Thursday, December 03, 2015

It's Baaaaack... - What I'm Reading 12/3/2015

I told you that I would soon be inflicting myself upon you again.  Just had to get caught up at work and school.  I know it's pathetic that a 50-something old man should be having so much trouble with second grade, but coloring in the lines is kicking my ass.

Dark Reading - Startup Offers Free Cyberattack Simulation Service -

First came penetration testing, then the tabletop exercise, and now attack simulation -- the relatively nascent practice of war-gaming attacks on your network to gauge how prepared (or not) you are, and where your weaknesses reside.
The catch with these attack simulations is the response side of the equation, however. OpenDNS's Hay says what you do with the information and problems these tests expose is the big challenge for companies. "If you see that DNS tunneling can be used to exfiltrate data from your network, how do you stop it? What's the best course of action?" he says.
A cynical man, not myself mind you, but someone jaded by the vagaries of human nature, might wonder if this data ever ends up in the hands of completely unaffiliated Russian / Chinese / Ukrainian / Outer Slobovian hackers, who now have a pre-mapped entrance onto your network.  Just sayin'

 Ars Technica - Ballmer: Microsoft’s cloud revenue numbers are “bullshit” -
 the company hasn't disclosed profit margins or sales figures for either business. Ballmer says that revenue is a "key metric" and that if these businesses are important then the company "should report it." Rather than reporting these figures, Microsoft has reported its annualized revenue run rate—a hypothetical value that describes what the company's revenue would be if the current level of sales were sustained over the full year. Ballmer's view of the run rate: "Bullshit. They should report the revenue, not the run rate."
Microsoft is in serious trouble, in my opinion.  I said a couple years ago that a company can't fire it's way back to greatness.  I think I am being proven correct.  I can only hope that they wise up, dump Nadella and move forward.

NextGov - Chinese, Others Hack Interior Data 19 Times -

In the 19 previously undisclosed cybersecurity incidents, Chinese attackers and hackers with European network addresses copied data strictly from Interior systems.


Interior handles a significant amount of valuable data, such as oil leases, which are of particular interest to China and Russia, said Jim Lewis, a senior fellow at the Center for Strategic and International Studies, who studies foreign relations in cyberspace.

"All in all, an ideal target," he said.

Another day, another 19 data breaches.  Ho hum...

FCW - Report: China has arrested alleged OPM hackers -
China claims to have arrested the hackers responsible for the gargantuan theft of personal information through the Office of Personnel Management breach and is asserting that the hack was a criminal rather than a state-sponsored act.
In other news Chinese hospitals report a surge in singed buttocks secondary to spontaneously combusting pants.

Post a Comment

Weird Dream Alert

Very weird dream last night.  I was selected to facilitate a SANS Sec660 course that was being put together at the last minute.  I fly down ...