5 Canadian security conferences in 2017

5 Canadian security conferences in 2017

As every year I find myself working through the list of upcoming conferences around the world. One thing that I’ve always been pleased about is the rich variety that is available right across Canada throughout the year. I’m going...

01/09/17

All through the house, not a hacker was stirring...

All through the house, not a hacker was stirring...

The holiday season is a time to spin down and relax for many people. Where we hang up our spurs, or rather, we tuck the carry-on suitcase into a corner at least five feet away from the door. But, as with every holiday season we...

12/19/16

War stories: escalation attack loopback

War stories: escalation attack loopback

Last month I shared some stories about events that I’ve had to contend with over the last 20 years. One incident that I recall was a particular individual who thought that only scanning up to port 1023 was the only proper way to...

11/04/16

War stories: diary of a box hugger

War stories: diary of a box hugger

After years in the information security space there are few things that get me misty eyed like a massive data center. In part because it gives me a chance to reminisce about the good old days. Hundreds of hours sitting cross...

10/21/16

War stories: for your eyes only

War stories: for your eyes only

There are few things that make for as amusing reading as an acceptable use policy. In some organizations that I’ve been through, it was clear that no one had ever read their unicorn-esque like policy document. Some of the...

10/11/16

War stories: just shut off telnet

War stories: just shut off telnet

Years ago I was working on a project that had a rather interesting premise. It was a way to send a file between two parties that was stamped as verified by a third party intermediary. Pretty basic stuff but, in the 90s it was...

10/07/16

War stories: Logs are where the dead things dwell

War stories: Logs are where the dead things dwell

Over the years there has been one love hate relationship that I could never truly get away from entirely. That was logging on systems and anything else that had something to say. I got so silly that at one point when I was doing...

10/06/16

War stories: the water shut off valve

War stories: the water shut off valve

Years ago I worked for a company that had some manner of connection to the goings on for the power grid. *cough* It was a job that afforded me all sorts of different projects as security had previously been more of an afterthought...

10/05/16

War stories: the vulnerability scanning argument

War stories: the vulnerability scanning argument

Over the last couple of decades I have had all sort of different jobs. I have to count myself as rather fortunate for the experiences I have had along the way. They really went a long way to teach me some valuable lessons. Also,...

10/04/16

Hutton Hotel removes unwanted malware guest

Hutton Hotel removes unwanted malware guest

The long sorted list of companies that have had their payment systems has added a new victim to it’s ranks. This past Friday the upscale Hutton Hotel, a stones throw from Vanderbilt University in Nashville, disclosed that their...

10/03/16

IP Expo Nordic and getting Popp’d by ransomware

IP Expo Nordic and getting Popp’d by ransomware

Ransomware has become all the rage in the security field these days. Both from the perspective of the writers and the defenders. The media is lousy with these articles and I’m apparently not above writing about it myself. This...

09/29/16

Information security and the flaming sword of justice

Information security and the flaming sword of justice

There have been times in my career where I found it almost necessary for me to breathe into a paper bag after hearing some asinine positions on what security should be. I have encountered what I like to refer as the “flaming...

09/28/16

Meteors, disasters and the diesel generators

Meteors, disasters and the diesel generators

In August of 2003 it was just after 4 pm and I was leaving a vendor event where I was watching a professional tennis match. I was looking forward to the weekend ahead with a light Friday on the schedule. I could not have known how...

09/27/16

Ransomware from Stoned to pwned

Ransomware from Stoned to pwned

When I was in the trenches as a defender I saw all manner of malicious software. The first one I ever encountered back in the late 80s was the Stoned virus. This was a simple program that was lobbying the infected computer...

09/26/16

Who you gonna call when the crisis comes

Who you gonna call when the crisis comes

There will be times in your career when you know that you will face a crisis. These will be times when things will go horribly and irretrievably wrong. The breach news from Yahoo yesterday is a perfect example. One question that...

09/23/16

University of Ottawa gets failing grade in data breach

University of Ottawa gets failing grade in data breach

The University of Ottawa has found itself the subject of an investigation regarding a potential data breach. According to news reports, the information of some 900 students may have been exposed when an external hard drive went...

09/22/16

Sexting, Weiner and other bad ideas

Sexting, Weiner and other bad ideas

When I was a kid I was always flirting with the edge of trouble. I was really fortunate that I had strong guidance and good friends that helped to keep me from getting into any real sort of trouble. But, not everyone was so lucky....

09/21/16

Backups aren't just for smoking crater scenarios

Backups aren't just for smoking crater scenarios

Every company I had worked for in the past was another piece in my continuing education. Along the way there have been some lessons that were recurring. One of the main ones was around backups. Time and again I would encounter the...

09/20/16

Sour attackers publish health data on Olympic athletes

Sour attackers publish health data on Olympic athletes

There is really no denying it. The Russians are still upset about the decision to ban their athletes from performing in the Olympics this year in Rio. The part that still causes me to scratch my head is that they cheated and they...

09/19/16

IoT and your digital supply chain

IoT and your digital supply chain

“Money, it's a gas. Grab that cash with both hands and make a stash”, Pink Floyd is always near and dear to my heart. No doubt the theme song to a lot of producers of devices that fall into the category of Internet of Things or...

09/16/16

Load More