SOA/XML

Secure Use of Cloud Storage

At BlackHat Briefings USA 2010 in Las Vegas this year, I presented a session entitled “Secure Use of Cloud Storage,” covering ways that developers can use and misuse cloud storage systems like Microsoft’s Windows Azure Storage and Amazon’s Simple Storage Service (S3) and SimpleDB. While the released versions are available on the BlackHat official website, […]

attacks, mitigations, SOA/XML

BlackHat 2008, Day 2

The second day of BlackHat 2008 began with a keynote speech by Rod Beckstrom, the director of NCSC (the National Cyber Security Center.) Most of this consisted of painfully strained Civil War analogies and the overuse of the word “Cyber” to describe absolutely everything. He made some good points — specifically, that in order to […]

attacks, legal, mitigations, SOA/XML, trusted client

BlackHat 2008, Day 1

Today was the first day of this year’s BlackHat Briefings in Las Vegas. The biggest security conference of the year, it’s always an interesting place to be and often involves the release of new and previously unknown exploits. The keynote speaker was Ian Angell, of the London School of Economics, who was speaking, ostensibly, about […]

attacks, hardware, industry, mitigations, SOA/XML

SCADA Hacking Renders Vital Infrastructure Vulnerable

Forbes.com recently had an article called “America’s Hackable Backbone” regarding the recent surge in SCADA hacking. SCADA, Supervisory Control And Data Acquisition, is a truly ancient protocol, in use for over 20 years, which was not remotely designed with security in mind. At the time, SCADA was used only on dedicated networks that lacked any […]

hardware, risk, SOA/XML, terrorism