Security


So Microsoft apparently is buying the Israeli security firm Hexadite.  Hexadite, interestingly enough, makes an automation tool to support incident response.  In fact, it’s specifically designed to support (or arguably replace) human analysts in performing incident management tasks. If you want to see how the product works, you can see a demo of it on the Hexadite site here. So this is an interesting step for Microsoft....

Read More

So it’s a week later and I’m still talking about the ridiculous saga that is EternalBlue/WannaCry/Spy vs. Spy. I told myself to discuss something (literally anything) else today, but I continue to be fascinated by the questions that this issue has opened up.  The issue of the day is the question about whether or not Microsoft did the wrong thing by “hoarding” patches for EternalBlue on legacy operating systems...

Read More

Mike Mimoso over at the Threat Post has a great article up about the next round of potential vulnerabilities from the Shadow Brokers. Now, of course I always love reading an article from Mike – he’s one of those folks that could write about bread mold and I’d find it interesting – but this particular one is absolutely, no-foolin’ worth a read.  I say that of course because it covers the truly strange and...

Read More

It would be an understatement to say that people were upset about EternalBlue.  Microsoft apparently was already upset about it before WannaCry, but was even more upset afterwards, calling for a “Digital Geneva Convention.” If you haven’t been following the story, here’s the background: EternalBlue is an exploitation vector (CVE-2017-0144, CVSS 9.3) that impacts SMB (file sharing) implementations in Microsoft...

Read More

Do you remember this comment from Andrey Krutskikh back during Infoforum 2016? “You think we are living in 2016. No, we are living in 1948. And do you know why? Because in 1949, the Soviet Union had its first atomic bomb test. And if until that moment… the Americans were not taking us seriously, in 1949 everything changed and they started talking to us on an equal footing.  I’m warning you: We are at the verge of having...

Read More

Today I came across an article from Harvard Business Review stating that “The Best Cybersecurity Investment You Can Make Is Better Training”.  Is it?  Is it really?  The economic return of training – i.e. the value for money associated with security training (specifically awareness training) is an area that I’ve been interested in for a long time.  Specifically, because it tends not to work well as a means to...

Read More