News, analysis and context on enterprise technology for the CTO
Everything that you need to know about Duqu: Duqu was reported to antivirus vendors around the 14th of October, 2011, but it has been in the wild since November of 2010. Since then there have been varients (updated copies with additional features or upgrades to code) released. It has been billed as the next Stuxnet, the son of Stuxnet, or a Stuxnet clone. In reality, Duqu is actually more like a payload of Stuxnet rather than the entire attack … [Read more...]
Android is a great mobile computing platform. It’s extensible, fairly easy-to-use (considering its plethora of features), has a great application store with hundreds of thousands of applications, and connects back with everything in Google so that all of Google’s information and services are at the users fingertip. For developers, it’s a very extendable platform which is able to integrate code from a variety of languages, run C programs, and deploy … [Read more...]
Android has been plagued by malware, security vulnerabilities, and now, privacy issues. It started with HTC's logging application which over-zealously logged aspects of phone use in insecure ways which made that data accessible by any application, and more recently has come to a head with the discovery of the carrier IQ application. The Carrier IQ application is supposedly a diagnostic tool which sits on a variety of phones including Android, iPhone, … [Read more...]
This post provides an update on the Security Innovation Network (SINET) Workshop and Showcase, and also provides an invitation for you to attend this potentially game-changing event (I serve on the SINET steering committee and would truly appreciate seeing you at the showcase). Keynotes will be delivered by: General Keith B. Alexander, Commander of the U.S. Cyber Command & Director of the National Security Agency, and His Excellency Jaak Aaviksoo, … [Read more...]
It’s late Monday morning when your computer security department notices that a suspicious message has been emailed to most of the email addresses at your company. It contains a malicious PDF that exploits a new vulnerability that came out over the weekend. The patch hasn’t been applied to the company workstations yet, and it’s too little, too late by the time the email goes out telling everyone not to click on the links. By the time inboxes are … [Read more...]
This is the second installation on my series about Computer Network Operations (CNO). The last blog explored the actions known as Computer Network Exploitation (CNE), and as always, please feel free to comment. Today, the topic switches from exploitation to defense. Computer Network Defense (CND): Includes actions taken via computer networks to protect, monitor, analyze, detect and respond to network attacks, intrusions, disruptions or other … [Read more...]
This is the first part in my series about Computer Network Operations (CNO). Again, I welcome any and all discussion on the matter and hope that this post will help educate our readers and encourage dialogue between them. Computer Network Exploitation (CNE): Includes enabling actions and intelligence collection via computer networks that exploit data gathered from target or enemy information systems or networks. Joint Pub 3-13 CNE, which can … [Read more...]
In a networked world, as in the rest of the world, we have to keep ourselves protected from attacks. The problem is, this networked world actually exists in a different domain than we are historically used to fighting in. Of course, I am talking about the cyber domain. The United States has long enjoyed a distinct military advantage in controlling the four traditional domains of air, space, ground, and land. But the cyber domain is the only one … [Read more...]
Last week, General Alexander (director of NSA and commander, USCYBERCOM) spoke at the RSA conference in San Francisco. He pointed out the the explosion of technology over the past 10 years. That users went from an average of 250MB of personal files, to over 128GB. The fact that 70% of Americans online are on Facebook - that 600M users worldwide are as well. This, mixed with the huge advances in programming (Watson and Deep Blue) lets us know that we do … [Read more...]
If you are an enterprise IT professional there is something you should know: Invincea has been named the "Most Innovative" company at the 2011 RSA conference. There are reasons for this. The capabilities provided by Invincea hold great promise in the fight against malware. The endorsement of a panel of security experts at the world's greatest security conference should be enough to get your attention, so now do your own due diligence and accelerate … [Read more...]