Clik here to view.
Deciphering How Edward Snowden Breached the NSA
The importance of knowing exactly how Snowden breached security by attacking trust and an open invitation to correct us To date little real information exists publicly to explain how Edward Snowden...
View ArticleNetwork World
Should the NSA be reformed? Fierce debate rages “Jeff Hudson, CEO at Venafi, says Snowden likely elevated his privileges by generating SSH keys to use them to get access to other servers. ‘He then used...
View ArticleDark Reading
How Did Snowden Do It? “…Snowden fabricated SSH keys and self-signed digital certificates to access and ultimately steal the NSA documents. And the company — which provides security for crypto keys and...
View ArticleInfoSecurity
How Snowden Breached the NSA from the Inside “This is the crux of the attack: as an administrator Snowden was able to fabricate digital certificates and cryptographic keys; but the NSA had no ability...
View ArticleInfosec Island
Infographic: How Snowden Breached the NSA “In this infographic, Venafi breaks open how Edward Snowden breached the NSA. Venafi shared this information and challenges the NSA or Edward Snowden to...
View ArticleClik here to view.
The Demise of 1024-bit Certificates
Nearly everyone understands the need to use data encryption to protect data both in transit and at rest, but I have found that there is some confusion about the strength of the key that is used to...
View ArticleSoftpedia
Snowden Used Fabricated SSH Keys and Self-Signed Certificates to Hack the NSA “According to Jeff Hudson, Venafi’s CEO, experts have found evidence that Snowden used fabricated SSH keys and self-signed...
View ArticleThe Security Ledger
Snowden Borrowed from APT Playbook In NSA Hack “To get data out of the NSA, Snowden used another common trick of APT-style attackers: using self-signed certificates again to encrypt the sensitive data...
View ArticleThe Denver Post
NSA Spying could prove costly to Internet companies “‘Absolutely, our business is growing very rapidly,’ said Jeff Hudson, CEO of Venafi, a Utah security company with an office in Palo Alto, Calif....
View ArticleClik here to view.
Controlling the Wild West of Mobile
Mobile. It’s the new normal. Never in the history of the world has a technology changed the way we work, live, and play in such a short period of time. Think back 20 years. In 1993, we faxed important...
View ArticleSoftpedia
NSA Given Millions to Prevent Data Leaks, but Money Alone Doesn’t Solve Problems “‘The reality for most organizations is that there is very little awareness and understanding of the impact that cyber...
View ArticleWired
How the NSA was Infiltrated and Why Your Business May Be Next “Given Snowden’s valid access to certain cryptographic keys and certificates for system administration, he was able to discover information...
View ArticleIT Business Edge
How the NSA was Infiltrated and Why Your Business May Be Next “As described in testimony by General Keith Alexander, Edward Snowden fabricated digital keys because of the NSA’s failure to detect...
View ArticleClik here to view.
Get Ready to Rumble
There is an old adage from the British Army known as the “seven Ps,” that is frequently used in project planning, or when training for life-or-death situations. “Proper Planning and Preparation...
View ArticleFlame malware – Like Stuxnet and Duqu before it
Certificates exactly like the ones compromised as part of the Flame malware, are used everywhere in organizations worldwide today and are vulnerable to the exact same compromise. If organizations do...
View ArticleInadvertently Enabling Malware
One of the greatest concerns of an information security person is doing something that inadvertently enables someone to have access or even take control of data or systems that they should not have...
View ArticleConfirmation of the FLAME Attack Vector
A couple of days ago I wrote a quick post on FLAME and how the developers of the malware had been very creative in their attack vector. At that time there was still a considerable amount of work being...
View ArticleFlame Malware: Beware - Some dangerously misguided conclusions can be...
In a Network World article posted yesterday, Marcus Carey, a researcher at Rapid7 is quoted as saying: “Flame is an impressive piece of work, but it doesn't appear to pose a threat to most corporate...
View ArticleFlame Malware: Microsoft closed their door, but YOUR door is still wide...
Microsoft takes security seriously. We know this because they apply a huge amount of resource to improving security in their products and systems. Additionally, it has been an area of focus of theirs...
View ArticleLets Get Ready to Rumble
There is an old adage from the British Army known as the ‘seven Ps', and it is frequently used in project planning or when training for life-or-death situations. ‘Proper planning and preparation...
View Article