The Black Hat USA 2009 conference begins in less than two weeks. I’m excited, but have a lot of preparation to do! I will be on a panel on Tuesday, and the executive briefings and then I am on a panel Wednesday morning.
I’m planning on a long week, and since I’m staying the weekend, I’ll have time to relax and enjoy myself. There are lots of interesting topics for Black Hat and DEFCON. If you’re going to be there, drop me a line!
Posted in Blog
In the realm of computer security and ethics, it is important that criminals be punished as a deterrent to would-be-criminals everywhere. For example, if the SPAM KING goes to jail and pays millions of dollars in fines for filling our mail with junk mail, which he personally profited greatly from – that is reasonable.
In the news, we have two stories today. First, TJX (parent company of such chains as TJ Maxx) was fined $9.75 million for a huge breech of customer data. The Ukrainian hacker who masterminded the theft of 94 million credit card accounts from TJX has been sentenced to 30 years in jail. (Believe me, he is going to a Turkish prison for this crime and I can’t imagine this will be a pleasant sentence. I think it makes our high-security prisons look like country clubs.) There were 11 people who were involved have convicted to date. Here is more, from SC Magazine: Read More
Posted in Blog
The following article comes from Security Wire Daily:
A majority of attacks on the Internet depend upon the exploitation of human nature through the abuse of trust. It is human nature, for example, to feel comfortable with Web-based social networks that include our friends and family. We don’t expect these people to be hosting anything on their pages that would “attack” us. Read More
Posted in Blog
Simon Potts wasn’t happy with his job. He was what they call a ‘disgruntled employee’. After ten years working for KPJ Industries, as a loyal employee, he has rarely been recognized for doing a good job. He has been passed over for promotion, and this year he knows that his raise was smaller than other employees. He was mad that co-workers were showing up late for work, taking on much less of a workload, and still getting a bigger raise than he was. He deserved more, but his boss had it out for him. Bob, the office manager, always seemed to resent Simon’s ability, and Simon was sure he spoke ill of him to other managers. Simon realized this was a dead-end job, and his days were numbered. It was time for him to take what he deserved, and then quit. That would be satisfying, and when he sold the customer database to a competitor, it would teach them a lesson. At least, this was the rationale Simon used when he decided to steal a sensitive customer database, with credit card numbers, from KPJ Industries in November, 2008.
Simon Potts was viewed by his management as a nice guy, but they didn’t feel he was motivated. He took on a lot of work, but had a hard time completing projects on time. So, when the new year came along, Simon was given a score of “meets requirements” in his performance review. His manager tried to explain how Simon could do better, but he felt that no matter what he said, Simon took it too personally. There were signs that Simon was a disgruntled employee, but the company had no training for managers on how to identify and deal with disgruntled employees. Read More
Posted in Blog
I was just reading this article (LINK) about the 2009 RSA Conference, held in San Francisco last week. I haven’t spoken to my friends, who organize the the conference yet (OFFICIAL SITE), but it seems that numbers were somewhat down as expected this week, due to the economy. Read More
Posted in Blog
There will be a seminar at Trinity Hospital at Terrace Park (4500 Utica Ridge Rd., Bettendorf, IA) on April 4th, 2009. The speakers will be Lynn Hudson and Denes V. Agoston, two research scientists. Lynn Hudson will speak on ‘What Can Biomedical Research Do for You?’ and Denes V. Agoston will speak on ‘Regenerative Capacity of the Brain: Integrative Medicine and Traumatic Brain Injury.’
The event starts at 10AM, and it sponsored by the Bettendorf Public Schools.
Posted in Blog
I am posting the slides from my Cloud Computing talk today. A slide show that you can view, and if you want my full deck you just have to email me or Tweet, with your version of PowerPoint or format choice.
I finished up the slides, and added the Larry Ellison audio last night at midnight, so I got to bed after 1am and then got about three hours of sleep before driving the 3 hours to Springfield (IL). This was for the Infragard conference on data protection (see below). We had about 160 people turn out, from all industry sectors. Including: police, federal, agriculture, banking, schools and colleges… Our keynote speaker was excellent (John Bace, of Gartner). We wrapped up around 4pm and I just got back from the return drive. I’m heading off for a nap, and may comment more later. For now, my eyes are bugging out from writing these slides up in one marathon session yesterday. I thought my talk went well, I hope you find the slides somewhat useful. Read More
Posted in Blog