OK, so a quick shameless plug for me and a couple of good friends at EL: I had the pleasure of throwing it all out with the ExoticLiability crew over the weekend, which ended up in a pretty cool podcast. Check it out at www.exoticliability.com (episode 51).
May not be completely safe for listening to at work [...]
Posts Tagged ‘press’
ExoticLiability podcast interview
ExcaliburCon summary and general China notes
So, It’s been quite some time since ExcaliburCon has been concluded, and I have been delaying this post due to some other work related activities that jumped on me right as I landed back home. Anyway, I’ll try to cover as much as I can remember (thanks to a cumulative photographic memory of all the [...]
(Hebrew) Information Risk Management – Israeli Insurance Industry
Just a quick cross post to an article I wrote for the Israeli Insurance Association (this one in Hebrew – an English post will be uploaded to this blog soon). The full article can be found here: http://www.igudbit.org.il/Index.asp?ArticleID=1179&CategoryID=98.
Are you LinkedIn/Facebooked/Twittered/Beboed/Viadeoed/etc?
I’ve just finished reading a great little note from Brian Krebs on the Washington Post that enabled me to “out” (don’t worry, I won’t) an incident that some of us in the security industry have been following in the last few days. One of “ours” has been hijacked on Tweeter, and the impersonator who hijacked [...]
Conficker madness – good or bad?
Just like BBC’s botnet debacle which fueled a vivid discussion amongst security circles, debating if the exposure is good (i.e., raising awareness to the threat) or bad (i.e., not really ethical, everyone knew about the ability to rent a botnet), CBS’s 60 minutes had a 15 minute spot focusing on Conficker. Check it out here:
On [...]
The oracle strikes again – “Browser OS” threats start to appear
Moving on from the social networking issues we outlined in the past couple of weeks, after following the predictions, and their materialization (here, here, here in the announcement of Gmail offline, here, and here), we can already see the “Browser OS”, as we dubbed it in our annual threat and predictions report, begin to materialize [...]
Fighting an infection vector with new standards – ClickJacking
If you haven’t heard yet, the newest version of Microsoft’s Internet Explorer 8 (RC1) have been endowed with support for “Anti-Clickjacking” (for more background on clickjacking, check out: http://ha.ckers.org/blog/20080915/clickjacking/).
This new feature is basically an implementation for a new header (X-FRAME-OPTIONS) that is returned from a server which defines the scope of “netsing” that is allowed [...]
BlueHat post on the state of web security
I’ve been asked to contribute once again to the Microsoft BlueHat blog, and have written a quick “state of the web security” post. Check it out, and as always, feel free to comment or discuss whether in agreement or not.
The post is located here.
Cheers.
Gear up – predictions for 2009 has begun to materialize
How about answering email messages when you are not online? Easy, right? But, if you are using a webmail account that used to be a problem; so was reading unopened messages or older messages in your inbox. Well, not anymore, Gmail Goes Offline!
The AIRC annual threat report with the 2009 predictions could not have been [...]
What’s been on people’s minds lately?
As we have been predicting (and following during 2008), the criminal’s mind is very much attuned to public mind. The current issues that everyone (well, at least a lot of us) has been dealing with are the current economical situation, and what president Obama is going to do about it. Without fail, eCriminals have been [...]