Infosecurity Europe: 10 interesting talking points
Just weeks after one of the largest global ransomware attacks in history, Infosecurity Europe returns for its 22nd installment.
Infosecurity
Big changes in the infosec landscape: Time to take note and take action
There are big changes happening to the infosec landscape:, says ESET's Michael Aguilar. It's therefore time to take note and take action.
Why Anti-Virus is not a waste of money
It has happened before, it just happened again and it will happen in the future. It is inevitable! Some company that needs to get some press coverage or public visibility will release yet another statement on how worthless Anti-Virus is, based on its own dysfunctional test. For this “test”, they used the VirusTotal service. VirusTotal
Infosecurity Magazine on AMTSO's credibility gap
I was interviewed yesterday by Fred Donovan, following up on the paper on AMTSO I presented at EICAR earlier this month. I may be prejudiced, but I think he's summarized my current thoughts on the topic pretty well in the article, though it isn't my recommendation that the existing guidelines be reviewed independently: it was
Security professionals DO use anti-virus
And you should also bear in mind that some of the security experts who are denigrating AV en masse right now have their own commercial agendas to push, in favour of other technologies that are not the 100 Per Cent Solution either.
Security awareness, security breaches, and the abuse of "stupid"
Computer security is not created, nor is it improved, by calling people stupid. That's the conclusion I have arrived at after more than two decades in computer security and auditing. To put it another way, we should stop dropping the "S" bomb, especially when it comes to people who don't know any better. Consider the
Infosecurity Conference APTitude Adjustment
If you're interested in the "APT: Real Threat or Just Hype" keynote session I took part in during the recent Infosecurity Virtual Conference, you can now hear and see the presentations and Q&A (and the other panel sessions from the conference). Register here. Here are the details for that keynote session, chaired by Steve Gold,
Virtualization & Conferencing
David Harley is taking part in the keynote session (11.00-12.00 EST) on "APT: Real Threat or Just Hype" at US Infosecurity's Virtual Conference on November 8th.
Data breach insurance: Is it worth it?
So you bought insurance against a data breach. With all the potential loopholes and variables, is it worth the cost for the coverage required to handle a real-world scenario? That’s a tender subject these days at Sony. In light of their recent breaches, soaring near an estimated $180 million, it seems their insurance provider, Zurich
50 ways to hack a website
Well, really there are far more, but the latest study from Imperva of 10 million attacks against 30 large organizations from January to May of 2011 cites a cocktail of techniques used by would-be hackers to spot the weaknesses and exploit them. For those of us who’ve tailed a log file spinning out of control
SCADA still scary
"Infrastructure Attacks: The Next Generation?" now includes the speaker notes, which hopefully makes it more interesting and useful.
SCADA concerns
Greetings, my faithful fans. Did you miss me? I've just had a restful week hiding from the Internet in a remote cottage in Devon, which is why I've been uncharacteristically quiet. Before that, though, I had an interesting and useful week in London mostly centred round the Infosec Europe expo, where apart from wall-to-wall meetings
The Terrifying Android
At a time when Gartner estimates that we'll have downloaded 17.7 billion + mobile apps worldwide by the end of this year, I couldn't help thinking that Android users are likelier to pay for lax screening in the Android Market than users who are protected by reasonably strict application whitelisting. Well, it looks like that concern had some justification. There are a spate of stories today about >50 applications pulled from the Android Market
More on Stuxnet
A few more developments in the Never-Ending Story: Michael Joseph Gross on A Declaration of Cyber War in Vanity Fair. Despite a somewhat breathless tone in the introduction – "the world’s top software-security experts were panicked by the discovery of a drone-like computer virus" (where's my Valium?!) – actually a comprehensive and largely accurate account. It
Facebook Competitor Faces Criticism – Is Diaspora DOA?
Really – should any Alpha version be fed through a chipper-shredder like Diaspora has? The basics are simple: The basic premise behind Diaspora is that it will allow users to have social networking functionality similar to that offered by Facebook, but with far greater control over personal data. Diaspora was born earlier this year largely
April ThreatSense Report
As you can see from this photo from the Infosecurity Europe show, my sessions down at the gym are really starting to pay off. :) As I mentioned previously, the update process on the monthly ThreatSense Report continues, and the April report is now available here. While the usual look at the top ten security
Nice Smartphone, Mr. Darcy: Fact, Fiction & the Internet
OK, I'll save the novel for another time. However, there's a rather less ambitious snippet of my recent writing at http://www.eurograduate.com/article.asp?id=3015&pid=1, an article called "Fact, Fiction and the Internet," and, further to some of my recent posts here, touches on the dangers of social networking. Though you might think that someone with as many twitter