Former NSA Director Keith Alexander speaks at MIRcon 2014

Last week, I attend MIRcon, Mandiant’s conference on Advanced Persistent Threats. One of the keynote addresses was given by Keith Alexander, the former head of the NSA. I enjoyed his talk, it was a good one. What Others Are Saying Here is Kelly Jackson Higgins’ take on his talk, from an article on DarkReading. Everything…

1

I have been fighting spam for 10 years

A week and a half ago, I “celebrated” my 10th year fighting spam. I originally joined Frontbridge in July 2004, and 10 years later I am still with Frontbridge after it was acquired by Microsoft. Since that time, it has been known as: Frontbridge (how almost everyone in the email filtering community still knows us)…

2

Let’s not be too smug when others are hacked because we all do things we shouldn’t

This will be another long post. A couple of weeks ago, you may have read that the Syrian Electronic Army hacked into Forbes and posted a bunch of usernames and passwords. What you may not know is that Forbes has been fairly transparent in describing how it happened and how they plan to mitigate going…

1

Israel also looking to a cyber army national reserve

The same day I wrote my blog post US potentially looking to establish a cyber army national reserve, I stumbled across another article in the Telegraph: Israel invests millions in drive for elite cyber warriors. But unlike the US national reserve cyber version, the Israeli version is more about fighting on offense than trying to…

0

Is the term “cyberwarfare” overstating the case?

At the Virus Bulletin conference last month, Andrew Lee from ESET gave a talk entitled “Cyberwar: Reality or Weapon of Mass Distraction?” In it, Lee talks about how the term “cyberwar” is thrown around a lot these days. However, he disagreed with the use of the term because it uses inflationary language and overstates the…

0

Do tech-savvy readers practice what they preach?

While at the Virus Bulletin conference in Dallas last week, Sabina Raluca Datcu and Ioana Jelea of BitDefender gave a presentation entitled “Practise what you preach: a study on tech-savvy readers’ immunity to social engineering techiques.” In this talk, presenters spoke about a study they conducted – do tech savvy people actually have better security…

0

Israeli officials dispute claims of Stuxnet’s joint US/Israel effort

A few weeks ago, the New York Times published an article saying that the Stuxnet worm, which infected a large number of Iran’s nuclear power plants, was a joint effort between the United States and Israel.  The program began under former president George W. Bush and continued under President Obama. Last month, the Washington Post…

0

My credit card information was leaked to the Internet and all I got was this interesting eBook

This past December, private geopolitical analyst firm Stratfor was hacked when hackers from the Anonymous group broke into their servers and posted users’ passwords and credit card information online.  My credit card information was among them and I wrote a bunch of blog posts about my experience: Stratfor hacked by Anonymous – and my information…

0

Breaking into the security field

Brian Krebs is running a series on how to break into the Computer Security field. These are in response to inquiries that he receives and that these types of posts of his are very popular.  So, he went and started talking to people who are well known in the industry on what they suggest people…

0

Cyber criminals infiltrate even small businesses

I read an interesting article in the Wall Street Journal today entitled Cyber Criminals Sniff out Vulnerable Firms.  It’s a story of a small business owner in New York whose company was broken into by cyber criminals and stole $1.2 million from its bank accounts, although the owner was able to later recover about $800,000…

1

Roundup of Flame so far

I hadn’t commented on it before, but last month the Flame malware was discovered by researchers from Kaspersky.  Here’s what we know so far: Reuters originally reported that it was designed as a cyber weapon to be used against Iran.  However, it wasn’t just computer systems in Iran that were infected with Flame, but several…

0

Tough week to be LinkedIn

It’s a tough week to be LinkedIn.  Today, it’s revealed that over 6 million passwords from users of the social networking site have been leaked.  From MSN: While LinkedIn stated Wednesday morning via its Twitter account that it’s been unable to confirm reports that 6.5 million user passwords have been exposed, Sophos security firm reports…

0

Does Stuxnet, Flame, etc., unleash a Pandora’s Box?

In my previous post where I linked to an New York Times article, the last paragraph is the following: Mr. Obama has repeatedly told his aides that there are risks to using — and particularly to overusing — the weapon. In fact, no country’s infrastructure is more dependent on computer systems, and thus more vulnerable…

0

New York Times: Obama Order Sped Up Wave of Cyberattacks Against Iran

The New York Times has a front-page story today alleging that the Obama administration continued the program of cyberattacks begun by the Bush administration.  Indeed, they sped it up. In case any Microsoft lawyers are reading this post, I am alleging nothing about the US government or any malware, I am merely pointing readers to…

0

Today I saw a presentation by Kevin Mitnick

Today at work I went and saw a presentation by Kevin Mitnick, formerly known as the most wanted hacker (by the FBI) in the world.  He spent time in jail twice, the latter spending five years in prison with a full year of that in solitary confinement.  I’m going to assume that you’re familiar with…

0