In the past few weeks, the Advanced Persistent Threat (APT) has been all the rage in the infosec world. Security professionals everywhere are taking sides about whether APT is new or not, despite (or perhaps due to) the lack of…
Author Archive for Pete Lindstrom
What does “Aurora” mean in Chinese?
by Pete Lindstrom • • Comments Off
George Kurtz of McAfee is providing some details about the hack attack against Google et.al. purportedly originating in China. One of his comments: I am sure you are wondering about the name “Aurora.” Based on our analysis, “Aurora” was part…
Meet my friend Micromort – he’s one in a million!
by Pete Lindstrom • • Comments Off
No, it i’s not some sort of mini-Mortman! It’s micromort, or in other words, a one-in-a-million chance of death. How can you add (or is that subtract?) a micromort to your… err.. life? Here are some options (from Wikipedia): smoking…
Quick and Dirty Risk Calculations – CSI Survey Edition
by Pete Lindstrom • • Comments Off
The Computer Security Institute recently released its 2009 survey results (must register). One of the charts in the executive summary lists the frequency of occurrence in the survey population. Without any other information more pertinent or specific to your organization,…
Notes on the Heartland breach
by Pete Lindstrom • • Comments Off
The Heartland saga continues and it appears that things are going its way. Not only has the company been on a campaign to make lemons out of lemonade by selling the equipment (“end-to-end” encryption) to their customers (and, presumably others),…
Should we change passwords every 90 days?
by Pete Lindstrom • • 1 Comment
[I was unsuccessful trying to post this as a comment on the Securosis blog so figured I'd post it here instead.] David Mortman at Securosis recently posted with the following challenge: Show me any reasonable evidence that changing all your…
ENISA Cloud Computing Security Project
by Pete Lindstrom • • Comments Off
Today, the European Network and Information Security Agency (ENISA) released its Cloud Computing Risk Assessment report. I enjoyed participating on the project and making a number of new friends. As with most workgroups, this project had its ups and downs…
Last Night’s NCIS Backdoor
by Pete Lindstrom • • Comments Off
Last night’s episode of NCIS revealed a secret that has been hidden for quite some time. There is a backdoor in all iris scanners – two people have had their iris minutiae programmed into every iris scanner and can unlock…