Saturday, June 25, 2011

each day better than the next

So it continues to be an interesting time in the infosec world.  Just off the top of my head, the last several months have seen Stuxnet, RSA SecureID being breached, account credentials compromised at Citibank and Google/Gmail, a CA compromised, and lots of activity from Anonymous and Lulzsec.   Dropbox security was broken for a time, and there is all too plentiful evidence that people deploying solutions on Amazon Web Services are leaving gaping security holes.

Some attacks show alarming sophistication and are extremely targeted.   Others exploit well-known attack vectors that could have been closed had reasonable security practices been followed.

In any event, lots of work remains.   Where to start....

No comments: