APT34 Tools Leak

4300 words, 17 minutes (full). 1500 words, 6 minutes (short). Leak Summary APT34 is an Advanced Persistent Threat group associated with the Islamic Republic of Iran. Its source code and tools were recently leaked via a Telegram channel. In addition to those tools, information was divulged about the group’s targets which included companies and governments in the United Arab Emirates, Kingdom of Saudi Arabia, China, Qatar, and Turkey among others. »

The Projectionist

750 words, 3 minutes. The reason I don’t post on Cyber Security current affairs? It’s a scramble to be first. If I’m to write something, what should it be? What’s my angle? Which lens do I use on the microscope, or since this is a mass medium, the projector? What film can I show you that you haven’t already seen a dozen times? I’ll attempt to answer these questions here, and in so doing introduce what may become a new thread of posts. »

Documenting Breaches With H Diagrams

1500 words, 6 minutes. “For the sake of brevity, we will always represent this number by the letter e” - Leonhard Euler, Mechanica. 1736. What if you could understand and explain any breach 10x faster? Security breaches are a staple of mainstream news. In the past, details only emerged through technical analysis, research papers, and the forensic review of press releases. Occasionally we’d be gifted with a customer letter or the suspicious timing of a patch or update. »

Attack Surface Reduction By Dynamic Compilation

1850 words, 7 minutes. …or, how the cave fish lost his eyes. This post follows directly from the last. In that post, we learned that everyone could do something to reduce their attack surface and decrease the likelihood of a breach. I’m going to show you what that winning system looks like when taken to its ultimate logical conclusion. The logic goes something like this: Software security flaws are commonplace. »

Winning Systems & Security Practitioners 7. Attack Surface Reduction

2000 words, 7 1⁄2 minutes. Attack Surface Reduction “Out of every hundred men, ten shouldn’t be there, eighty are just targets” Heraclitus 535 - 475 BC. My posts on Winning Systems for Cyber Security Practitioners are my most popular. In them, I attempt to change your perspective on the relative importance of products and skills in securing what’s precious to you. I make the case for using systems (in the broadest sense of the word) not goals. »