I’ve been thinking about Threat Intelligence (TI) and Threat Intel Platforms (TIP) lately. What makes a platform useful? What role should Threat Intel play? Does TI even matter? Just so we’re on the same page, Threat Intel is not just Indicators of Compromise (IOC). It includes IOCs, but it’s also the knowledge, context and evaluation of those elements that inform decisions and action.
Continue reading
Threat Intelligence Platforms as a razor
Posted in Threat Intel
Tagged TIP ThreatIntel
Comments Off on Threat Intelligence Platforms as a razor
APT meet PFT and AOA
Just to clarify, this post is about APT and I’m not trying to sell you something.
Advanced Persistent Threat (APT) is the all the buzz these days. It’s become an all-encompassing term to describe just about any covert intrusion in the news. Guess what? APT is espionage. It’s not spammers, it’s not opportunistic hackers, it’s not criminals trying to get credit card information. Wikipedia has a good entry: http://en.wikipedia.org/wiki/Advanced_Persistent_Threat
Continue reading
Open letter to Sprint
I’m a T-Mobile customer. I’m distraught that ATT is on track to purchase the company. In a word, ATT sucks. If the deal happens, I will be leaving T-Mobile. There is no question, I will be looking for another carrier. So, Sprint, here’s your chance. I’m not the only T-mobile customer that feels this way. You have an opportunity to grab some customers, but there are some things you need to do.
Continue reading
How to install DJB’s dnscache on Ubuntu 10.10
I recently attempted to install DJB’s dnscache from packages on Ubuntu 10.10. It seemed to be a bit broken and I wasn’t interested in installing from source. This is a quick set of steps to get it running.
Continue reading
Posted in Configs, HowTo
Tagged bind, cache size, djbdns, dnscache, memory usage, svscan
Leave a comment
Cybertage
To Sabotage by the Beastie Boys. Apologies all around. haha
Inspiration: http://twitter.com/WeldPond/statuses/14499873948700673
Create a bootable usb stick from an ISO with OSX
It’s pretty easy to create a bootable usb stick with Snow Leopard. For example, I’m creating a bootable Ubuntu 10.10 server usb stick.
Plug your usb stick in and use diskutil to list your disks:
$ diskutil list
Posted in HowTo
Tagged bootable usb, disk id, iso image, snow leopard, ubuntu usb boot, usb stick
Leave a comment
Wikileaks wack-a-mole, cyberwar first steps
I read that the Pentagon was looking into ways to take down Wikileaks, but ultimately decided to do nothing. There was talk of Cyber Command getting involved and this got me wondering if those in charge realize what they are trying to do. Several politicians have spoken out, but it’s clear they don’t grasp the concepts involved. It isn’t as simple as finding one server and turning off the power. Without even exploring the legal issues with active attacks, lots of research has to be done to determine what exactly needs to be accomplished to shutdown a website. I’ve found the more you understand the intricacies of the operation the more complicated the task becomes. When you want to take down a website like Wikileaks, there is more involved than flipping a switch. Here’s a high level operations plan for a scenario like shutting down Wikileaks.
Continue reading
Posted in Opinion
Tagged intricacies, network disruption, pentagon, political exercise, politicians, series of tubes, target, vulnerabilities, wikileaks
Leave a comment
CarMax can’t fix my car, sends me to another dealership. FAIL
This is a letter I’ve mailed to CarMax Corporate Headquarters.
To whom it may concern,
I have purchase and sold four cars through CarMax. Up until recently I have been happy with my CarMax experience and have recommended them to friends. Unfortunately, I won’t be recommending CarMax in the future and I will be taking my business elsewhere.
Continue reading
Posted in Opinion
Tagged carmax, jeep liberty, maxcare extended service plan, white marsh maryland, white marsh md
Leave a comment
SSD, The Future is Now!
Computers these days have lots of memory, fast CPUs and big hard drives. In almost every way, they are better than computers from five years ago. The problem is that when you use them, they feel like the same old computers. They are faster, but you still feel like you’re waiting for them to boot, waiting for programs to load, waiting for games to load, waiting for them to shut down, and waiting for them to reboot. Enter Solid State Drives (SSD) and all that is about to change.
It’s 2010 and SSD prices seem to be dropping quickly. I picked up a 64GB Kingston SSDNow V Series at Newegg for $94 after rebate. For me, when new technology drops below $100, I don’t feel like I’m overspending for the cutting edge. $50 off the regular price helps too.
Continue reading
Posted in Hardware
Tagged boot drive, new technology, solid state drive, ssd, ssd myths, ssds, ubuntu fast boot, ubuntu ssd
Leave a comment
5 reasons to take that government cyber security job
Mike Subelsky had a great list of reasons you might not want to take a government cybersecurity job, I followed up with a few additions. It got me thinking that it wasn’t all bad, there are actually reasons that someone might enjoy a career working with the government. So, here are a few reasons that you might enjoy a cybersecurity job with Uncle Sam.
Continue reading
Posted in Opinion
Tagged cyber, cyber security, government job, job security, patriotism
Leave a comment