Basically the Target attack, as I understand it anyway, was to get malware on
point-of-sale systems – exfiltrate data. Does that sound familiar? It
should, it’s basically how every breach has ever occurred. Sure you can
replace malware with SQL injection or replace data with jewelry, this is how
ALL theft happens. Nothing magical here folks; see a shiny thing, find a
weakness in the thing protecting the shiny thing, exploit weakness, get shiny
thing. This shiny thing just happened to be millions of credit card numbers
but it could easily have been something else.
Like clockwork I expect there will be calls for “new controls” and
“better detection methods”. You probably predicted this, but I say
that’s all nonsense. We should actually use the methods we currently have.
Go on, give them a chance, you know you want to. “But AV failed to detect
the malware” you say and... (more)
I have been in IT a really long time with an interest in technology that far
predates my career, think Commodore and Atari, and every expert I’ve ever
met had exactly one thing in common. They are all narrow minded. Sure most of
them are nice enough, some of them are even engaging and charming, but their
most fatal flaw is they assume they’ve mastered everything in their field
and have simply stopped learning. This is where it gets dangerous because
that sounds horrible and no self-respecting expert would ever admit to such a
thing but you can recognize them by their tone. “That ... (more)
I've had the pleasure of spending yesterday and today (and I'll be here
tomorrow too) at the 2010 CodeMash conference in Sandusky, at the spectacular
Kalahari resort (if you've never been here, its way worth it). We attended
the "precompiler" presentations yesterday, and have been to 3 presentations
so far today. While the conference seems very heavy on the Microsoft and Ruby
fronts (almost every presentation has had C# or Ruby code, some of them have
had both), there's a lot of good stuff to come away with anyways.
For example, the two presentations we attended yesterday discussed... (more)
No matter what facet of information security you're in, from being the CISO
down to just installing security patches and keeping up to date, there will
probably be a point where you need to see the details of a hack. Maybe it's
because you need to fingerprint what it does or how it acts on your network.
Maybe it's because you need to be able to reproduce it in a penetration test.
Either way you look at it, sometimes you just need to test something out.
Obviously, this could go one of a few ways. You could execute these hacks on
your network. This could lead to potentially bad out... (more)
By Bill Mathews
Recently (well, last night) I had the opportunity to take the Certificate of
Cloud Security Knowledge exam and just wanted to put out some of my thoughts
while they were fresh in my head. I always like to take a random sampling of
certifications. It’s fun to challenge myself (some are more challenging
than others) and it gives me a good idea of what sorts of training and
certificates I’d like my guys to have (if any). I’ve never been the
biggest fan of some of the bigger ones out there, but we’ll save that for
The bulk of the CCSK covers the Cloud ... (more)