jump to navigation

Porn, Steganography & Al Qaeda = Bad News May 2, 2012

Posted by Chris Mark in InfoSec & Privacy, Risk & Risk Management, terrorism.
Tags: , , , , , , ,
add a comment

“Believe half of what you see and nothing that you hear”…Benjamin Franklin

Recently it was disclosed that German cryptographers had managed to decipher plans taken from an Al Qaeda operator who had a memory card confiscated.  According to the story: “On May 16 last year, a 22-year-old Austrian named Maqsood Lodin was being questioned by police in Berlin. He had recently returned from Pakistan via Budapest, Hungary, and then traveled overland to Germany. His interrogators were surprised to find that hidden in his underpants were a digital storage device and memory cards.  Buried inside them was a pornographic video called “Kick Ass” — and a file marked “Sexy Tanja.” “  As stated on Gary Kessler’s website: (more…)

“Lipstick and Eyeshadow on a Pig” + “Nail Polish” April 21, 2012

Posted by Chris Mark in Industry News.
Tags: , , , , , , , ,
1 comment so far

Since I am heading to the Piracy event in Hamburg, Germany this week and (here is a plug…will be speaking on Cybersecurity), I thought it appropriate to re-post this particular post with some added commentary. You can read the previous posts on vetting armed security here.  I have added four techniques used by companies to project a skewed image.  I call them: “Sitting With Cool Kids” ; “Wining and Dining”; “Bravado Impresario”; and “Rambo-ing a Client”.

This is a bit off topic but I think it is interesting.   In a previous life I used to manage number of competitive intelligence projects for clients. It is field I find fascinating and very interesting and I put quite a bit of time into learning about CI and it’s application.  Today I was reminded of a CI signal and thought I would pass on.  When I was a younger man I liked to race my motorcycle around the streets and highways of Texas.  I remember my friend told me once: “Never race a car or bike that has a primer paint job.”  I asked why and he said: “Because they don’t care about looks and they put all their money into motor.”  It makes perfect sense in street racing and in business.  One of the trends that I look for is companies suddenly “painting their car” or announcing that they are about to “paint their car” for no real reason.  While companies should always be focused on improving their marketability, often a radical change like a total re-branding or a shiny new website suggests something more sinister.   Often these changes are calculated to occur at an opportune time like right before a major industry event.   (more…)

Chris Mark Speaking in London- “Hactivists, CyberSpies, & Thieves: Risk & Data Centric Security” April 18, 2012

Posted by Chris Mark in Industry News, InfoSec & Privacy, Risk & Risk Management.
Tags: , , , , , , ,
add a comment

On June  19th, Chris Mark (that is me;) will be hosting a workshop at the CISO Intelligence Forum: Energy in London, England.  My particular workshop will be titled: “How to select a security vendor”Not really..that was a bad joke 😉 (security geeks get it).  The 1/2 day workshop will be titled: “Hactivists, CyberSpies, and Data Thieves: A Discussion of Risk & Data Centric Approaches to Security”.  You can download the brochure here.  While my own workshop is sure to be the most well attended (another bad joke), I do have to give some props to the other speakers.  This event has some top shelf talent shelf talent speaking including speakers from the PCI SSC, Lanco, SOCA, and Northrup Grumman, among others.  If you are looking for solid information on data security in the energy segment, this is the place to be.

Chris Speaking at Piracy Week Hamburg- April 23-26, 2012 April 17, 2012

Posted by Chris Mark in Industry News, InfoSec & Privacy, Piracy & Maritime Security.
Tags: , , , , ,
2 comments

I am off to Hamburg, Germany next week to speak at the 11th Annual Combating Piracy event sponsored by Hanson Wade.  If you are in Germany, come by.  Hanson Wade puts on some great events.  I am speaking for Guardian Maritime Security on the topic of CyberSecurity in the Maritime Industry.  Last year I spoke on deterrence theory and the Value of armed guards in the protection of vessels.   Protection Vessels International (PVI) will be giving an update on the Evolving and Complex Tactics of Pirates.

As usual, some company will speak on “selecting a security vendor” in an attempt to win business.  I would think for 4K Euros people would expect to hear more than a sales pitch from a struggling company…but…I digress.

I am actually excited about attending to catch up with some friends, talk to new clients and most importantly…eat at Subway. That’s right..there is a Subway sandwich store in Hamburg, Germany!  Many people are unaware that Marine Corps Snipers and Subway have a long history together.

I may be taking a short hiatus while in Germany but will get back to writing as soon as I return.

Another Total Security Failure!?- 750K Socials Stolen in Utah April 10, 2012

Posted by Chris Mark in Industry News, InfoSec & Privacy.
Tags: , , , , , , ,
add a comment

(RANT ALERT) While everyone is fighting over who gets to eviscerate Global Payments in the press today, a major breach of sensitive data goes unnoticed.  For the record…Credit Card theft is NOT identity theft.  Steal my credit card every day of the week…I have zero liability. Do NOT steal my social or passport or drivers license. We seem to be focused on the wrong data at times. I live in Utah and am pretty sure my wife, and my own 2 year old son’s Social was included in this breach.

Today on Foxnews.com a story was posted about how hackers stole “hundreds of thousands of social security numbers” from the Utah Health Department.  Well…this is not entirely accurate.  The data thieves did steal the Socials but they also stole medical information and other personal information such as names, addresses etc.  The total number of records is nearing 900,000.  Here is my beef…according to  the story: (more…)