Clik here to view.
Flipping Malware: A Profit Opportunity for Corporate IT Departments
The one thing that corporate IT departments are not is a profit center. But the trend towards developing offensive exploits and selling them to government agencies could change that tomorrow if CEOs...
View ArticleCyber Laws May Need Tweaking
The following is an excerpt of an article that I wrote for SC magazine on the need to amend the Computer Fraud and Abuse Act to keep pace with active defensive options by corporations; an issue that...
View ArticleThe "January Effect" - An Annual Phenomenon Since 2009
I was recently interviewed for a feature in Discover magazine's Top 100 Stories of 2012 (January 2013 issue - on newsstands now). I'm #62 "Defender of the Digital Domain". During the interview, I was...
View ArticleClik here to view.
Would a Malware BuyBack Program Work?
I just read a story about how successful L.A.'s gun buyback program has been and it reminded me about a suggestion that was made at our Boston Suits and Spooks event - that a buyback program might be...
View ArticleClik here to view.
A Meditation on Three Things
I've tried a lot of different systems over the years in my search to live and work optimally and never found one single, successful system to embrace. Instead, I've boiled it down into these three core...
View ArticleClik here to view.
Five Critical Panels on the Use of Offensive Tactics in Cyberspace
On February 8-9, 2013, 24 world-renowned speakers will address and interact with about 80 attendees from the public and private sectors in a beautiful conference center high above the Potomac river on...
View ArticleClik here to view.
What's Missing in your Threat Landscape Picture?
ENISA (European Network and Information Security Agency) recently published its "ENISA Threat Landscape" report for 2012. Overall it's a good document as far as traditionally known threats go, but it's...
View ArticleNo Proof That Iran Is Behind U.S. Bank Attacks
A recent New York Times article reported that the U.S. government was convinced that the government of Iran was responsible for DDoS attacks against U.S. banks. No specific names of U.S. officials were...
View ArticleClik here to view.
RBN Connection to Kaspersky's Red October Espionage Network
Kaspersky made an astonishing announcement today with its discovery of a sophisticated cyber espionage network (most likely Russian) that has been operating since May 2007 and continues to this day. It...
View ArticleHas a Foreign Intelligence Service Been Targeting Russian Embassies?
Yesterday I posed the theory that the Russian Business Network (RBN) was behind the Red October attacks however in the interest of alternative analysis, I'd like to propose a different theory that also...
View ArticleClik here to view.
New Direction for Taia Global
For the last two years, Taia Global (my startup security consultancy) has been a services-focused business. We've been privileged to have been able to provide counsel on improving security operations...
View ArticleClik here to view.
Meet the New Director of INTERPOL's New Digital Crime Centre
I just received confirmation that the newly appointed director of INTERPOL's new Digital Crime Centre will be attending Suits and Spooks DC on February 8-9, 2013. The time frame between his appointment...
View ArticleClik here to view.
Kaspersky Labs Researcher to Present Operation Red October at Suits and...
I'm very pleased to announce that Kaspersky Labs researcher Roel Schouwenberg, a senior malware researcher with Kaspersky Lab's Global Research & Analysis Team, will be presenting at Suits and...
View ArticleThe New York Times / China Hack: What Really Happened and Who Really Did It?
The New York Times reported that it has been fending off a persistent attack by hackers which coincided with its publication on October 25, 2012 of an article on the wealth of the family of China's...
View ArticleClik here to view.
Become a "Friend of Suits and Spooks"
Whether you"re coming to Suits and Spooks DC or not, you can become a "Friend of Suits and Spooks" and have your name or your company"s name listed on the inside cover of our program. The listing...
View ArticleClik here to view.
Personal Reflections on Suits and Spooks DC 2013
Now that I've had a chance to decompress from and reflect upon the terrific Suits and Spooks DC conference last weekend, I want to share some surprising shifts in thinking that occurred for me during...
View ArticleClik here to view.
Mandiant APT1 Report Has Critical Analytic Flaws
Mandiant's APT1 report is the latest infosec company document to accuse the Chinese government of running cyber espionage operations. In fact, according to Mandiant, if a company experiences an APT...
View ArticleClik here to view.
More on Mandiant's APT1 Report: Guilt by Proximity and Wright Patterson AFB
The blog post that I wrote earlier in the week "Mandiant Report APT1 Has Some Critical Analytic Flaws" was based upon my history of interacting with some Mandiant folks online and in person as well as...
View ArticleWho Are The Players in China's Targeting of Foreign Technology IP?
The release of Mandiant's APT1 report claimed that the PLA's Third Directorate (3PLA) is the responsible State organization behind Comment Crew (aka APT1). One of the things that the report's authors...
View ArticleClik here to view.
Deputy Prime Minister of Russia is worried about backdoors in Western tech
In the course of writing this month's S&TI Flash Traffic report for our subscribers, I came across this interesting article which demonstrates that the U.S. isn't the only country worried about...
View Article