My Writing

• Social Engineering Asymmetry of Data Value, Social Engineering, and What To Do
  Information perceived as valueless won't be protected—but its value to attackers differs from value to the organization. Knowing AV product names helps tune malware; knowing application versions...
• Malware Detailed PDF Malware Threat Report from Symantec
• Privacy Security Possibilities for Continuous Wearable Video Capture
  Wearable video devices like Looxcie ($199) enable continuous capture with security applications: witnessing crimes, recording physical security walkthroughs during pen tests, documenting incident...
• Risk Management Protecting Corporate Data in the Age of Consumerization
  Employees demand consumer devices and services at work—younger employees won't use last year's tech or carry second laptops. They'll circumvent rules or leave for trendier companies. Security must...
• Communication Learning How to Influence - Tips for Security Professionals
  Security professionals often need to influence colleagues without formal power to affect changes. Success requires not just message content but presentation. Key books on influence include Cialdini's...
• Malware Malware That Modifies the Routing Table on Infected Hosts
  Beyond modifying hosts files to block access to security domains, malware can modify the routing table on infected hosts after receiving null-routing instructions through HTTP-based C&C channels....