A common social media refrain in technology circles is the complaint of becoming “too political” – that content producers should focus on technical or professional subjects while avoiding charged, politically-tinged areas. This sentiment has always rung somewhat hollow to me as the concept of the political can be viewed as Read more…
Note: This post was edited in response to feedback concerning Tyler Technologies and the fundamental claims of the original article. With respect to Tyler, while the company certainly provides extensive support and software products to local governments, a review of the company’s offerings shows nothing specific to election reporting or Read more…
On 16 July 2020, the United Kingdom’s National Cyber Security Centre (NCSC), with support and contributions from the Canadian Communications Security Establishment (CSE) and the United State’s National Security Agency (NSA), released a report tying recent intrusions in vaccine research organizations (as well as other industries) to Russian-linked adversary APT29. Read more…
F5 released a patch on 30 June 2020 tied to a doozy of a vulnerability discovered by Positive Technologies. The vulnerability didn’t get much attention until Positive Technology’s blog on the matter was released on 02 July 2020, right before a holiday weekend in the United States. The criticality of Read more…
I recently made a joke online relative to a major – and very respected, if geopolitically controversial – security company advertising its revised “Cyberthreat Real-Time Map”. As many members of the security community are aware, “threat maps” – referred to derisively as “pewpew” maps – are heavy on eye-candy but Read more…
Note: This blog post was significantly revised on 17 November 2019 after initial release on 12 November 2019. The primary alteration is within the second paragraph, noting that the initial event that inspired this blog post – an exchange between a security researcher/responder and a journalist – was much more Read more…
I recently had a discussion as to whether PSExec, the legitimate Microsoft Sysinternals tool often abused by malicious actors for remote code execution, should be included on a list of indicators related to a recent intrusion event. While my overall opinion of indicators of compromise (IOCs) as they are used Read more…
“When I use a word,” Humpty Dumpty said, in rather a scornful tone, “it means just what I choose it to mean—neither more nor less.” – Through the Looking Glass, Lewis Carroll FireEye recently published a blog covering the tactics, techniques, and procedures (TTPs) for the “TRITON actor” when preparing Read more…
Recently Juan Andreas Guerrero-Saade and Silas Cutler presented new research on the cluster of activity encompassing Stuxnet, Duqu, and Flame at the Kaspersky Lab-sponsored Security Analyst Summit. (Note for those reading this from US, Canadian, and related government networks: accessing the research link previously will display potentially leaked, non-public information Read more…
19 and 20 December 2018 will likely blend into the overall insanity of the entire year, especially when considered from a US/UK political perspective. Yet these dates, aside from being consecutive, also featured an interesting juxtaposition in the world of cybersecurity threat intelligence. On 19 December 2018, the company Area1 Read more…