I have never reverse engineered anything, but I did dismantle a Betamax VCR and put it back together without an instruction manual. My little brother liked to use the tape slot as a garage for his Hot Wheels® toy cars. We were usually able to take out the cars without any issues, but one day,…
Read More As I pull together the list of zero-day filters for this blog, I see all types of vulnerabilities from various vendors. My interest is always piqued when I see a vulnerability affecting a security company. The Zero Day Initiative’s (ZDI) interest was also piqued when the researcher Pagefault submitted a Bitdefender vulnerability to the ZDI…
Read More I ended up at an urgent care clinic earlier this week and found out I have strep throat. The doctor who examined me asked me what medicine I had taken prior to my visit to help alleviate my throat pain, to which I replied, “I took a multi-symptom liquid medicine because the pain was keeping…
Read More
Security startup Cybellum recently announced a new attack that they’re calling “DoubleAgent”. They’ve labelled this a zero day “attack for taking full control over major antiviruses and next-generation antiviruses”. There’s a lot to unpack here. When you’re assessing the risk any issue poses it’s always best to clearly define the issue. Let’s start there. The…
Read More
If you’re moving your computing needs to Azure, security is probably one of your top concerns. I’ve written about this before, so I’ll assume you’ve already read it. If not, it’s worth taking a few minutes to get a grounding. Operations Once you’ve got a solid understanding of the security model in place on Azure,…
Read MoreWith any public cloud, security is a shared responsibility between the cloud service provider and you, the user of those services. For IaaS offerings, this usually means the division of responsibilities is as follows: Cloud Service Provider You Facilities Physical security Network infrastructure Virtualization layer Operating system Applications Data If you’ve done work…
Read MoreMicrosoft recently held their annual Build conference. The premier developer event for Microsoft is usually quite predictable. You could safely expect a few incremental improvements in various technologies and fantastic developer sessions on current tech. See for yourself; the sessions are online from 2012 and 2013. Things were different this year. I’ll be addressing the…
Read MoreReferencing Wikipedia: The Pythia , commonly known as the Oracle of Delphi, was the priestess at the Temple of Apollo at Delphi, located on the slopes of Mount Parnassus. The Pythia was widely credited for her prophecies inspired by Apollo. Amazon Web Service’s (AWS) first user conference in November 2012 was over-subscribed and sold out. Given that the company offers all the infrastructure you need…
Read MoreThe mobile industry is a beautiful thing. If I sit back and ponder for a minute all of the things mobile technology has enriched in my life, I could easily write a book. The fact that I can take a picture and have it immediately shared to all of my friends and family in seconds…
Read More
