Archive by Author

Equifax Report Demonstrates Why Culture Matters

According to the Congressional report on Equifax, a root cause of the breach was that Equifax moved the IT security team out from under IT due to “fundamental disagreements.” Although this is highlighted as a shortcoming in the report, in my opinion, this is misguided.  In the vast majority of organizations, infosec shouldn’t be under […]

Super Micro Hardware Backdoors

Today, Bloomberg published an article claiming that at least some Super Micro motherboards contained hardware backdoors. While we don’t have any inside information, we’ve been fielding several calls from clients about actions they should take and wanted to expand our thoughts on this outside our existing customer base. To begin, it’s important to note that […]

Facebook Breach Webcast

Today Rendition Infosec presented a webcast on the Facebook API breach. We covered what we know and what we don’t about the breach up to this point. Note: the audio has a few issues. I apologize for some audio problems we had due to a user interface issue with our webcast provider. We’ve fixed it […]

SEC504 CTF Networking Troubeshooting

I teach SANS SEC504 occasionally and have noted that over the last few years, students are having increasing numbers of issues getting set up for the CTF.  If you’re having trouble getting connected, my first piece of advice is “calm down and don’t blame the instructor for connection issues.” This class is run a LOT. […]