Jameel has signed up as a Developer and future world-denter, so you should be reading more of him here soon.. Hello World! …
In the movie Sneakers, there is a defining moment when Robert Redford rearranges Scrabble tiles to figure out that ‘SETEC ASTRONOMY’ is actually an anagram. With this in mind, I give you: SETEC CONFER MOAN (Yo!) (Click for full size) I’m not saying that InfoSec Conferences are bad (although many a battered liver would disagree), but what i am saying is that we don’t seem to be improving our security posture at the same rate as we seem to be …
On January 6th, Apple launched their Mac App Store. Pundits have taken pretty polarizing views on the store, with some hailing it as a boon to indie developers (since they can (trivially) publish to a world stage without worrying about credit card transactions) while others say that this is yet another way for Apple to exert big brother type control. I think it’s a healthy dose of both. As I mentioned in the past, Apple does have an amazing ability …