twitter facebook rss

Putting FUD Back in Information Security

Posted by Martin Zinaich on May 8, 2018

FUD is Fear, Uncertainty and Doubt. A tactic well played in the early days of Information Security. I never liked it because… well you know that Boy Who Cried Wolf story, right? It appears to me that FUD is making a strong comeback. This time instead of being used to help bolster InfoSec budgets or […]

Smoking guns and glass houses in Russia Vs Clinton

Posted by Kevin on January 7, 2017

In the ongoing saga of Russia Vs Clinton, a declassified version of the US Intelligence Community assessment of Russian involvement in the 2016 US election has now been published. But if you hoped for a smoking gun, dream on. The document states very clearly that it is primarily the agencies’ conclusions; any actual proof has […]

Magnitude – an exploit kit par excellence

Posted by Kevin on August 11, 2014

Trustwave has had sight of the inner workings and underlying infrastructure of the Magnitude exploit kit – the coming EK that is rapidly filling the gap left by Blackhole. As Blackhole declines following the arrest of its developer, Paunch, so Magnitude is increasing in popularity. Although not brand new, detailed knowledge has hitherto been sparse: its […]

The US economy is far more fragile and endangered than you might think

Posted by Kevin on July 7, 2014

In the modern world, the new weapons of war are no longer just guns and munitions, but money and intel. Intelligence is like any other weapon of war – if you have more and of better quality than the enemy, you will win. That requires acquiring knowledge of the enemy while preventing the enemy from […]

Two iPhone hackers probably behind the Oleg Pliss attacks arrested in Russia

Posted by Kevin on June 11, 2014

A Monday announcement by the Russian Interior Ministry claims that two men have been arrested following reports that iPhones have been blocked remotely and that ‘attackers’ have demanded money in order to release them. Although the Ministry announcement made no mention of non-Russian attacks, it seems almost certain that these are the same hackers behind […]

Comment spam – a growing problem

Posted by Kevin on June 9, 2014

Comment spam is a serious and worsening problem. It is the practice of commenting on a website or web service for ulterior purposes: typically for SEO promotion; to lure victims to a poisoned website holding an exploit kit; or for political purposes. To put this in perspective, my old blog ( has blocked more than […]