Author Archives: Marc Handelman

Infosecurity.US: Alejandro Hernandez’s Exposing Security Weakness in Stock Trading Tech

 via the   White Paper   mentioned herein.

via the White Paper mentioned herein.

Superlative security research is still coming out of the IOActive game-changing environment (this has been going on for years now - how do they do it...).

Case in Point: The work of Alejandro Hernandez and his current project targeting the apparent insecurity of some (but not all, mind you) stock trading applications so popular amongst the budding young (and old - don't forget the greybeards) kings and queens of capitalism.

In the case under scrutiny, a highly detailed - most importantly: thoroughly accurate - examination of a large number of commercially available applications executing their binary bits on a variety of platforms. Read all about it on Mr. Hernandez's blog post at Iocactive, and white paper. You'll be glad you did.



Infosecurity.US: Internetworking WMD

via Anthony Rutkowski, writing at CircleID, comes this tremendous piece on the conveyance as a weapon, entitled 'Internet as Non-Kinetic WMD'. Today's Must Read.

"What is amazing about all of these contemporary developments is that the DARPA Director who originally approved the development of its internet initiative in the 1970s, Steve Lukasik, has been warning of the dangers of an open internet since it found its way into the public infrastructure in the 1990s. He pulled together an initial expert team in the mid-90s supported by NSA, and spent the next decade hosting extraordinary Red Team specialists and producing innumerable DOD reports on the multiple weaponizations of the open internet for kinetic attacks. " - via Anthony Rutkowski, at CircleID, in his thought provoking article: 'Internet as Non-Kinetic WMD


Infosecurity.US: US National Counterintelligence and Security Center Releases 2018 Foreign Economic Espionage in Cyberspace Report

cover copy.png

National Counterintelligence and Security Center has released the Center's 2018 espionage report detailing foreign spying within the confines of 'cyberspace'. Both present and a modicum of future possibilities are covered. Enjoy!


Infosecurity.US: Bye-Bye, DNA – Hello GSK (and others)

via The Outline's author, Paris Martineau, comes this tale of opt-in/opt-out, GlaxoSmithKline 23andMe. and of course, The Goods - , your DNA. Of which, results in a nagging question: Why would I (or you for that matter), agree to hand over my uniquely identifying DNA data to a commercial enterprise (that only answers to it's shareholders, and only has it's best interests in mind) to use as they see fit? Oh, and a couple of other questions: Do you trust a big-pharma corporation with your own personal Map of Life? What about the future use of that data, once it's in the slipstream of artificially intelligent genetic-testing-reliant health insurance companies? Food for Thought or just Paranoia? You be the judge; after all, it's your DNA, right?

"In short, most — if not all — of the information 23andMe has on its users has probably been shared with someone that isn’t 23andMe itself, and money might have even changed hands. Which is all perfectly within the company’s rights to do, since they agreed to it (probably blindly) when they signed up." - via The Outline author Paris Martineau in the well crafted post 'How To Sign Away The Rights To Your DNA'