The Last Infosec Week in Pills

Here’s another selection of the main security events of the past few days. In case you missed them, or in case you are still recovering from the post-vacation trauma, don’t worry! You can catch up in just few minutes with the following security pills.... Read More

Read more

It’s Still a World of Botnets and Cyber Attacks

03/09/2015 Updated with the Akamai Attack Map... Read More

Read more

Browsing Security Predictions for 2013

The period between November and December is particularly interesting for the Infosec community, since nearly all the main security vendors use to unveil their predictions for the next year, trying to anticipate the trends and the issues that will trouble the system administrators’ sleeps.... Read More

Read more

Crime As A Self Service

One of the most visionary information security predictions for 2012, was the one issued by Fortinet which defined the term Crime As A Service: “Crime as a Service (CaaS), […] is just like Software as a Service (SaaS), but instead of offering legal and helpful services though the Internet, criminal syndicates are offering illegal and detrimental services, such as infecting large quantities of computers, sending spam and even launching direct denial of service (DDoS) attacks“. At first glance I marked this prediction as exaggerated but then I could not imagine that I should have witnessed a huge demonstration only few days after. Of course I am referring to the #OpMegaUpload when, immediately after the FBI takedown, the Anonymous redirected users towards a website when they could DDoS a large group of targets with a simple web click and most of all, without the need to install the Infamous LOIC.... Read More

Read more

What Security Vendors Said One Year Ago…

I did not resist, so after publishing the summary of Security Predictions for 2012, I checked out what security vendors predicted one year ago for 2011. Exactly as I did in my previous post, at the beginning of 2011 I collected the security predictions in a similar post (in Italian). I also published in May an update (in English) since, during the Check Point Experience in Barcelona held in May 2011, the Israeli security firm published its predictions. Even if the latters have been published nearly at the half of 2011, for the sake of completeness, I decided to insert them as well in this year-to-year comparison.... Read More

Read more

Browsing Security Predictions for 2012

Update 01/11/2012: Year-to-Tear comparison with 2011 Security Predictions... Read More

Read more

TCP Split Handshake: The (Never)ending Story…

Update May 12: TCP Split Handshake: Why Cisco ASA is not susceptible... Read More

Read more

Some Random Thoughts On The Security Market

The intention by UK-headquartered company Sophos to acquire Astaro, the privately-held security company co-headquartered in Karlsruhe, Germany and Wilmington, Massachusetts (USA) is simply the last effect of the process of vendor consolidation acting in the information security market. It is also the trigger for some random thoughts…... Read More

Read more

Other Considerations On TCP Split Handshake

The storm unleashed by NSS Labs test for the TCP split handshake attack which affected 5 firewall vendors  is far from being quiet.... Read More

Read more

TCP Split Handshake Attack Explained

Update May 12: TCP Split Handshake: Why Cisco ASA is not susceptible... Read More

Read more
%d bloggers like this: