Blog Posts

Interview with the Infosec Institute

The folks over at the Infosec Network have recently started doing interviews with security researchers. They have interviewed some real rock stars so far ([Charlie Miller], [HD Moore], [Joanna Rutkowska], [David Litchfield], [Matthieu Suiche], [Dan Kaminsky], and [Jeremiah Grossman] ) so i was pretty flattered when they asked me.. My interview is up [here] complete with dodgy photo and embarrassingly bad answers..

Continue Reading

Nothing (really) new under the Sun – Verizon Breach Report..

The Verizon RISK Team has once again released their annual Data Breach Investigations Report. [Grab it Here] Once more, the report makes for interesting reading and this year the discussion point is bound to be the marked decline noted in compromised records (From 361 million in 2008, to 144 million in 2009, to 4 million in 2010). We will kick off a ThinkstScapes adhoc update to customers analyzing the report, but thought one of the interesting points to note was

Continue Reading

What Anonymous taught us about Cyber War

 I wrote a piece on Cyber War, and what the recent HBGary breach teaches us about the current landscape. While I still feel bad for anyone who has their mail spool exposed to the world, the HBGary mails give us an interesting insight into a part of the world seldom seen by all. Check it out [here]

Continue Reading

Our Upcoming Security Apocalypse!

(This Post was written for ITWeb for the Upcoming ITWeb Security Conference) A security guy talking about impending doom. How rare! Except I’m not talking about the next Botnet, virus or nuclear reactor destroying worm, I’m talking about the crisis of confidence that’s heading our way, and the fact that we seem completely oblivious to its arrival. We (in the field) have been building a house of cards, and some day really soon it’s going to come down around us.

Continue Reading

Eurotrash Security Podcast

The guys over at the Eurotrash Information Security Podcast had me on last week. We discussed HBGary, Thinkst, ZaCon and a bunch of other stuff.. It was pretty enjoyable (although i tried listening to myself and think its a lucky thing i dont do this too often). You can grab it [here]

Continue Reading

A freshly etched MacBook Pro (Aka – Welcome Jameel!)

A quick note to Welcome Jameel Haffejee (email) to Thinkst. Some of you might remember him as “the guy who did the Power Shell talk at Zacon2”.. (The talk was cool, but (in truth) I remember him as the guy that sponsored the coffee!) Jameel has signed up as a Developer and future world-denter, so you should be reading more of him here soon.. Hello World!

Continue Reading

Is the answer more InfoSec Conferences?

In the movie Sneakers, there is a defining moment when Robert Redford rearranges Scrabble tiles to figure out that ‘SETEC ASTRONOMY’ is actually an anagram. With this in mind, I give you: SETEC CONFER MOAN (Yo!) (Click for full size) I’m not saying that InfoSec Conferences are bad (although many a battered liver would disagree), but what i am saying is that we don’t seem to be improving our security posture at the same rate as we seem to be

Continue Reading

Shameless (aka: iTried on the Mac App Store)

On January 6th, Apple launched their Mac App Store. Pundits have taken pretty polarizing views on the store, with some hailing it as a boon to indie developers (since they can (trivially) publish to a world stage without worrying about credit card transactions) while others say that this is yet another way for Apple to exert big brother type control. I think it’s a healthy dose of both. As I mentioned in the past, Apple does have an amazing ability

Continue Reading

Anonymity loves company…

Today i did a brief interview with E-TV news on “Anonymity Systems”. Interestingly enough, the journalist started the interview determined to go down the “Anonymity is Evil!” route. I must confess to being slightly surprised by the thought. I didn’t expect such strong support for the “Anonymity allows Child Pornography” point of view. The snippet of the interview that was aired was probably only a few minutes long (I have not seen it yet), but i thought it was probably

Continue Reading

ZaCon2 & Fig Leaf Security

This weekend we held our 2nd ever ZaCon, The Conference in need of a tagline! ZaCon aims specifically at growing the South African InfoSec Research scene by giving locals a place to teach, learn and grow. The talk had people flying in from Durban, CapeTown and even Grahamstown, and almost doubled last year’s attendance. If nothing else, The coffee service was an unmistakable win! My talk this year was called “Fig Leaf Security”, and was aimed at saying some of

Continue Reading

Site Footer

Authored with 💚 by Thinkst