November 2011 Cyber Attacks Timeline (Part II)

The second half of November has confirmed the trend seen in the previous report covering the first half of the

Read more

Moving Security Model From Content To Context

In these days I visited several customers to talk about technology trends for 2012. With the occasion I decided to collect all the articles written in my blog concerning Advanced Persistent Threats and Related Technologies in a single, very short, presentation, and consequently uploaded it to SlideShare. Feel free to give it a look as a reference. My perception is that next year we will often hear talking about APTs and NG-IPS (and, more in general, about context-aware security Technologies).... Read More

Read more

Advanced Persistent Threats and Human Errors

In these days many people are asking me what they can do to stop an Advanced Persistent Threat. Although security firms are running fast to develop new technologies to thwart these attack vectors (sophisticated SIEMs and a new breed of network security devices, the so called Next Generation IPSs), unfortunately I am afraid the answer is not so easy. I might spend thousands of words to figure out the answer, but I would not be able to give a better representation than this cartoon I found a couple of days ago in the Imperva Blog.... Read More

Read more

October 2011 Cyber Attacks Timeline (Part I)

October has come and here it is, also for this month, the first part of my Cyber Attacks Timeline covering the cyber events occurred in the first half of the current month.... Read More

Read more

Advanced Persistent Threats and Security Information Management

Advanced Persistent Threats are probably the most remarkable events for Information Security in 2011 since they are redefining the infosec landscape from both technology and market perspective.... Read More

Read more

September 2011 Cyber Attacks Timeline (Part II)

Here it is the second part of my traditional monthly Cyber Attacks Timeline (Part I available here). From an information Security Perspective the main events of this month were the infamous Diginotar breach which led to Bankrupt for the Dutch Company and also the BEAST attack to SSL, two events which, together, thumbed the Infosec Community in its stomach.... Read More

Read more

Some Random Thoughts On RSA Breach

June 7 Update: RSA admits some stolen seeds were used to attack Lockeed Martin and will replace SecurID tokens for customers with concentrated user bases typically focused on protecting intellectual property and corporate networks.... Read More

Read more

Report Symantec Q4 2010: Fate Presto… Prima che la sicurezza SCADA!

Symantec è particolarmente attiva in questo scorcio del 2011, così, dopo la pubblicazione del Dossier Stuxnet aggiornato, ha appena rivelato alla comunità di sicurezza il Symantec Intelligence Quarterly Report: October – December, 2010 che è interessante analizzare, notando, come questo si discosti notevolmente dall’analogo report recentemente pubblicato dalla livrea rossa di McAfee, principale concorrente del produttore di sicurezza di Cupertino.... Read More

Read more