Here’s a kick in the head. Your tax dollars at work in a way that may save you a bunch of money. The National Security Agency has voluntarily released a software reverse engineering tool called Ghidra at the RSA security conference. The NSA has been using this tool internally to take apart and analyze malicious code, and to find vulnerabilities in commercial software ...
We know that the US government is spying on us. Just how deep the surveillance goes is a question that is hard to answer. If you are one of those people who thinks this surveillance is OK because you “have nothing to hide,” I suppose you could skip this article. But here’s my question – why do you get upset when your identity is stolen by a cyber-criminal, but yet you are unmoved when your own government does the same ...
Continue Reading →
Who is Will McLauglin? The Campaign for Privacy? or Dennis Anon and Privacy.net?
I’ve been writing this blog long enough that I receive regular submissions for guest content, infographics and other sort of suggestions for article topics. As long as the submissions are legitimate and on topic, I am generally happy to post them. My next post is one of those times. My efforts at verifying the source has been an interesting ...
Continue Reading →
Today we finish our story on the history of cyber warfare.
Attributed to Edward Snowden. The target was the National Security Agency of the United States. Snowden was a former CIA employee, who, while working for Booz Allen Hamilton as a contractor to the NSA, copied and leaked NSA information, particularly the computer exploits that the NSA used abroad and in ...
Continue Reading →
Many companies and organization are moving their data repositories to the cloud, to places such as Amazon Web Services (AWS). Hopefully, if your company is moving to the cloud, you are doing a better job securing this information than the Department of Defense or the National Security Agency.
The first story involves a trove of data left on AWS servers, and discovered by security ...
Continue Reading →
Seems to be a busy summer so far. Barely finished up with WannaCry and now we are dealing with Petya. Here are some useful links
About Petya:
I have followed with great interest the ...
Continue Reading →I was a guest on Sarah Westall’s web radio program, Business Game Changers. The YouTube video is below. It’s 53 minutes, so get a beverage, sit back and enjoy.
Continue Reading →
I read an interesting article in the New York Times earlier this month, about how the United States is using cyber-warfare tactics against North Korea to slow the development of an inter-continental ballistic missile that can reach the United States. The effective range maps were startling. (see below)
It seems that Trump has inherited a cyber war program from the Obama administration that was started 3 years ago and targeted the North Korean missile development program. Since that time, there ...
Continue Reading →
This is the time of the year everyone writes either a year in review article, or a what’s coming in the new year post. Guess which one this is? I’ve been reading the pundits, and considering my own findings as a cybersecurity professional. I pulled together the following list for your review, and to help you plan where to spend your time, talent, and budget in 2017.
SHA-1 or Secure Hashing Algorithm 1 was developed in 1993 by the National Security Agency (NSA). It has been used to provide both hashing functions and digital signatures that validate that a certain document, web site, or other resource is genuine, original, and unchanged.
SHA-1 is used in common services such as SSL (secure websites) and TLS (secure email). There has been discussion about the low security of SHA-1 going back to 2005. ...
Continue Reading →