Author: Michael Starks

The Curious Case of Annie Myous: Part II

In one of my recent posts, I described how I was contacted by a young lady on Google Plus, and how I was having trouble tracking down the scam. Well, now that I know for sure it’s a scammer, rather

Posted in Computer Crime, Dialogue, Social Engineering

Are You Secure? Ten Signs That Your Security Program is Doing Pretty Well

Security is a process. It’s an evolving process that when mature, has certain qualities about it. Here are ten signs that your security program is at a decent point of maturity. A new critical security advisory is released and you

Posted in Dialogue, Incident Response, Secure Administration, Secure Design, Standards, Systems Hardening

The Curious Case of Annie Myous

I recently received a Google Plus request from someone I didn’t know. We’ll call her Annie for now. I usually dismiss these out of hand. They are commonly spam of two types: someone using a sexy pic of a young

Posted in Privacy, Social Engineering

The OpenSSL Heartbeat Vulnerability: Forgotten Attack Vectors

The web is abuzz with reports of the OpenSSL Heartbeat vulnerability. It’s not an understatement to say that this is the most serious vulnerability to come along in several years. There are many good write-ups about it and I don’t

Posted in Encryption, Incident Response, Risk Management, Vulnerabilities

Changes with OSSEC

After many years, I have decided to step down from the OSSEC core team. It was not a decision I made lightly, but due to some recent changes in the project, I felt I would be more useful as a

Posted in Intrusion Detection Tagged with:

With Your Finger on the Trigger…

It was a pretty ordinary day. I think I was doing a review of our firewall ruleset–a decidedly monotonous but necessary task. Then in came an alert that McAfee had deleted a file on one of our workstations. That doesn’t

Posted in Incident Response, Intrusion Detection

Malicious Data From Trusted Companies

Last night, I received one of the typical malicious “you have a package waiting” spams to an email address that I have only used at one place–in this case DynDNS.com. It included a link inviting me to print a shipping

Posted in Incident Response, Risk Management Tagged with:

OSSEC CON 2013

Please join me at the second annual OSSEC conference, OSSEC CON 2013. I have the pleasure of joining Scott Shin, CTO of AtomicCorp, and Santiago Gonzalez, Director of Professional Services at AlienVault, in presenting. Time is running out to register, so make sure

Posted in Intrusion Detection, Log Analysis Tagged with:

Voting Without Photo ID

I successfully voted for President of the United States tonight without showing a photo ID. Perhaps some background is in order… Last year, Texas passed a law that required voters to present photo ID to vote. A federal court later

Posted in Personal Liberty

Developing a Java Management Strategy

I considered many ways to title this blog post: The Scourge That is Java; Die, Java, Die!; or, perhaps Java, it’s time we had a talk. As a security guy, Java has been my nemesis. It has been far more

Posted in Risk Management, Secure Design, Systems Hardening, Vulnerabilities