Tags: Regulation

Some Thoughts on User Awareness Training

Brian Krebs published an article about a tech firm losing $46 million in a technology-based heist.  The heist used forged communications from senior executives to complete financial transactions.  This got me thinking about user awareness training and how we’re doing it and how we might do it better.

Read More…

Thoughts on Fiat Chrysler’s Patching Dilemma

Hi, my name is Aaron and I’m an INFOSEC hipster.  I was worried about the security of our increasingly connected cars back in 2013, which is way before it was cool to be worried about such things.  Someone fetch me some thick, black framed glasses and a PBR while I configure my retro NFR IDS.  […]

Read More…

UPDATED: A Quick Rant on the Wassenaar Arrangement

UPDATE: The U.S. government has decided to scrap the initial version of the Wassenaar Arrangement.  The decision to do so was driven by the negative feedback from many of its stakeholders.  This is a great example of the system working and common sense prevailing.  I’d like to see this happen more often. I’m going to […]

Read More…

The Week that Was – 10/28/2013

Last week had a number of interesting developments.  Two of them involved the law, privacy, and security implications. First, the Third Circuit Court ruled that GPS tracking devices attached to vehicles require a probable cause warrant. [9]   I think this is an important ruling for privacy and the 4th Amendment.  I’m a proponent for […]

Read More…

The Week That Was – 4/15/2013

I’ve got one metric butt load of links for you this week.  There is a lot of good stuff but here are some of the highlights: Doctor Dan Colman, Winton Professor for the Public Understanding of Risk at Cambridge University, has shared a really interesting video on risk.  [1],[9]  His point is that sometimes it’s […]

Read More…

The Risk of Mass Shootings

The shootings at Sandy Hook Elementary last week were horrific.  There is no denying that fact.  Twenty-eight innocent people were murdered.  If that weren’t shocking enough, most of them were children.  This event and its aftermath are emotionally charged.  While we need to honor and respect that emotion, we also need to understand that it […]

Read More…

The Week That Was – 11/26/2012

Here’s the week that was.  As always, we have a little bit of everything from encrypted messages from secret societies [18] to Chinese aircraft carriers [9]. The story about the encrypted messages from the Great Enlightened Society of Oculists was my favorite.  [18]  It’s a great overlap of history and technology.  And the technology used […]

Read More…

The Week That Was – 10/22/2012

Welcome back, sports fans!  We’ve got a decent sized list of links this week.  One of the threads I picked up on was some lingering commentary on the Huawei and ZTE revelation last week.  And when I say revelation, I mean that the mainstream media recently picked up on it.  First, China rounded up 9,000 […]

Read More…

The Week(s) that Was (Were) – 8/31/2012

It’s been a tough couple of weeks, sports fans.  I’ve not been good about keeping up on INFOSEC current events and sharing them out with you.  Here is a backlog that has a big blind spot from last week.  Feel free to make any article suggestions I should include from the blind spot and I’ll […]

Read More…

The Week That Was – 8/13/2012

Highlights for this week include: Mat Honan getting pwn3d pretty hard through what was essentially a social engineering attack. [1],[2],[5]-[7] Mr. Alex Hutton introduces the Risk Fish.  I need to spend some quality time with this diagram.  On first glance, it looks like it can make the process of risk assessment a little easier. [8] […]

Read More…
%d bloggers like this: