Simplifying Security – An Interview with SC Magazine

A recent video I filmed while on a press tour of the east coast – Dan Kaplan of Secure Computing Magazine was kind enough to interview me and ask me questions about why securing IT is so complex.

Categories: Security/Exploits

Decrypt Full Disk Encryption products for $299 – Well, it got cheaper at least

December 21, 2012 Leave a comment

Many people have contacted my team and I over the last few days about the recent announcement by ElcomSoft, that they offer a tool to decrypt Bitlocker, PGP and Truecrypt volumes.

This $299 tool is advertised as getting you access to this encrypted data quickly and easily…

Now, this may sound exciting, but as they say, there’s always a catch – you need a memory dump from the machine from when it was authenticated to use this tool – yes, no recovery if you find a cold machine. You have to get access to it while it’s on and the user has logged in, then, after they switch it off, you can recover the data..

Sounds familiar? Well it should, it’s exactly the same idea Passware.com released to the world back in 2010 – I even blogged about it then… Read more…

The Connected Home – Introducing the McAfee Little Red Box

November 6, 2012 1 comment

This will be old news to those of you who took the time to visit McAfee Focus 2012 , but for the rest – my team took the opportunity to introduce the concept of the McAfee “Little Red Box” in the Innovation roadshow.

It’s a prototype project that my team has been working on for some time now, and will go some way to answer the need to protect all the connected devices in your home. 

My house is the classic connected home – I have the usual assortment of PCs and laptops that build up over the years, some relegated to the role of photo frame, others scattered around for occasional browsing and email use. There’s also the odd real photo frame (wirelessly connected to a media server of course), and on that topic, numerous Playstations, XBoxs, and other gaming consoles that my family enjoy.

If that wasn’t enough IP connected equipment, you can add into the mix more than one of every Apple device made – iPads, iPhones, Apple TV’s, even an Apple Mini, oh and a few Samsung internet connected TV’s as well.

I often jest that I have an internet-toaster, but I don’t. My wife thought about buying an internet-fridge, but the fact it didn’t support wireless put her off.

I must be forgetting something, as my router DNS server regularly gets maxed out – oh yes, I have Sonos  throughout the house as well, and also a few Apple Airport Express wireless repeaters.

You don’t come to my place if you’re sensitive to EMF… Read more…

Speaking at Evanta CISO, Los Angeles on 14th May 2012

May 14, 2012  - Omni Los Angeles Hotel at California Plaza

Just a warning that I’ll be speaking at the CISO Summit on the 14th in LA – “Securing The Unsecurable” will be the topic. I look forward to seeing you there, and the usual rules apply – I’ll swap vanity short URLs on the http://mcaf.ee service for good jokes!

ISACA Orlando Event – thanks to those who attended…

The world’s leading audit conference for IT audit, security, governance and risk professionals

I just wanted to take a brief moment to thank all those who came and spoke to me after the ISACA presentation yesterday on “Securing The Unsecurable”. It’s great to hear that the direction I, McAfee, and our partner Accuvant are taking is indeed synergistic with our customers.

For those interesting, I uploaded a copy of the presentation to my companion site – CTOWild. You can find it under the title “2012-05 ISCAC.pdf” – You may be able to see it using this Direct Link.

Thanks again to the 100+ people who attended my session, and I hope you found it valuable and not too dull, even though I overran my time slot outrageously.

Simon.

Evil Twitter… Finding malware amongst the maelstrom..

December 16, 2011 Leave a comment

Would it surprise you to know that yesterday, more than 5000 tweets were posted with URLS which would have dropped you on sites which distribute malware?

It was only a small portion of the total number of tweets containing URLs, around 2.5 million or so, and there were an additional ~200,000 that went to sites about which McAfee was not too sure about the status (we are busy scanning them, as we do all sites which come to our attention where we don’t have a “reputation”). Still – there were 5000 tweets, guaranteed to get you in trouble.

You can guess perhaps, that for a while now McAfee, or rather my Innovation Team has been working on a project to generate some deep analytic evidence from the Twitter fire hose – We’re trying to answer the question “how do you apply the concept of reputation to a social media system?”  Knowing how cyber-criminals use Twitter to entice people to visit their sites is just the first step in the process. Read more…

Speaking at ASIS International Orlando, 20th September

September 14, 2011 Leave a comment

For those in the Orlando area, you’ll find me presenting at ASIS International on the 20th – I’m talking about mobile security and consumerization, a topic close to most IT leaders hearts.

If you’re going to be there, please say hello, and of course my standing offer of a vanity http://mcaf.ee url in exchange for a good joke still holds.

Follow

Get every new post delivered to your Inbox.

Join 175 other followers