Shellshock – Picking up the Pieces

4.1 million. That’s the number of news items, blogs, webpages, reports, and opinion articles related to the recently discovered ‘Shellshock’ (Bash) vulnerability that were matched via a quick Google search for ‘Shellshock bash bug’ this morning. There’s no denying that this vulnerability is Continue Reading →

49½ pounds of DDoS attack visibility

As Chief Security Evangelist for Corero Network Security my main charter is to travel the globe evangelizing the cyber-security problem with regards to DDoS attacks and cyber threats.  In doing so, I have the unique opportunity to highlight the Corero First Line of Defense solution Continue Reading →

Bookmark and Share

SANS Institute’s Webcast on Shellshock is Worth Watching

On September 25, Alan Paller, the Director of Research for the SANS Institute, sent out a FLASH report about the vulnerabilities involving Bash. This report has some very good information for security practitioners that is worth repeating here. The vulnerability, dubbed Shellshock, Continue Reading →

D’oh! Get Your Hammer and Your Payment Card Hacked at “the Homer Depot”

By now the news of the massive payment card data breach at the Home Depot is well known. The company has acknowledged the theft of an estimated 56 million debit and credit card numbers, making it the largest retail breach on record. Continue Reading →

Corero is growing – do you have the skills to be a part of the team?

Conversations recently overhead in the busy hallways of the Cambridge Innovation Center (CIC) include the number of in-flight projects being pursued by a single entrepreneur(60+!), a business plan for a(nother) new startup mining Facebook images, and the next international gig to be Continue Reading →

Here’s a Good Resource for Learning About Encryption Schemes Before You Put Data in the Cloud

If your organization is planning to have data and applications in the cloud, then you are probably planning to use encryption to secure the data. Encryption is a technology that transforms your data into an alternate format that only authorized parties with Continue Reading →

Bookmark and Share

NATO Nations work to level the playing field in response to cyber attacks

It has been interesting to see news recently of a NATO agreement that indicated that member states would now come to each other’s aid in the event of digital attacks as well as in the case of military attacks.  This newly signed Continue Reading →

Bookmark and Share

Promoting Voyeurism in the Name of Marketing and Advertising

About the same time the story about the celebrity photo hacking incident broke, I read another disturbing article that does not bode well for personal privacy. San Francisco tech blogger Wendy Lee wrote about advertisers trolling through personal photos that people are Continue Reading →

Bookmark and Share

Victim Company Refuses to Pay DDoS Extortion Fee and Is Permanently Forced Out of Business

If your company relies on your website to conduct any amount of business, it’s time to take notice of what has been happening lately with regards to DDoS attacks. In the past few weeks, numerous companies have experienced DDoS attacks in which Continue Reading →

Bookmark and Share

When Trends Collide: Data Collectors Are Gathering Information from Smartphones Used for BYOD

I had an interesting conversation the other day with Rob Shavell, the co-founder and CEO of the online privacy company Abine. We talked about two big trends in mobile computing and what happens as a consequence of their intersection. This collision of Continue Reading →

Bookmark and Share