Category: Security Research
-
When great ideas go to the wrong places
Or: why attribution is not a technical problem. TL;DR: hacking is an art and a science, computer attacks (cyber these days) are only one manifestation of an aggressor, which has very limited traits that can trace it to its origin. Relying on technical evidence without additional aspects is not enough to apply attribution, and when done…
-
Infosec conferences/talks redux
Don’t mind me, just poking my head in here to make sure the cobwebs haven’t taken over this place yet 😛 So yes – I’m going to be blogging waaay less then before because of, well, life? But I recently saw a post from Daniel Meissler who discussed how (in)effective are modern security talks at…
-
An obituary to pentesting?
I just saw a blog post in which Mike Kemp discovers the realities of 2010Â (linkedin). (disclaimer – I know Mike and love him as a person, and this is my way of poking at him a bit – no disrespect here, but pretty much the opposite) Now, go read that post (yes, I know, it’s…
-
Amazonian Trojans and Marketing Fear-Mongering
Hello there, welcome back to our scheduled programming on how to drum up clicks and views on your website “Powered by Fear Uncertainty and Doubt”. As most marketing organizations know, sometimes you need to be a little creative when coming up with news and research. You draw a target for your security researchers to hit, and…