Month: August 2021

  • Assessing the ‘War on Tech’: Huawei vs. U.S.

    Assessing the ‘War on Tech’: Huawei vs. U.S.

    [I wrote this with Curtis Kang who did a lot of work researching various aspects of this article and provided invaluable help. His research and written contributions made this article possible. It was originally intended to be published on RiskBasedSecurity.com in early 2020 but was passed over so I am publishing it here.] In 2019,…

  • Commentary on Trend Micro’s Linux Threat Report 2021

    On August 23, 2021, Trend Micro released a report titled “Linux Threat Report 2021 1H” by Magno Logan and Pawan Kinger. The report is based on Trend Micro’s Smart Protection Network (SPN) which they call “the data lake for all detections across all Trend Micro’s products“. Basically, every security product they make that detects vulnerabilities…

  • Sharks Are Scary but Worry About Mosquitoes

    Sharks Are Scary but Worry About Mosquitoes

    [This was originally published on RiskBasedSecurity.com and was included in the 2021 Mid Year Vulnerability QuickView Report.] It seems like every day that we hear about a new hack and read headlines that tell us that so-called advanced persistent threats (APT) are compromising major organizations. These APT and nation-state actors have incredible skill and seemingly…

  • Niki7a vs Magen – Charity Drive

    Niki7a vs Magen – Charity Drive

    Like the epic rumble in the jungle, after a quick offer to throw money to charity on behalf of their suffering, other generous souls jumped in to do the same. The result? Niki7a and Magen are now locked in a legendary contest to see who can wear their DEF CON 29 bracelet the longest. Whoever…

  • Reflections on “CVE Approach for Cloud Vulnerabilities”

    At Black Hat Briefings USA this week, Ami Luttwak and Shir Tamari called for a “CVE” style approach to documenting vulnerabilities that affect cloud offerings (note: I have not seen the talk). As one of two people (the other being Jake Kouns) that may have the longest history in this specific space, I wanted to…

  • August 2021 Reviews (F9: The Fast Saga, Those Who Wish Me Dead, Nobody, Big Sky)

    F9: The Fast Saga (2021) Medium: Movie (Multiple) Rating: 1 / 5 From zero to trash in 9 movies Reference(s): IMDB Listing || Trailer Four score and 87 Fast & Furious movies ago, we learned to suspend disbelief primarily by ignoring physics. The problem is that with each subsequent movie they have to ignore physics more. And logic.…