Infosec Professional, father, restless learner, but above all, a thinker trying to help others by creating standardized solutions for situations and challenges I face on a daily basis. In this blog's case, I try to share a bit of my experience finding Infosec/Risk Management/Compliance jobs locally and abroad.
The Cyber Kill Chain Approach to Security The territory is not real but virtual, and its guardians use software instead of weapons. Nevertheless the security model is the psame—intrusion detection along the kill chain. The Kill Chain is a security framework that’s been successfully practiced by the military for years and is now finding its […]
Interesting: “It’s really hard for the government to censor things when they don’t understand the made-up words or meaning behind the imagery,” said Kevin Lee, COO of China Youthology, in conversation at the DLD conference in Munich on Monday. “The people there aren’t even relying on text anymore It’s audio, visual, photos. All the young […]
Earlier this month, BahrainWatch.org was contacted by an UAE activist, who reported receiving a suspicious email. Upon deeper examination, it was revealed that it was a targeted atttack relying on Java exploit (CVE-2013-0422), which would have dropped a Remote Access Trojan (RAT), if the attack wasn’t detected. The malware was hosted on the isteeler(dot)com domain, […]
Dan Farmer has an interesting paper (long version here; short version here) discussing the Baseboard Management Controller on your computer’s motherboard: The BMC is an embedded computer found on most server motherboards made in the last 10 or 15 years. Often running Linux, the BMC’s CPU, memory, storage, and network run independently. It runs Intel’s […]
One of my research projects this quarter will be focused on a really, really exciting subject: network forensics. While we will likely formally define it in the course of our research, I wanted to briefly explore it in this blog post. As I understand it now, “network forensics” today exists at the confluence of several […]
Recently I received a most interesting link from a friend, about a tiny city that was actually a perfect working model of a real-life city built by the SANS Institute. It had real banking networks, power grid networks, public transit systems, a hospital, a military complex, you name it. It’s a fully decked out city […]