Category: computer security

Functionality > Security

It was reported recently that a security researcher found several exploitable vulnerabilities in a FireEye product. ‘I tried to work with them,’ he said, but was apparently rebuffed/ignored, so here you go: an 0-day. There are at least three sides…

No Accountability, No Peace (of Mind)?

Thanks to the ever vigilant Richard Bejtlich for pointing out Jeremiah Grossman’s slides on the idea of INFOSEC security guarantees. Reading them reminded me of a saying, the exact wording of which I forget now, but it is something along…

IO: meet the new boss, same as . . .

From Inside the Pentagon (subscription): As the Air Force prepares to open a new Cyber Command in May, a top service general overseeing the effort is calling on policymakers to consider how far the United States should go to safeguard…

That’s How You Do It

While the larger bandits and their FFRDC overlords pi$$ away $7.5 billion, motivated men in a garage (my metaphor, not reality) are getting it done. Tip-off: Bill Roggio

E-Jihad

The U.S. government has notified U.S. private financial services of a call by the al-Qaida terrorist network for a cyber attack against U.S. online stock trading and banking Web sites beginning Friday, officials said. I smell Zapatistas. If there is…