twitter facebook rss

Putting FUD Back in Information Security

Posted by Martin Zinaich on May 8, 2018

FUD is Fear, Uncertainty and Doubt. A tactic well played in the early days of Information Security. I never liked it because… well you know that Boy Who Cried Wolf story, right? It appears to me that FUD is making a strong comeback. This time instead of being used to help bolster InfoSec budgets or […]

How much is a blog instance worth?

Posted by Sorin Mustaca on June 15, 2015

I wrote in the post  Do you really know who’s visiting your website? about how often hackers probe my websites. IT Security News has of today this: 5,914 blocked malicious login attempts / was 2092 on May 8th 2,182 spam comments blocked by Akismet. / was 2115 on May 8th The login attempts more than doubled in just 5 […]

Morgan Stanley — latest victim of the nightmare scenario

Posted by Kevin on January 6, 2015

Morgan Stanley

The nightmare scenario is so scary and so difficult to contain that it is best ignored. That nightmare is the rogue insider who knows your network and already has authorized access. You cannot function without such people, you can only hope they don’t go bad. The Sony incident, explains Jonathan Sanders, strategy & research officer for […]

Does the Sony hack provide a clue on how governments keep their own malware off the radar?

Posted by Kevin on December 4, 2014

On Tuesday, Reuters published an exclusive report on a new FBI alert about destructive malware. The Reuters report was low on facts but high on conjecture (much of which is quite possibly true). Have you wondered, however, why a report on a document that the reporter has seen should be so low on facts? [It […]

Hacking back – should it be a legal right for those under cyberattack?

Posted by Kevin on November 8, 2014

At the beginning of May 2013 the Dutch government proposed a new law that brought fresh impetus to an old idea: law enforcement’s right to hack back. “The controversial proposal[1],” said Dutch cyber rights organization Bits of Freedom[2], “doesn’t only allow the hacking of mobile phones and computers, it extends to spying on users and […]

Chinese national Su Bin arrested for hacking Boeing

Posted by Kevin on July 13, 2014

News emerged on Friday that a Chinese national is being held in Canada on US charges that include being involved in hacking Boeing and stealing data on the C-17 military transport plane. The man is Su Bin. He is accused of working with two unnamed Chinese nationals who live in China. The accusation is that […]

TweetDeck’s all-a-flutter

Posted by Kevin on June 12, 2014

OK, so what’s this all about? The first thing to note is the speed of TweetDeck’s reaction. As soon as they realised the problem, they shut down, fixed it, and restarted in just about one hour. So we’re safe now, yes? No, we’re never safe. All we can do is make a judgment on whether […]

The PF Chang’s breach and the lessons we should learn

Posted by Kevin on June 12, 2014

Brian Krebs reported Tuesday that fresh credit card details are being offered for sale on the internet. When he approached several banks over the details he found a common denominator: “all had been used at P.F. Chang’s locations between the beginning of March 2014 and May 19, 2014.” Contacted about the banks’ claims, the Scottsdale, […]

Watch Dogs-inspired hacking previews the internet of things

Posted by Kevin on June 11, 2014

The internet of things will be a kiddies’ playground, courtesy of Shodan. Shodan is a search engine that finds computer and server software connected to the internet rather than website content. But if those computers with that software have a known vulnerability, then any old kiddie with an exploit can get in. By way of […]

The eBay hack, the loss of 140 million records, and the PR fiasco

Posted by Kevin on May 24, 2014

There are two functions to PR: the first is to shout the good news from the hilltops, while the second is to bury the bad. When bad news hits, PR says very little. Bad news has hit eBay. It admitted Wednesday that it had been hacked – but it actually gives very little information. This […]