Clik here to view.
Guess Who Owns The Patent to RSA's Backdoor Algorithm? Blackberry
Meet Certicom, a subsidiary of Blackberry Ltd, who provides the core technology for the National Security Agency (NSA) Suite B standard for secure government communications. Certicom holds 350 patents,...
View ArticleCan Elite Combat Teams Teach Cyber Security Teams Anything Useful?
For the last three Suits and Spooks events I've invited retired and former Navy SEALs to speak about which of their skills and training might transfer over to cyber security engineers. After all,...
View ArticleBlackBerry Ltd, the NSA, and The Encryption Algorithm that NIST Warned You...
As part of my ongoing efforts to sort fact from fiction regarding the RSA - NSA debacle, I learned that BlackBerry, Ltd (NASDAQ: BBRY), with its acquisition of Certicom in 2009, became the...
View ArticleClik here to view.
The Back Story on the Suits and Spooks #RSAC Event, some F-bombs, and a...
The Ritz Carlton San FranciscoWarning: This post contains some profanity and is filled to the brim with opinion. Don't read it if you're easily offended.If you haven't heard by now, I've contracted...
View ArticleClik here to view.
Receive a Free, Signed Copy of Inside Cyber Warfare (2nd edition) by...
I've got 40 brand new copies of Inside Cyber Warfare which I'll sign and mail to the first 40 people who register to attend Suits and Spooks Security Town Hall San Francisco (S&S@RSAC). And, as an...
View ArticleClik here to view.
Resolved, that Privacy is a benefit of and dependent upon a strong National...
Join The Debate: Feb 27thThe Suits and Spooks Security Town Hall on Feb 27th is shaping up to become an amazing event thanks to so many exceptional people who have agreed to be panelists. The...
View ArticleClik here to view.
Clik here to view.
The Way-Back Machine on Mandiant and APT: Not a Who After All
Kaspersky's latest report about The Mask reminded me that Mandiant never did issue a statement re-defining APT as a what and not a who as Richard Bejtlich and I and some other Mandiant executives...
View ArticleClik here to view.
Credit Suisse, BAE Systems and a workshop on Cognitive Biases
The new Suits and Spooks website now features an in-depth look at highlights of our upcoming event at Fort Mason in San Francisco including:an early look at the agendaour speakers and topicsplus a...
View ArticleSix Cryptographers Whose Work on Dual EC DRBG Were Deemed Without Merit by...
"When, last September, it became possible that concerns raised in 2007 might have merit as part of a strategy of exploitation, NIST as the relevant standards body issued new guidance to stop the use of...
View ArticleClik here to view.
Russia v Ukraine: Exploring the Cyber Side of the Conflict
Source: CNN.comUntil now, the only example of cyber warfare where cyber was a component of a military invasion has been the Russia-Georgia war of August 2008. Today, we are seeing cyber attacks play a...
View ArticleClik here to view.
Russian Cyber Warfare Capabilities in 2014 (We aren't in Georgia anymore)
Ukrainian hackers deface Russian newspaperRussia's latest offensive against Ukraine over Crimea has revealed how little Russian expertise the U.S. has (see this New York Times article) as well as the...
View ArticleClik here to view.
Does the Voronezh Military Hacking School Exist?
Yesterday, Aleks Gostev wrote a very informative article about the similarities between four pieces of malware: Red October, Turla (aka Snake, Uroborous), Flame/Gauss, and Agent.btz.It's a carefully...
View ArticleGartner Analyst Ben Tomhave missed the point of the RSAC Boycott
Gartner analyst Ben Tomhave published his RSA 2014 Round-up and here is his assessment of the RSAC boycott:As an aside, it should be noted that the planned protests had no real perceived impact on the...
View ArticleClik here to view.
Cyber Berkut and Anonymous Ukraine: Co-opted Hacktivists and Accidental...
"We KiberBerkut declare that today at 18:00 we launched an attack on NATO resources: On March 15, 2014 Cyber Berkut (KiberBerkut) launched a DDoS attack against these NATO...
View ArticleClik here to view.
Today's Comp Sci Students Don't Understand Technology's National Security...
Polls open for Crimean Referendum on SecessionThe ongoing conflict between Russia and Ukraine over Crimea and its implications for defining cyber warfare is a watershed moment for everyone concerned...
View ArticleSelect Committee on Intelligence tasks ODNI to improve Global R&D monitoring
Chances are good that you haven't heard of S&TI. It's not one of the INTs that IC watchers love to write about. It's not in vogue like SIGINT and it's definitely not as sexy as HUMINT. It is,...
View ArticleWhite House: Please stop saying stupid shit like this
Today's New York Times article "NSA Breached Chinese Servers Seen As Security Threat" reveals an NSA operation called SHOTGIANT that created backdoors into Huawei servers which allowed them to spy on...
View ArticleClik here to view.
ANNOUNCEMENT: "Suits", Spooks, and Monterey Institute of International Studies
HARVEY: What are your choices when someone puts a gun to your head?MIKE: What are you talking about? You do what they say or they shoot you.HARVEY: WRONG. You take the gun, or you pull out a bigger...
View ArticleAssume That Your Network Is Already Breached. What's Next?
Assumption of Breach is the only realistic network defense strategy that governments and corporations should have today. If you agree, then the next question you should ask is - what data can I not...
View Article