Anyone who thinks were are not already at war in cyber-space is just not paying attention. I have written extensively on the subject of cyber-war in this blog, most recently about the Estonian cyber-militia. A list of those articles is below the video.
On April 22, 2019, Mikko Hypponen presented a keynote address titled The Next Arms Race. A 58 minute video is included below. ...
Continue Reading →
According to the Second Amendment of the US Constitution, “A well regulated Militia, being necessary to the security of a free State, the right of the people to keep and bear Arms, shall not be infringed.” This is not a story about guns. This is a story about Kali Linux and other hacker tools. This is a story about ...
I am showing up online in places other than this blog, and I wanted to share two of the most recent mentions.
I was interviewed for an articles in Financier World magazine, and the article appears in the April 2019 issue. The article is titled Cyber posture: the value proposition of security.
I recently reported on New WordPress Security Options, and my article was picked up and republished by ...
Continue Reading →
Thank God this hasn’t happened here in the United States (yet). It is not for lack of trying by US law enforcement agencies, though. What am I talking about? Australia recently passed the controversial and totally STUPID anti-encryption law called Telecommunication & Other Legislation Amendment (Assistance & Access) Act of 2018 (TOLA).
TOLA is supposed to ...
Continue Reading →A quick Saturday digest of cybersecurity news articles from other sources.A new book uncovers the intricacies of Paul Le Roux’s cartel and how it fueled the opioid epidemic ravaging the U.S. today. This facinating story is covered in detail on the Smithsonian website. Or read Evan Ratliff’s new book The Mastermind. I did, and the ...
Continue Reading →
In our last post we singled out North Korea as a key source of cyber-war action against the United States and other countries. But they are not the only countries that the US is actively engaged with in cyber-space. On January 29, 2019, Daniel Coats, Director of National Intelligence, released a report to the Senate, titled Worldwide Threat Assessment of ...
A quick Saturday digest of cybersecurity news articles from other sources.If your computer technical support is provided by an outside vendor, you need to know this. We have warned about this problem before.
Earlier this week, an unidentified threat actor managed to launch a ransomware attack resulting in the encryption of between 1,500 to 2,000 endpoint ...
Continue Reading →
Ever feel like there should be a 12-step program for your cybersecurity career? “Hello, I’m Bob and I’m a recovering cybersecurity professional.” Doing the same old “defense in depth” stuff and still the barbarians get onto your network and wreak havoc. Remember the definition of insanity? “Doing the same thing and expecting different results.” As with any 12-step program, the first step would ...
US-Cert recently released the following warning to businesses, governmental units, and other organizations who contract their computer support to computer support companies that are known as Managed Service Providers or MSPs. An MSP provides support principally by using remote monitoring, remote access, and remote control software products. They install a monitoring tool called an “agent,” and a command and control device on the ...
We have been investigating Russian cyber-attacks this week. Today we publish a timeline of Russian cyber-activities. In the interest of space, I am publishing just the timeline with little descriptive content. I have included a download link to a PDF and spreadsheet of the timeline with more detail, and links to sources.
Notice how these cyber attacks started out in 2004 as small, unsophisticated ...
Continue Reading →