Blog Posts Tagged with "Offensive Security"
The Obligatory 2013 Infosec Predictions Post
December 26, 2012 Added by:Simon Moffatt
Technology evolves so quickly that 12 weeks is an age when it comes to new ideas and market changes - and security is no different. However, the main areas I will personally be following with interest though, will be the BYOD/BYOA, personnel, preemptive security and social intelligence...
Comments (0)
Controversial Active Cyber Defense
December 01, 2012 Added by:Jarno Limnéll
Increasingly, both the armed forces and businesses are practicing the concept of “active defense,” a military term that refers to efforts to thwart an attack by attacking the attackers. However popular it has become, active defense is an alarming trend...
Comments (0)
Proactive defense, humans or machines… that’s the question
November 27, 2012 Added by:Pierluigi Paganini
Cyber conflicts are characterized by the necessity of an immediate cyber response to the incoming cyber threats, in many cases the reaction must be instantaneous to avoid the destruction of assets and resources. The human factor could represent an element of delay...
Comments (0)
Defending Your Digital Domain Redux: Take 2
November 21, 2012 Added by:Rafal Los
I'll start with I'm not an expert on 'cyber warfare' or a lawyer offering legal advice, in fact I'd simply rather not touch that whole angle at all. I'm much more comfortable addressing this issue as it came up today from a more sensible perspective. What follows in this post is an editorial opinion...
Comments (0)
Offensive Defense: A Really Bad Idea Proposed By Charlatans And Zealots
November 08, 2012 Added by:Scot Terban
Everyone just stop. All you offering the services or touting the ideas should just sit back down and shut up. Everyone cries now that the government is encroaching on their rights with regard to privacy and you all want to just push that bar even further out with offensive defense actions? Morons…
Comments (0)
Another HAck-bAck Blog
October 04, 2012 Added by:Jim Palazzolo
Is it the legal structure that makes it taboo, or the ambiguity of the target? What are the implications? Could a corporation accidentally set off a cyber flashpoint by attacking targets in other countries? And, is it an organization’s legal right, like an individual, to defend itself?
Comments (1)
The Right to Keep and Bear Cyber Arms
August 29, 2012 Added by:Dan Dieterle
With all the media hype over Stuxnet, cyber war and cyber weapons – should US citizens be legally allowed to own and use these weapons in accordance with their 2nd Amendment rights? Why shouldn’t Americans be allowed to actively defend themselves against online electronic risks as well as physical threats?
Comments (10)
U.S. Admits to Cyber Attacks: The Future of Conflict
August 28, 2012 Added by:Pierluigi Paganini
“As a commander in Afghanistan in the year 2010, I was able to use my cyber operations against my adversary with great impact... I was able to get inside his nets, infect his command-and-control, and in fact defend myself against his almost constant incursions to get inside my wire, to affect my operations...”
Comments (0)
Thoughts On a U.S. Cyber Militia
August 23, 2012 Added by:Joel Harding
The Swiss are standing up a cyber command and they say their cyber warriors will be armed. Why wouldn’t this work in the US? First, we don’t trust our people as much as the Swiss. That is the nature of our culture, especially in the US. We are more paranoid, cynical and negative. We tend to micromanage...
Comments (4)
Cyber Militias in the US: Feasibility, Structure, and Purpose
August 21, 2012 Added by:
Offensive cyber attacks benefit from their lack of structure and diversity of attack vectors. Cyber militias can be assigned a target and given the ability to choose their methods based on their capabilities. The absence of formal rules of engagement allows the cyber militia to exercise creativity and innovation...
Comments (8)
Reverse Deception: Organized Cyber Threat Counter-Exploitation
August 15, 2012 Added by:Matthijs R. Koot
The intent of deception is "to get the adversary to act confidently and predictably". If you want to be inspired to think about deception/MILDEC as means of counterintelligence (CI) in cyberspace. I recommend this book. If you already work in CI, you may find it useful to evaluate your existing beliefs...
Comments (0)
Stuxnet and Cyber Deterrence
August 13, 2012 Added by:Robert M. Lee
Stuxnet showed that a nation-state was capable and willing to use an advanced cyber weapon against an adversary. With the world believing that the United States is responsible, the nation now has the highest level of credibility for willingness and capability to develop and use a cyber weapon. That is a strong deterrent...
Comments (23)
Malware Wars! Cyber-Wars! Cyber-Espionage-Wars! Oh My...
August 11, 2012 Added by:Scot Terban
We have opened Pandora’s box and there is no way to get what has escaped back in. We have given the weapon framework away due to the nature of the carrier. Even if Gauss is encrypted, it will be broken and then what? Unlike traditional weapons that destroy themselves, the malware we have sent can be reverse engineered...
Comments (0)
Remote Forensics Trojans, Surveillance and Investigations
August 07, 2012 Added by:Pierluigi Paganini
Thus the problem of acquisition using RFS tools is that not only is the original source (the computer) not subjected to seizure, it is not in a static environment and can be manipulated. Evidence obtained from an unsecured system can always be subject to a challenge to its authenticity and reliability...
Comments (0)
On the Right to Bear Cyber Arms
July 10, 2012 Added by:J. Oquendo
An attacker is decimating my infrastructure. I have purchased and deployed every security technology I can think of. I have contacted law enforcement as a matter of relevance, but I know they will not be able to do much. I have given the service provider two fair warnings. I now fight fire with fire...
Comments (1)
Fighting Code with Code
June 30, 2012 Added by:Jayson Wylie
Cleaning up some of the malware on the Internet could be accomplished by what I term as “White-Celled” code -code that can detect, remove malware from machines and then remove itself. The propagation can be Worm-like, initiated by scanned findings or a redirect on the footprint of an attack source...
Comments (1)
- Improving Security by Failing Faster
- BYOD: Should It Be the Wave of the Future?
- Trend Micro Discovers "SafeNet" - a New Targeted Espionage Operation Online
- Managing My Company’s Security is a Nightmare
- Bridging the Cybersecurity Divide, Why Security Innovation Must Lead the Way
- The Evolution of Industrial Control System Information Sharing
- ATM Security (And Really Learning from the Past)
- Complimentary IT Security Resources [May 13, 2013]
- Steps Toward Weaponizing the Android Platform
- Mobile Security Processes Could Be Applied to Medical Devices: Bluebox