@jerrybell @dreiann @FlyingLawyer @AlainODea @chuck @rysiek  @superruserr @jeff  Last week's panel on Emerging Threat went great. Thanks so much for your input on the matter. It really jump started my research. You could clearly tell who prepared in advance.  Thanks! 😀

I was hoping to be sitting by the riverwalk sipping a margarita by now but it looks like my flight will be delayed past midnight. #

Wow, just checked. My last PGP/GPG/SMIME encrypted email was sent in 2016 (I had to actually pull OFFLINE archives.) My last encrypted (non-email) message was sent 4 minutes ago....To my wife. Times have changed. :)

Anyone in Omaha?
Im at the Omaha Tech Summit today.

I thought the @Derbycon signup was at 7am CST...not 12pm CST.
Whoops!
Better I made this error than the other way around! :)

I know this is exchange (not exchange), but this will be interesting to watch...especially once the hammer drops in a month. They seem to have cherry-picked a few provisions from GDPR without going full omnibus privacy law. It strikes me that there might be some challenging technical issues with disclosing every bit of data you pick up with a cookie on someone else's site, e.g. how sure do you need to be of the identity? slate.com/technology/2018/04/t

@jerry @rainmaker 3 is legit problems, even for ICS. The controleng watering hole is buried in the Ukraine reports, and everything public about that is worth reading. When you look at what controleng does you could write FUD articles for days.

@rainmaker I think compromised Open Source dependencies (libraries, packages, etc.) will go from interesting infosec research to common attack vector. I think build system APTs will become more common and be a major source of this problem.

@rainmaker - Companies that hoard data. Those that focus on backups instead of data TTLs.

@rainmaker Vendors, and not just the ones that make little bullshit noise machines. Entire markets like Cyber Insurance have the enterprise shifting resources away from monitoring and remediation processes in favor of fallout shelters.

@rainmaker 1) worms and chained, automated exploits (ala nonpetya), 2) hardware vulnerabilities, 3) software supply chain

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.