Bring Your Own Exploit →
DevOps' writer Chris Riley (Chris - aka @HoardingInfo) is a technologist and DevOps analyst for Fixate IO), regales us with s tale of the Rugged DevOps crypt - at least from the viewpoint of semi-like-minded security operators...
Sunday Security Maxim
Feynman’s Maxim: An organization will fear and despise loyal vulnerability assessors and others who point out vulnerabilities or suggest security changes more than malicious adversaries. Comment: An entertaining example of this common phenomenon can be found in “Surely You are Joking, Mr. Feynman!”, published by W.W. Norton, 1997. During the Manhattan Project, when physicist Richard Feynman pointed out physical security vulnerabilities, he was banned from the facility, rather than having the vulnerability dealt with (which would have been easy). Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory
Saturday Security Maxim
Troublemaker Maxim: The probability that a security professional has been marginalized by his or her organization is proportional to his/her skill, creativity, knowledge, competence, and eagerness to provide effective security. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory
Statement by Rear Adm. Mary M. Jackson at the City of Chattanooga's Vigil
Story Number: NNS150718-01 Release Date: 7/18/2015 02:09:00 AM From the Navy Office of Information
WASHINGTON (NNS) -- A statement by Rear Adm. Mary M. Jackson, Commander, Navy Region South East, was given at the City of Chattanooga's vigil for the fallen Marines, July 17.
Good evening. It is with my deepest sympathies and personal sadness that I am here tonight.
I would like to thank the Chattanooga community for their overwhelming support of our Navy and Marine Corps family. We greatly appreciate the arrangements made here this evening with this vigil invitation and those who have gone out of their way to make us feel at home. We are honored to be part of this community. We continue to keep our thoughts and prayers with our fallen Marines and their families, and for our wounded Sailor and his family.
Today, a small team of counselors and chaplains arrived from around the Southeast Region to provide support for families and service members and we will continue to support our Navy and Marine Corps team alongside the community.
These incidents have had a profound impact on every one of us, regardless of whether we wear the uniform or not. But we stand together and find resilience in each other as we move ahead of these difficult times. We are Chattanooga strong!
Cybersecurity Underwriters Laboratories, Inc.?
Fascinating thought-piece on the possibility and/or need for a Cybersecurity Underwriters Laboratory rating...
Food Security, Small Fruits →
In a fascinating article via CivilEats, and written by Steve Holt, comes speculation that smaller fruit, and the subsequent purchasing of that fruit by consumers may save small California growers burdened with water shortage and other travails. This equates to increased food availability, and perhaps enhanced food security, if, like me, you eat food... Today's Must Read.
Cook's Battles →
ProxyHam BlackHat Talk Closed Down
Via CSO Online's Steven Ragan, writing on the *Salted Hash blog, comes interesting news of the cancellation of Seattle's Rhino Security Labs' founder Ben Caudill's ProxyHam presentation, slated for DefCon 23. That is All.
ICS Cyber-Incidents Not Identified, Reported →
In a tour de force post on the Unfettered blog, highly respected Industrial Control Systems Information Security Professional Joe Weiss targets systemic problems in the ICS arena. One of those problems is apparently the correct identification and reporting of security incidents in the ICS realm. If you read anything today on ICS / SCADA information and Network Security, read Joes' blog post - it's simply that important.
OPM, Le Nouveau Espionnage
Michael Hayden, GEN USAF (RET), former Director of the United States Central Intelligence Agency 2006 – 2009, former Director of the United States National Security Agency 1999 – 2005, and First Principal Deputy Director of National Intelligence 2005 – 2006, has detailed the damage wrought with the OPM Breach, and in particular, adds a new, previously unforeseen outcome - the use of the purloined data to recruit spies...
Sunday Security Maxim
The Inmates are Happy Maxim: Large organizations and senior managers will go to great lengths to deny employee disgruntlement, see it as an insider threat, or do anything about it. Comment: There are a wide range of well-established tools for mitigating disgruntlement. Most are quite inexpensive. Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory
Saturday Security Maxim
Fair Thee Well Maxim: Employers who talk a lot about treating employees fairly typically treat employees neither fairly nor (more importantly) well, thus aggravating the insider threat and employee turnover (which is also bad for security). Compiled by Roger G. Johnston, Ph.D., CPP, Argonne National Laboratory