You have been living under a rock if you haven’t heard of the Turkish hack a couple of days ago. Basically – a Turkish hacker forum that bolsters a strong anti-Israeli attitude has been practicing hacking and mostly defacing Israeli sites for the past few months (years). Now, this is nothing new, and as I [...]
Posts Tagged ‘press’
Cyber[FUD]Fare – repost from fudsec.com
As promised – here is the “official” cross-post from my guest appearance on fudsec.com. Enjoy! I’ve been intravenously fed with FUD for as long as I’ve been in the business. The main strategy for understanding that you are facing FUD is to realize that there is a financial motivation behind the FUD-spreading entity. This has [...]
ExoticLiability podcast interview
OK, so a quick shameless plug for me and a couple of good friends at EL: I had the pleasure of throwing it all out with the ExoticLiability crew over the weekend, which ended up in a pretty cool podcast. Check it out at www.exoticliability.com (episode 51). May not be completely safe for listening to at [...]
ExcaliburCon summary and general China notes
So, It’s been quite some time since ExcaliburCon has been concluded, and I have been delaying this post due to some other work related activities that jumped on me right as I landed back home. Anyway, I’ll try to cover as much as I can remember (thanks to a cumulative photographic memory of all the [...]
(Hebrew) Information Risk Management – Israeli Insurance Industry
Just a quick cross post to an article I wrote for the Israeli Insurance Association (this one in Hebrew – an English post will be uploaded to this blog soon). The full article can be found here: http://www.igudbit.org.il/Index.asp?ArticleID=1179&CategoryID=98.
Are you LinkedIn/Facebooked/Twittered/Beboed/Viadeoed/etc?
I’ve just finished reading a great little note from Brian Krebs on the Washington Post that enabled me to “out” (don’t worry, I won’t) an incident that some of us in the security industry have been following in the last few days. One of “ours” has been hijacked on Tweeter, and the impersonator who hijacked [...]
Conficker madness – good or bad?
Just like BBC’s botnet debacle which fueled a vivid discussion amongst security circles, debating if the exposure is good (i.e., raising awareness to the threat) or bad (i.e., not really ethical, everyone knew about the ability to rent a botnet), CBS’s 60 minutes had a 15 minute spot focusing on Conficker. Check it out here: [...]
The oracle strikes again – “Browser OS” threats start to appear
Moving on from the social networking issues we outlined in the past couple of weeks, after following the predictions, and their materialization (here, here, here in the announcement of Gmail offline, here, and here), we can already see the “Browser OS”, as we dubbed it in our annual threat and predictions report, begin to materialize [...]
Fighting an infection vector with new standards – ClickJacking
If you haven’t heard yet, the newest version of Microsoft’s Internet Explorer 8 (RC1) have been endowed with support for “Anti-Clickjacking” (for more background on clickjacking, check out: http://ha.ckers.org/blog/20080915/clickjacking/). This new feature is basically an implementation for a new header (X-FRAME-OPTIONS) that is returned from a server which defines the scope of “netsing” that is [...]
BlueHat post on the state of web security
I’ve been asked to contribute once again to the Microsoft BlueHat blog, and have written a quick “state of the web security” post. Check it out, and as always, feel free to comment or discuss whether in agreement or not. The post is located here. Cheers.