Infosecurity.US

Information Security & Occasional Forays Into Adjacent Realms

  • Web Log

via The Cyber Security Hub™

LOG4J: The Meme (3)

December 22, 2021 by Marc Handelman in Security Heal Thyself, Security Sarcasm, Infosec Satire, Infosec Humor, Poor Appsec Review
December 22, 2021 /Marc Handelman
Security Heal Thyself, Security Sarcasm, Infosec Satire, Infosec Humor, Poor Appsec Review

LOG4J: The Meme (2)

December 19, 2021 by Marc Handelman in Security Heal Thyself, Security Sarcasm, Infosec Satire, Infosec Humor, Poor Appsec Review
December 19, 2021 /Marc Handelman
Security Heal Thyself, Security Sarcasm, Infosec Satire, Infosec Humor, Poor Appsec Review

via

Multimillion Dollar Security Architecture: The Meme

December 16, 2021 by Marc Handelman in Security Heal Thyself, Security Sarcasm, Poor Appsec Review, Infosec Humor, Infosec Satire
December 16, 2021 /Marc Handelman
Security Heal Thyself, Security Sarcasm, Poor Appsec Review, Infosec Humor, Infosec Satire

via

One String To Pwn Them All: The Meme

December 15, 2021 by Marc Handelman in Security Heal Thyself, Security Sarcasm, Infosec Satire, Infosec Humor, Poor Appsec Review
December 15, 2021 /Marc Handelman
Security Heal Thyself, Security Sarcasm, Infosec Satire, Infosec Humor, Poor Appsec Review

via

LOG4J: The Meme (1)

December 14, 2021 by Marc Handelman in Security Heal Thyself, Security Sarcasm, Infosec Satire, Infosec Humor, Poor Appsec Review
December 14, 2021 /Marc Handelman
Security Heal Thyself, Security Sarcasm, Infosec Satire, Infosec Humor, Poor Appsec Review

via

LOG4J: The Meme (0)

December 13, 2021 by Marc Handelman in Security Heal Thyself, Security Sarcasm, Infosec Satire, Infosec Humor, Poor Appsec Review
December 13, 2021 /Marc Handelman
Security Heal Thyself, Security Sarcasm, Infosec Satire, Infosec Humor, Poor Appsec Review

Comodo Takes Security Seriously... Wait, What?

October 04, 2019 by Marc Handelman in Security Incompetence, Security Heal Thyself, Security Failure, Information Insecurity

via Zach Whittaker, writing at Techcrunch, comes this interesting piece, describing a 'cybersecurity' company's (in this case - Comodo) abject faliure to protect it's own web presence (from a recently reported - and fixed-by-the-vendor flaw). A nearly perfect example of as to why security companies are generally distrusted (at least around here...).

Oh, and the ostensible cause? The highly reported on VBulletin Flaw (now fixed). However, the true cause was (and I assert still must be) gross incompetence displayed by Comodo, and of which, is certainly not the first time this company has appeared swimming in the murky sea of questionable practices, and behaviors indicative of criminality.

October 04, 2019 /Marc Handelman
Security Incompetence, Security Heal Thyself, Security Failure, Information Insecurity

via the respected information security capabilities of Robert M. Lee & the superb illustration talents of Jeff Hass at Little Bobby Comics.

Robert M. Lee's & Jeff Hass' Little Bobby Comics: 'RSA' →

March 18, 2019 by Marc Handelman in Little Bobby Comics, Security Humor, Security Heal Thyself, Satire, Sarcasm, Information Security
March 18, 2019 /Marc Handelman
Little Bobby Comics, Security Humor, Security Heal Thyself, Satire, Sarcasm, Information Security

Via the Erudite Security Mindset of Robert M. Lee & the Superlative Illustration Talents of Jeff Haas at Little Bobby Comics.

Robert M. Lee's and Jeff Haas' Little Bobby Comics: 'Internecine Warfare' →

November 25, 2018 by Marc Handelman in Little Bobby Comics, Security Humor, Security Heal Thyself, Satire, Sarcasm
November 25, 2018 /Marc Handelman
Little Bobby Comics, Security Humor, Security Heal Thyself, Satire, Sarcasm

via the Comically Security Mindset of Robert M. Lee and the Superb Illustration work of Jeff Hass at Little Bobby Comics

Robert M. Lee & Jeff Hass's 'Little Bobby - Security Magic' →

April 29, 2018 by Marc Handelman in Little Bobby Comics, Sarcasm, Satire, Security Heal Thyself, Security Humor, Security Magic
April 29, 2018 /Marc Handelman
Little Bobby Comics, Sarcasm, Satire, Security Heal Thyself, Security Humor, Security Magic

via the exacting observational skills of Daniel Stori at Turnoff.us!

Daniel Stori's 'Intel Bug' →

January 21, 2018 by Marc Handelman in Satire, Sarcasm, Security Failure, Security Heal Thyself, Security Humor
January 21, 2018 /Marc Handelman
Satire, Sarcasm, Security Failure, Security Heal Thyself, Security Humor

Webroot, The Latest SNAFU →

April 25, 2017 by Marc Handelman in All is Information, Security Failure, Information Security, Governance, Security Governance, Security Heal Thyself, Security Testing, Vulnerabilities, Vulnerability Research

Iain Thomson, writng at El Reg, reports on Webroot's latest SNAFU. I'll leave it to his illustrative prose to tell the tale.

April 25, 2017 /Marc Handelman
All is Information, Security Failure, Information Security, Governance, Security Governance, Security Heal Thyself, Security Testing, Vulnerabilities, Vulnerability Research

Self-Healing Endpoint

March 21, 2017 by Marc Handelman in All is Information, Blatant Stupidity, Information Security, Right to Privacy, Security Failure, Security Governance, Security Heal Thyself, Security Opinion, Demise of Privacy

Apparently, this product is now embedded in a wide range of devices (ranging from Apple Inc. to Dell Computers and more). I do architect & advise end-point security efforts in my work (agnostic that I am - I do not recommend individual products), but certainly not an embedded product in BIOS or EFI. Could it be rightly called 'The Self-Healing Endpoint of Privacy'? Has a meme been created? You be the judge - Me?, I'm going back to paper and pencil, air-gapped (of course - dammit, air-gaps are no guaranty of secure platforms either...). What to do. Tip o' the Hat.

March 21, 2017 /Marc Handelman
All is Information, Blatant Stupidity, Information Security, Right to Privacy, Security Failure, Security Governance, Security Heal Thyself, Security Opinion, Demise of Privacy

Bad Relationship, Technical Debt →

December 29, 2015 by Marc Handelman in Security Heal Thyself, SecDevOps, Cybersecurity, Information Security

Technical Debt, and it's consequences... Illuminated for us - mere mortals - by Chris Hockings - IBM Master Inventor. Todays' MustRead.

In the worst-case scenario, an enterprise continues to invest in platforms that are no longer sufficiently effective, resulting in more personnel delivering currency rather than capability. Security debt is a term that has been coined to describe application vulnerabilities that result from such laggardly behavior. - via by Chris Hockings writing at SecurityIntelligence

December 29, 2015 /Marc Handelman
Security Heal Thyself, SecDevOps, Cybersecurity, Information Security

Espionage, The Intelligence Files

September 16, 2015 by Marc Handelman in All is Information, Espionage, Information Security, Security Heal Thyself

News, via Lucian Constantin, writing at PCWorld, details the discovery of a targeted group of LinkedIn Corporation (NasdaqGS: LNKD) users (in this case information security professionals) unwittingly involved in a focused intelligence/espionage campaign to garner discrete corporate information. Another case of social networks as the baseline method for intelligence gathering by nations-states and illicit non-governmental organizations. Aye me buckos! A treasure-trove thee awaits!

September 16, 2015 /Marc Handelman
All is Information, Espionage, Information Security, Security Heal Thyself