by John Pescatore | May 14, 2009 | 1 Comment
A while back, I opined about the demise of directories: … the social networking friends list and the IM buddies list have followed the cellphone model – no directories, just ring o’ trust. While putting together the Threat Projection presentation for the upcoming Gartner Security Conference, I looked through dozens of security vendors’ threat statistics. eWeek [...]
Category: Uncategorized Tags:
by John Pescatore | May 13, 2009 | 3 Comments
Yesterday was vulnerability Tuesday, pretty much like every other second Tuesday of every month. Adobe issued two patches for flaws that allowed remote code execution. Apple announced a whopper of a security update, covering 67 vulnerabilities. Microsoft had a relatively light month, but even they called the patch released for PowerPoint “an out-of-the-ordinary PowerPoint security [...]
Category: Uncategorized Tags:
by John Pescatore | May 12, 2009 | 2 Comments
More than 15 million SSL VPN seats since 2003 are out there. (Not even counting Outlook Web Access)
Category: Uncategorized Tags:
by John Pescatore | May 11, 2009 | Submit a Comment
Colleague Nick Jones forwarded a link to a study funded by the UK Office Of Communications, the agency that regulates the UK’s broadcasting, telecommunications and wireless communications sectors. The goal of the study was to investigate the utilization (utilisation if you use a non-US spell-checker) of the unlicensed sections of the wireless spectrum, which includes the [...]
Category: Uncategorized Tags:
by John Pescatore | May 6, 2009 | Submit a Comment
Some common threads this week: Computer World reports that pirated copies of pre-release Windows 7 have trojans installed. Microsoft (who obviously has a vested interest here) has long reported the high percentage of pirated Windows that contain trojans and other malware. This a large factor why we see so many compromised machines in the lesser [...]
Category: Uncategorized Tags:
by John Pescatore | May 5, 2009 | Submit a Comment
Malware grew much faster than attacks/target: rifle shots vs. shotgun blasts.
Category: Uncategorized Tags:
by John Pescatore | May 4, 2009 | 2 Comments
The phone book used to be a cash cow for telephone companies – everyone depended on the phone book to discover each other’s telephone numbers, and the phone companies got to sell advertising around those phone numbers. The phone book, and the 411 directory service, was actually an early version of a certificate authority – [...]
Category: Uncategorized Tags:
by John Pescatore | May 1, 2009 | Submit a Comment
I always use a simple equation when talking about security. It is all about the pain level, because until the pain level gets high enough to threaten the “gain” level, it is hard to make progress: Pain = Threat x Vulnerability + Action Conficker was a good example of this equation in action, especially when [...]
Category: Uncategorized Tags:
