April 27, 2018
FileHash icon

Software Updates – FileHash.exe

An update to FileHash.exe has been released as of April 18, 2018. 2018-04-18 — Version 2.3.0.430 Recent updates include the following: Added the -u (-summary) option […]
March 4, 2018

Virtual Credit Card Numbers

If your bank supports it, you would do well to consider Virtual Credit Card numbers for online purchases. I was looking around for some good articles […]
October 17, 2017

Not the best week for security protocols and technologies

The past few days have not been particularly good ones for the technology community.  First, we learned that the increasingly fragile WPA2 protocol has some glaring […]
September 25, 2017

Whose data is it, anyway?

It’s not just that we are experiencing big firms getting breached due to sheer negligence, but that no one is going to do anything about it […]
February 10, 2014

Automating Android

One of the cool things about the Android platform are the number of tools available for really extensive automation. So far, I have used the following […]
June 27, 2013

Looking forward to Windows Server 2012 R2

I was just reading the ComputerWorld article on some upcoming features of Windows Server 2012 R2, and I see some really intriguing improvements: In Windows Server 2012 […]
May 8, 2013

A look at Microsoft’s SIR v14

So…. I finally had a chance to finish reading the latest full edition of Microsoft’s latest Security Intelligence Report. There’s a lot of really good info in […]
April 30, 2013

Dueling Business Mindsets

If there is one lesson that technologists need to understand in order to be successful, it’s that business is ultimately more about people than about processor technology.  At the end […]
April 5, 2013

Enhancing My WLAN with a Meraki MR12

I finally got a chance to deploy a Meraki MR12 wireless access point. These are some sweet devices.  I wasn’t that happy with the PoE brick that […]
February 28, 2013

Wise Security Investment Approaches

A holistic approach to information security needs to address a corporate strategy for buying or building solutions. Such a strategy will have an impact on how […]
January 21, 2013

The Futility of Blaming IT

In recent years, it has become popular sport to blame information technology (IT) departments and IT leaders for failures – real or imagined – which adversely […]
January 18, 2013

Reading Between the Lines of Breach Notifications

Back in September 2012, I wrote two articles for Point2Security on how to effectively handle breach notifications: The Who of Post-Breach Communication Post-Breach Communication: The Importance […]
October 19, 2006

The Fearful State of Malware Today

Simply stated, it’s really getting out of hand. A number of recent articles in the technology press make it increasing clear that the following themes are […]
October 23, 2006

Growing Malware Sophistication

The level of sophistication of the malware threats we face is continuing to grow at a much faster rate that the methods that most organizations are […]
November 21, 2006

Virtual Machine Detection in Malware via Commercial Tools

More About Sophisticated Malware http://isc.sans.org/diary.php?storyid=1871 Virtual machine detection is a self-defensive property of many malware specimens. It is aimed at making it harder to examine the […]
November 27, 2006

Backdoor Trojans, Rootkits and SPAM: Notes from the Microsoft Antimalware Team

The Microsoft AntiMalware team has recently published a paper discussing some of the data collected by their monthly AntiMalware tool. A summary of the article is […]
November 28, 2006

More Malware, More SPAM

According to some reports, spyware is getting harder and harder to control.  The sophistication of the malware makers is growing at a much faster pace than […]
December 12, 2006

SANS sees upsurge in zero-day Web-based attacks

It’s pretty much official now (in case you didn’t believe it before):  We have exited the Worm era, and jumped head first into the era of specialized […]
April 15, 2010

The InfoSec Perspective for April 2010

It has been a busy month or so for information security.  Apple has patched a vulnerability that was showcased in a recent hacking contest, Microsoft has […]
May 10, 2010

It’s Time to Re-evaluate Host-based Security

I’ve said it for a few years now, but host-based antivirus is really not working out anymore.  Not with its reliance on signatures to detect malware. […]
December 31, 2012

Get Real with Information Security

In 2012, the writers of malware and the attackers of networks were very busy, using both social engineering and increased technical sophistication to fuel an increased […]
January 18, 2013

Reading Between the Lines of Breach Notifications

Back in September 2012, I wrote two articles for Point2Security on how to effectively handle breach notifications: The Who of Post-Breach Communication Post-Breach Communication: The Importance […]