22 Mar 2013

South Korean Attack & Malware Analysis

On March 20th an attack that brought down three major media broadcasters and at least two financial institutions computer systems in South Korea was launched.  The Red Alert team which is part of NSHC Security has provided access to their  onging reports of the malware attack  (PDF – Korean). The

11 Feb 2013

Security Visualization: AfterGlow Cloud

One of the leading thinkers in the realm of security visualization is Raffael Marty, he literally wrote the book on the topic.“Applied Security Visualization” was published in 2008 and the material is still highly relevant today. The only thing that has changed is the increased amount of data and the

04 Feb 2013

Security Visualization: Meaning From Chaos

One thing I love about information security is its beautiful complexity, a complexity that calls upon multiple disciplines and requires both technical skills and creativity to solve real-world problems. Regardless of whether the goal is compliance, intrusion detection, vulnerability analysis, log management, or forensics, the meat of IT security is

18 Jan 2013

Sneakernets Never Say Die: Power Plants Infected with USB Malware

A few days ago the State Department made public in a report that multiple power plants in the United States were affected by USB based malware during the beginning of October 2012. One of the plants reported a virus infection in a turbine control system. The system was infected when

11 Jan 2013

10 Signs You’ve Been Working In Information Security Too Long

When your mom calls you ask her three security questions to verify her identity Your pet’s name consists of at least 20 characters and contains a mix of numbers, uppercase letters, and at least one special character Your wallet  is wrapped in an aluminized mylar faraday cage You run background