Just a few brief thoughts on the initial reports of a SolarWinds Orion supply chain attack allegedly impacting a multitude of high profile government and corporate targets. We’re still waiting on quite a few important details; some great initial IOCs have been graciously provided by cybersecurity firm and attack victim FireEye. It unfortunately seems that… Read More Uh oh, Orion.
I covered the current state of industrial cybersecurity for SC Media.
A couple weeks ago, I vented my frustration as an ICS security professional at my apartment building forcibly converting to networked smart locks. My tweets were widely misinterpreted, so I’d like to talk a little bit about privacy and security aspects to consider if (when) the property you rent from decides to go “Smart”. To… Read More Security Things to Consider When Your Apartment Goes ‘Smart’
I recently read a friend’s post about her family’s catastrophic woes dealing with a hacked Apple ID account. Her story was so troubling that it inspired me to remind folks of some of a few small security things that slip through the cracks in our daily lives that can cause a profound impact on our… Read More The Biggest “Small” Personal Digital Security Mistakes
A Ready Player One major motion picture directed by Steven Spielberg is scheduled for release in March 2018, resulting in a recent resurgence of popularity of the Ernest Cline cyberpunk novel which serves as its inspiration. So, this seems like as good a time as any for me to briefly revisit the 2011 novel and… Read More The Infosec of Ready Player One – A Review
NotPetya may not have been the most sophisticated malware ever written. However, it was exceptionally effective due to the authors’ savvy exploitation of common security misconceptions and their deep understanding of poor security architecture. I want to briefly express my personal thoughts on why I found NotPetya particularly concerning and a bad omen for things… Read More Why NotPetya Kept Me Awake (& You Should Worry Too)
Through a series of eight scenarios, I’ve invited seven security and digital privacy professionals to weigh in on the fundamental question of how much of a privilege digital privacy, and the abilities to “restrict” or “remove” our digital footprint, really are.… Read More Is Digital Privacy a Privilege Of The Wealthy?
There has been extensive, emotional political debate over the use of shadow IT and misuse of mobile phones in sensitive areas by former US Secretaries of State Colin Powell and Hillary Clinton. There is a much needed and very complex discussion we must have about executive security awareness and buy-in, but due to extensive misinformation… Read More Why do Smartphones make great Spy Devices?
Around con time, I’m frequently asked ‘how to become a computer hacker’. Since it’s a delightfully non-specific question, I have decided to illustrate my response for posterity: The most critical things when getting into infosec are the right attitude, curiosity, and interest, a solid foundation of technical knowledge, and the motivation to take advantage of… Read More How to become a hacker… now with 80% more pictures.