twitter facebook rss

What makes a good CISO?

Posted by David Harley on July 9, 2016

David Harley photo

The role of the CISO is a little different to the stuff I usually post here, but my ESET colleague Stephen Cobb is currently running a research project, ‘a study of what it takes to be an effective manager of information system security for an organization.’ As part of the project, he’s running a survey, of which he […]

Stuxnet: more historical than hysterical, I hope

Posted by David Harley on June 7, 2016

David Harley photo

I don’t make a habit of using this blog to advertise another, but the article I’m going to talk about is just too long to rewrite for this blog. And in fact, I’m not generally a fan of articles that revisit antique malware that ceased to matter years or even decades ago. However, it appears […]

TeslaCrypt: We’re Sorry, Here’s the Decryption Key

Posted by David Harley on May 19, 2016

David Harley photo

Are the TeslaCrypt operators genuinely apologizing? Probably not, since it seems that they may well have moved on to CryptXXX rather than retiring to a monastery to flagellate themselves with birch twigs. However, after an ESET analyst, noticing that the TeslaCrypt project seemed to be shutting down, contacted them via the Tesla support/payment site and asked them […]

Patches (and Vulnerabilities, and Exploits)

Posted by David Harley on April 7, 2016

David Harley photo

Exploits, vulnerabilities, why patches really do matter, and thoughts on how to live with them.

Buzzwords and Booth Bunnies

Posted by David Harley on March 3, 2016

David Harley photo

RSA: looking for ideas that are really going to make a difference, rather than old ideas disguised as new buzzwords?

Daily ITsecurity Briefings: 08/12/2014

Posted by Kevin on August 12, 2014

(This is a pilot for what will hopefully become a daily service. All thoughts and opinions, advice and criticisms on content, length and design would be gratefully received – either here in the comments or by email to kevtownsend at Blatant trolling will simply be ignored.)   WHITEPAPERS & REPORTS BlackHat USA 2014 – […]

TOR: blocking C&C servers and cybercriminals

Posted by Kevin on July 27, 2014

TOR is increasingly being used by cybercriminals. Its ability to anonymize people and places makes it an attractive place to hide nefarious activity — and things like malware C&C servers. Just last week Kaspersky Lab warned that it had traced a new and sophisticated ransomware trojan (dubbed Onion for obvious reasons) to a lair in […]