2014 Edition of the Verizon DBIR

Yes, it's here. Go get it. [PDF] And remember the wise words of Michael R. Farnum Calling all InfoSec speakers with no imagination! Your 2014 material is ready! Go get your Verizon #DBIR today! http://t.co/PKpp7DaX49— Michael R. Farnum (@m1a1vet) April 22, 2014 I'll update this post as various analysis comes in from people who know what they're talking about.

Security Briefing: July 24th

For today's Security Briefing we have a post on the opt-in conversation that seems to have been imported to Canada. This is a slippery slope if governments start to head down this path. Reminder: for those of you heading off to security summer camp, don't forget to sign up for parties while you're there. Here is the post with the list of parties that we're tracking. And now, the security ...

Continue reading

Security Briefing: July 23rd

The news is a little thin this week. Makes for a little challenge getting the Security Briefing pulled together. It is almost as if there were a series of security conferences coming up next week. ;) For those of you heading off to security summer camp, don't forget to sign up for parties while you're there. Here is the post with the list of parties that we're tracking. Speaking of tracking, ...

Continue reading

Security Briefing: July 22nd

It was rather unfortunate to see that the H Online announce last week that they were shutting down. As a result I've decided to drag out and dust off the "Security Briefing" post format that I used to run daily. And now, the news... Cheers, Dave Click here to subscribe to Liquidmatrix Security Digest!. And now, the news... On Coffee Rings And Data Exfiltration | CSO Online (Shameless self promotion) When ...

Continue reading

Livetweeting the Akamai post-RSAC roundup

Watching the echo chamber go quiet for a half hour as we are entertained by The Three Akamigos. #itsathing #hashtag #3akamigos Reference: The Three Akamigos #3akamigos are @csoandy @joshcorman and @mckeay playing the parts of Athos, Aramis and Porthos respectively. Wow folks - you just wouldn't believe the banner that they've got hung up in here -- it says "a majillion servers, no datacenter" #3akamigos Some great background music for ...

Continue reading

Briefing: Digital Bond and Project Basecamp

One of my esteemed colleagues in Critical Infrastructure protection is Dale Peterson from Digital Bond. Along with Dillon Beresford, Jacob Kitchel, Ruben Santamarta and a few anonymous contributors, Digital Bond has put together a research project called "Project Basecamp" which aims to be a "Firesheep Moment for PLCs". I think that it's so far been stupidly awesome. Please don't be the kind of cyberdouche that runs Basecamp metasploit modules against ...

Continue reading

Briefing: New Apple Products

screenshot of http://apple.ca Guess what folks... it's October 23rd. That's been a pretty good day for apple releases in the past. (Hint: The iPod was originally announced on October 23rd, 2001.) The internet-o-sphere is all abuzz with the two big stories: APPLE PRODUCTS OMG I LOVE THEMHARUMPH, APPLE PRODUCTS ARE SHIT COMPARED TO WHAT I'VE ALREADY GOT In my opinion: From a ...

Continue reading

How To Become An Infosec Rockstar

I absolutely loved this video called "How To Become An Infosec Rockstar" featuring Space Rogue and Javvad Malik. Enjoy! (Image used under CC from Christine)

The Liquidmatrix 2012 Security Budget Survey

Welcome to our first ever survey on security budgets. It takes two minutes to answer and will provide our community with valuable data. The survey is anonymous and the results will be published next month. Fill out the

Anonymous Leaks ASP Inc Mac Addresses As FBI

FBI Mac addresses? OK, but this I don't get. OK, fine. Here is the screen cap. And with a quick google search as provided by a reader... We find this... ...which is from an XLS file that is externally available on the FTP server for Alliance Solution Partners being hosted on a FTP server for Lowell Farms. Hmm. The company has been contacted. (Image used under CC from schoschie)