Interview with Dan Kaminsky at ShmooCon 2010

by Marcus J. Carey on March 4, 2010

Dan Kaminsky provided some insight on the hacker community and culture at ShmooCon 2010. I always enjoy talking to different people on their views. I’m playing devil’s advocate a bit here probe for good answers.

Dan Kaminsky – Dissecting the Hack Interview from Marcus J. Carey on Vimeo.

{ 0 comments }

Information Security and Starfish

by Marcus J. Carey on February 16, 2010

One of my favorite stories when it comes to helping people out is the story of a little girl on the beach. The story tells the tale of a young girl throwing starfish back into the ocean to save them from dying. An old man approaches a young girl, then tells her that there are hundreds of starfish on the beach, it would be impossible to save all of them.

The old man told her the work she was doing didn’t matter.The little girl picked up another starfish and looked at the old man. She then throws the starfish in the ocean and tells the old man, “It mattered to that one.”

My goal is to help as many as possible. If what I say matters to one person that needs guidance in information security, I consider my efforts a success. Our industry is filled with brilliant people. Sometimes if things aren’t considered groundbreaking, it can be easily dismissed as nothing new. We tend to focus on the things that we know, instead of picking up any new nuggets that may be available for the taking.

Everything little bit matters in this game.

{ 0 comments }

Jeremy Brown – From Static Analysis to 0day Exploit

December 7, 2009

At DojoSec the mission is to spread security knowledge in all forms of delivery. Our newest effort is called DojoSec Sessions which will feature screen captures and presentations from top-notch security professionals. DojoSec presents Jeremy Brown with an excellent presentation on Finding Vulnerabilities with Static Analysis. Thanks Jeremy for your contribution!

Read the full article →

Mobile Communications Security Symposium

November 30, 2009

REGISTER ASAP – The Capitol College Innovation and Leadership Institute will host the Mobile Communications Security Symposium on December 4, 2009 from 8 a.m. to 12 p.m., on campus, in the Avrum Gudelsky Memorial Auditorium. There is no cost to attend this event. To learn more about the program and the speakers, please visit http://www.capitol-college.edu/news-events/news-headlines/698. [...]

Read the full article →

Marcus’ Mailbag: Policy, Enforcement, and Monitoring

November 25, 2009

I received the following email on Commercial vs. Open Source, Policy, Enforcement, and Security Monitoring. I’m posting this email in order to share some of the views. It could be perceived as a bit of a rant, but I’m posting it below because it could spark some thought and conversation. Let me know what you [...]

Read the full article →

Virtualization is Great for Forensics

November 24, 2009

The rumblings suggesting that “The Cloud” and Virtualization is an enormous hindrance to digital investigations are exaggerated. These claims sound like scare tactics to me, I think virtualization makes incident response to computer crime much more efficient. The goal of incident response is to preserve as much information as possible. Software such as Live View [...]

Read the full article →

Google Hacking Renders Redaction Futile

November 23, 2009

Lately, I’ve been looking at tons of SQL injections and SWF login blog posts and screen captures. I notice most hackers attempt to redact the compromised URLs. However, in most cases there is enough information from the screen captures to find the sites. The attempt to redact the information is an attempt to protect the [...]

Read the full article →

Metasponse Talk at Techno Forensics

October 29, 2009

My friend Joshua Marpet recorded video of me doing my Metasponse talk at the Techno Forensics Conference at NIST on his iPhone. He’ll be sending me the complete video so I can post it as one. Although I could take my own video equipment everywhere with me, it sometimes feels stage. This is as real [...]

Read the full article →

Cloud Computing and Sunburn

October 14, 2009

Can you get sunburn if it’s cloudy outside? The answer is yes, because the clouds don’t block the dangerous rays that burn and cause cancer. Many people believe that the clouds give their skin protection against the sun. This is a big mistake that I’ve found out first hand many times recently. So I tend [...]

Read the full article →

Malwarebytes – An Effective Malware Removal Tool

October 4, 2009

If you are having a tough time removing malware from your PC, you might want to check out Malwarebytes Anti-Malware software. Thankfully, you can download a free version which is very effective at removing malware from your Microsoft Windows based system. Malwarebytes is so effective, that it is one of the preferred tools used for [...]

Read the full article →

← Previous Entries