Note: This post will refer and link to allegedly classified programs leaked by Edward Snowden, and potentially others, in the past several years. If accessing this article from certain networks, readers are strongly advised to preview links before following them due to the possibility that such an action may be Read more…
Note: This blog post was significantly revised on 17 November 2019 after initial release on 12 November 2019. The primary alteration is within the second paragraph, noting that the initial event that inspired this blog post – an exchange between a security researcher/responder and a journalist – was much more Read more…
I recently had a discussion as to whether PSExec, the legitimate Microsoft Sysinternals tool often abused by malicious actors for remote code execution, should be included on a list of indicators related to a recent intrusion event. While my overall opinion of indicators of compromise (IOCs) as they are used Read more…
Reuters reported on an interesting event from September 2019 today (16 October 2019): “The United States carried out a secret cyber operation against Iran in the wake of the Sept. 14 attacks on Saudi Arabia’s oil facilities, which Washington and Riyadh blame on Tehran, two U.S. officials have told Reuters. Read more…
Writing during the tumultuous years of the English Civil War, Thomas Hobbes sought to identify the means through which humanity proceeds through an anarchical, violent natural state (the “nasty, brutish, and short” state of Man) to attain ordered, governed society. In formulating an idea of how such a society (or Read more…
Cryptocurrency (Bitcoin, Etherium, etc.) is quite possibly the most damaging, least useful, most reprehensible technological development of the past 20 years – which is definitely saying something given the rise of “social media”. While cryptocurrency advocates continually espouse benefits such as transactional anonymity, increased access to financial services, and financial Read more…
At present, I will assume anyone reading this possesses at least a basic familiarity with who Edward Snowden is and the general conception of his actions. The former CIA employee (removed from overseas duty for suspicious behavior in 2009) and former Dell and Booz Allen Hamilton contractor for the NSA Read more…
A common theme in metaphysics (and to some extent epistemology as well) since antiquity is understanding the relationships (or differences) between “things” and how we perceive or observe them. Examples extend from Plato’s Allegory of the Cave and forms through Kant’s Transcendental Idealism to modern scientific variations such as Heisenberg’s Read more…
Something interesting came up in an extended (and wandering) Twitter thread discussing the relevance of certain legacy information security frameworks (like the CIA triad) to modern concerns like disinformation campaigns. The aspects of this discussion that most interested me were the following two items: “Which part of the CIA triad Read more…
I previously recorded some thoughts on the new US government strategy in cyber defense known as “defend forward”. Recently, I had the pleasure and opportunity to take part in a Naval War College exercise implicitly testing this strategy’s implementation and execution in the context of civilian critical infrastructure cyber operations. Read more…