Security Balancetrying to bring balance to the Force |
 |
I’m surprised that most of the MitB attacks are still just stealing credentials instead of changing transaction contents on the fly. I can see that credentials have an intrinsic value on the “black market”, but the attack model of stealing credentials and then using them to log into the victim account to perform transactions seems [...]
I was reading a nice post from Gunnar Peterson about APTs. His making the point that everybody is excited about this “oh huge threat oh oh” stuff from the Google x China incident but in fact we should be worried about properly engineering the systems we depend on. I like his analogy of blaming the big [...]
I’m starting a Wave
on Google Wave to build a collaboration piece on security decision making. Please send
me your contact if you want to participate.
It starts like this:
Security decision making
Dear security friends,
I’m
planning for a long time to work on a paper/presentation about security
decision [...]
I was reading the post that I just published when I noted that the post right before that was complaining about attempts to standardize diversity, the curse of the “best practices”. The funny thing is that on the last post I tried to make the case for a big standard, that would probably end up [...]
I was happy to find Anton Chuvakin’s post about the issues of doing security based on risk management a few days ago. As I said on my twitter, “discussions about decision making (risk based vs. others) is the only thing interesting for me today on the security field”. Anton made a very good summary about [...]
I was happy to see the last posts from Alan Shimel about the incident on LxLabs and what that means to “cloud security”. Not only because I think he is right about using it as an example of why we should think about cloud security but also because I like his “anti-hype” posture. Ok, that [...]
I agree with Ben Tomhave on this particular subject. He is basically saying that we still don’t have a good solution for reliable and repeatable risk assessments. I must say that this is not true to smaller scopes, like a single application or a small network or system. However, when we start talking about a [...]
Back in 2007 I noticed (together with Fucs and Victor) that botnet creators had to solve a very important issue to keep controlling the infected computers: how to update the location of the controller?
Until then they were including the controller location inside the bot code, so it was easy to find to identify it and [...]
Do you know what that is? That’s a complete disaster!
I’ve got the tip for this very interesting Burton Group discussion from Anton Chuvakin’s post (who also has an overflowing ”2blog” queue .
There is a way to summarize that discussion. The key issue on deperimeterization is the control over the endpoint. If you are pushing the [...]
I was very excited to read about TCG IF-MAP on Chris Hoff’s blog last week. Chris found that interesting as something that could bring some light to the “cloud nightmare” and to virtualization issues.
I like IF-MAP, however, because it raises the security intelligence level on the network. Today most of SIEM installations are working mostly [...]
