A maze of shadow network links company intranets Yet Another Worm eveNt (YAWN) is spawning a flurry of infosec marketing blog posts. There’s the technical analysis, the “how to block the last attack” posts, the “why are we still failing?” self-flagellation, and the transparent “how our product would have blocked the last attack.” This analysis […]
Archives for October 2017
Some links to cool CIA articles
Seriously, that’s all. Just links to interesting content This is a listicle, but without a theme or a business model. Just some cool stories you might want to read if you want to kill some time. (There’s tradecraft and counterintelligence knowledge in here, so you’ll learn something too, but I’m not gonna pretend like that’s […]
Equihax: fact enabled wild speculation
A timeline and some speculation Equifax got a lot of bad press for their terrible cybersecurity, which was true in the main but false in the particulars. They were slow to patch, but (if they were using Oracle products) the patch wasn’t available until a month after the compromise. They had a security executive with […]