SecurityCertified

  • Subscribe to our RSS feed.
  • Twitter
  • StumbleUpon
  • Reddit
  • Facebook
  • Digg

Wednesday, January 19, 2011

Wanted: Incident Handler in Michigan

Posted on 7:11 AM by Unknown
Do you know how to detect and respond to intruders in a multinational organization? Do you want to join a team with that mission? Are you an experienced information security professional who is looking for a challenge? If your answer to these three questions is yes, please consider applying for the last open Incident Handler role in GE-CIRT. In this role you will mentor intermediate and junior CIRT members and work with some of the best detection...
Read More
Posted in GE, ge-cirt | No comments

Monday, January 10, 2011

Seven Cool Open Source Projects for Defenders

Posted on 5:43 PM by Unknown
Long-time blog readers should know that I don't rely on tools to defend my enterprise. I rely on people first, followed by tools, then processes. However, today I took a moment to consider the myriad of really cool work happening (mainly) in the open source tool community. When I started counting, I found about seven projects that are likely to help you defend your enterprise. Most of these require some commitment of brainpower and willingness...
Read More
Posted in | No comments

Saturday, January 8, 2011

More on Chinese Stealth Fighter and APT

Posted on 5:32 PM by Unknown
Since my 27 December post Courtesy of APT, featuring the new Chinese stealth fighter, Aviation Week writer Bill Sweetman wrote more about the development of this aircraft and the support from APT:One question that may go unanswered for a long time concerns the degree to which cyberespionage has aided the development of the J-20. U.S. defense industry cybersecurity experts have cited 2006—close to the date when the J-20 program would have started—as...
Read More
Posted in apt, china | No comments

Happy 8th Birthday TaoSecurity Blog

Posted on 5:08 AM by Unknown
Today, 8 January 2011, is the 8th birthday of TaoSecurity Blog. I wrote my first post on 8 January 2003 while working as an incident response consultant for Foundstone. 2739 posts (averaging 342 per year) later, I am still blogging. I don't have any changes planned here. I plan to continue blogging, especially with respect to network security monitoring, incident detection and response, network forensics, threat-centric security, and FreeBSD...
Read More
Posted in | No comments

Wednesday, January 5, 2011

The "IT as a Business" Train Wreck

Posted on 4:40 PM by Unknown
I just read this year-old article by InfoWorld's Bob Lewis titled Run IT as a business -- why that's a train wreck waiting to happen. It reminded me of comments on a CIO article I posted in 2008 as The Limits of Running IT Like a Business. Here I would like to emphasize a few of Bob's points via excerpts from the 2010 article.When IT is a business, selling to its internal customers, its principal product is software that "meets requirements." This...
Read More
Posted in | No comments

To Those Who Want Tim Thomas Books

Posted on 2:21 PM by Unknown
I continue to be bombarded by questions from readers looking to buy the books by Timothy L Thomas, mentioned in my posts Review of Dragon Bytes Posted, Review of Decoding the Virtual Dragon Posted, and Review of The Dragon's Quantum Leap Posted. As you can see at Amazon.com, they are not available. I hope that the spotlight I'm shining on these books helps Mr Thomas either 1) reprint the books or 2) secure a different publisher who will reprint...
Read More
Posted in | No comments

Tuesday, January 4, 2011

TaoSecurity Lab

Posted on 2:17 PM by Unknown
In a recent blog comment one of you asked about TaoSecurity lab. This is a collection of my own gear -- nothing associated with my corporate employer. I decided to post the diagram at left in case someone found it useful. To summarize the color scheme: 1) blue (and the blue squiggle) means "wireless access," regardless of the nature of the device (phone, appliance, laptop, etc.); 2) green means Cisco; 3) gray means "appliance"; 4) peach (?) means...
Read More
Posted in | No comments

Monday, January 3, 2011

VizSec 2011 Call for Papers Open

Posted on 5:49 PM by Unknown
The call for papers for VizSec 2011 is open. VizSec2011 will be held on the campus of Carnegie Mellon University, on 20 July. Full paper submissions are due 1 April and panel abstract submissions are due 15 April. This is the conference to attend if you're interested in graphical depiction and analysis of security data! I was pleased to provide the keynote last year, but I will not be able to attend this year.Tw...
Read More
Posted in | No comments

Starting the New Year Right

Posted on 8:15 AM by Unknown
Today's a company holiday (odd, but ok), so I figured what better way to start the New Year than to see if my Commodore 64 still works? I bought it in mid-1986, so it's almost 25 years old, and it's been over seven years since I posted My C-64 Rides Again. Since then the monitor I used with my C-64 died, but my dad shipped me his old RBG monitor.Would everything work? Could I access the Internet with it? The answer: YES. As you can see above,...
Read More
Posted in commodore | No comments
Newer Posts Older Posts Home
Subscribe to: Posts (Atom)

Popular Posts

  • DojoCon Videos Online
    Props to Marcus Carey for live streaming talks from DojoCon . I appeared in my keynote , plus panels on incident response and cloud secur...
  • Bejtlich Speaking at TechTarget Emerging Threats Events in Seattle and New York
    I will be speaking at two events organized by TechTarget , for whom I used to write my Snort Report and Traffic Talk articles. The one-da...
  • SANS WhatWorks Summit in Forensics and Incident Response
    I wanted to remind everyone about the SANS WhatWorks Summit in Forensics and Incident Response in DC, 8-9 July 2010. The Agenda looks gre...
  • Sguil 0.7.0 on Ubuntu 9.10
    Today I installed a Sguil client on a fresh installation of Ubuntu 9.10. It was really easy with the exception of one issue I had to troubl...
  • Microsoft Updates MS09-048 to Show XP Vulnerable to 2 of 3 CVEs
    Microsoft published a Major Revision of MS09-048 to show that Windows XP Service Pack 2 and Windows XP Service Pack 3* are now Affected So...
  • BeyondTrust Report on Removing Administrator: Correct?
    Last week BeyondTrust published a report titled BeyondTrust 2009 Microsoft Vulnerability Analysis . The report offers several interesting ...
  • Human Language as the New Programming Language
    If you've read the blog for a while you know I promote threat-centric security in addition to vulnerability-centric security. I think ...
  • DNI Blair Leads with APT as a "Wake-Up Call"
    AFP is one of the few news outlets that correctly focused on the key aspect of testimony by US Director of National Intelligence Dennis Bla...
  • SANS Forensics and Incident Response 2009
    The agenda for the second SANS WhatWorks Summit in Forensics and Incident Response has been posted. I am really happy to see I am speakin...
  • NYCBSDCon 2010 Registration Open
    Registration for NYCBSDCon 2010 is now open. As usual George and friends have assembled a great schedule ! If you're in the New York...

Categories

  • afcert
  • Air Force
  • analysis
  • announcement
  • apt
  • attribution
  • bestbook
  • blackhat
  • books
  • breakers
  • bro
  • bruins
  • certification
  • china
  • cisco
  • cissp
  • cloud
  • clowns
  • commodore
  • conferences
  • controls
  • correlation
  • counterintelligence
  • cybercommand
  • cyberwar
  • dfm
  • education
  • engineering
  • feds
  • fisma
  • freebsd
  • GE
  • ge-cirt
  • hakin9
  • history
  • impressions
  • information warfare
  • ipv6
  • law
  • leadership
  • malware
  • mandiant
  • microsoft
  • mssp
  • nsm
  • offense
  • oisf
  • packetstash
  • philosophy
  • pirates
  • powerpoint
  • press
  • psirt
  • reading
  • redteam
  • reviews
  • russia
  • sans
  • sec
  • sguil
  • snorby
  • spying
  • threat model
  • threats
  • Traffic Talk
  • training
  • tufte
  • tv
  • ubuntu
  • usenix
  • verizon
  • vulnerabilities
  • wisdom
  • writing

Blog Archive

  • ►  2013 (16)
    • ►  September (1)
    • ►  August (1)
    • ►  June (2)
    • ►  April (2)
    • ►  March (1)
    • ►  February (3)
    • ►  January (6)
  • ►  2012 (60)
    • ►  December (4)
    • ►  November (5)
    • ►  October (3)
    • ►  September (10)
    • ►  August (2)
    • ►  July (6)
    • ►  June (6)
    • ►  May (4)
    • ►  April (2)
    • ►  March (9)
    • ►  February (6)
    • ►  January (3)
  • ▼  2011 (108)
    • ►  December (3)
    • ►  November (7)
    • ►  October (11)
    • ►  September (9)
    • ►  August (18)
    • ►  July (10)
    • ►  June (5)
    • ►  May (4)
    • ►  April (13)
    • ►  March (17)
    • ►  February (2)
    • ▼  January (9)
      • Wanted: Incident Handler in Michigan
      • Seven Cool Open Source Projects for Defenders
      • More on Chinese Stealth Fighter and APT
      • Happy 8th Birthday TaoSecurity Blog
      • The "IT as a Business" Train Wreck
      • To Those Who Want Tim Thomas Books
      • TaoSecurity Lab
      • VizSec 2011 Call for Papers Open
      • Starting the New Year Right
  • ►  2010 (193)
    • ►  December (14)
    • ►  November (11)
    • ►  October (6)
    • ►  September (16)
    • ►  August (15)
    • ►  July (26)
    • ►  June (15)
    • ►  May (15)
    • ►  April (15)
    • ►  March (16)
    • ►  February (19)
    • ►  January (25)
  • ►  2009 (123)
    • ►  December (10)
    • ►  November (17)
    • ►  October (21)
    • ►  September (13)
    • ►  August (20)
    • ►  July (21)
    • ►  June (21)
Powered by Blogger.

About Me

Unknown
View my complete profile