Category: Blog

August 11th, 2017 by John

CornCon Kids’ Hacker Camp (The Children of The CornCon) will feature dozens of kid-friendly activities in 2017. These activities range from lock picking and dumpster diving, to learning about electronics, coding and blacksmithing. The intention of the kids’ camp is to open the eyes of kids to the benefits and vulnerabilities of technology. This is done every fall in the Quad Cities, 100 kids at a time.

For the first time, kids at “CornCon 3: The Courne Ultimatum” will be able to “Hack The Pentagon”. This program started as a bug bounty, developed by the DoD to uncover vulnerabilities in their computer systems and web applications. The program uncovered 138 vulnerabilities and now the U.S. Army Cyber Command is sending First Lieutenant Daniel Lim on the road to show kids and adults how bug bounty programs work, and the methods used by penetration testers to uncover and responsibly report vulnerabilities. Responsible disclosure is key, as finding and exposing vulnerabilities to the public can lead to malicious attacks, if it is not preceded by software patches to address the vulnerability first. Read More

Posted in Blog, Community

April 26th, 2017 by John

Major General Brett I. Williams discusses the distinction between cyberwarfare and information warfare. The distinction can be important!

Posted in Blog, Infosec, Nation State

April 25th, 2017 by John

Solomon Smith and I presented at the Spring ISACA meeting in Iowa City, IA today on cyber education. 

http://alignedsecurity.com/index.php/2017/04/25/illowa-isaca-cyber-education-presentation/

Posted in Blog, Community, Events, Infosec

April 14th, 2017 by John

U.S. charges DuPont employee with trade secrets theft | April 11, 2017 Issue – Vol. 95 Issue 16 | Chemical & Engineering News

This is an interesting case where a DuPont employee stole trade secrets prior to retirement. It is often the young, brash employee who is the scapegoat. I speak from personal experience, that in the Midwest, large, old corporations distrust vendors, contractors and new employees, and tend to overlook the risk that comes from the long-time “trusted and loyal” employee. There is even a stigma if you have been at a company a long time, and leave before retirement. However, until recently, many companies continued to provide email and corporate services, and even let retirees keep their laptop, because of their retiree status. Shows that good feelings don’t amount to much, when competitors are willing to pay big bucks for your secrets. Everyone is a potential leak. Read More

Posted in Blog, Criminal, Infosec

April 7th, 2017 by John

Here’s a recent blog post I wrote for SC Magazine:

Posted in Blog, Infosec, IoT

April 6th, 2017 by John

“eFPGA technology has finally come of age.”

Posted in Blog