22 Aug 2013

Cyber Security Ranked Third in Lloyd’s of London Risk Index

Lloyd’s of London published their Risk Index Report for 2013, and not surprisingly cyber security ranked amongst the top concerns for executives at number three worldwide and number two in the United States. Compared to previous report in 2011 where cyber risk was rated much lower at position 12, the

08 Jul 2013

AT&T Privacy Policy Change Risks and the De-Anonymization of Data

AT&T recently modified their privacy policy where they will be selling aggregated data of their subscribers usage information for marketing purposes. This is following in the footsteps of other carriers. In their blog post they state that this data in anonymized. To anonymize the data AT&T claims they remove “name,

18 Jan 2013

Sneakernets Never Say Die: Power Plants Infected with USB Malware

A few days ago the State Department made public in a report that multiple power plants in the United States were affected by USB based malware during the beginning of October 2012. One of the plants reported a virus infection in a turbine control system. The system was infected when

04 Jan 2013

The Infosec Dunning–Kruger Effect: Confidence vs. Overconfidence

A key message at Tripwire moving into the next year is around true confidence. Confidence in IT security posture and information security’s position in the business. While reading Price Waterhouse Cooper’s “The Global State of Information Security®  Survey 2013” I was surprised to see that based on self assessments security

13 Dec 2012

Low Cost Open Source Wireless Hacking – HackRF Jawbreaker

I sat down with Jared Boone a local Portland hardware hacker to discuss HackRF, an open source project he has been working on with Michael Ossmann funded by DARPA. The combination of open source hardware and software will provide security researchers with a low cost tool to intercept and reverse