October 31, 2008

Anthony Reyes Keynote at Summit Conference

Currently listening to Anthony Reyes keynote address at day 2 of the 2008 Information Security Summit in NE Ohio. The talk is really good with great content and is entertaining. He's a former New York City cop from the cybercrimes group and really hits home with the insider attack risks to the company.

He says companies do not do a good job of controlling the information about them and understanding the inside risks. He's recommending employers should manage what their employees say about the company in public such as on Internet postings. He explains that such Internet postings actually pose serious risks to company business. Say's it's everyones job to keep the company safe.

If you ever have a chance to hear Anthony talk I highly recommend you attend.

October 30, 2008

NEO Information Security Summit Underway

We are into the first day of the Information Security Summit and other than a couple technical glitches beyond our control (hotel Internet connection instability for a bit) things have been going great. There are alot of people here, our latest attendance numbers were around 335 - wow!

The talks so far have been good. Gareth Webley moderated the keynote panel with security leaders from around the region talking about best practices for managing risk. They covered topics such as setting up a risk management program, how to *talk* security with business leaders, how to sell security (or more appropriately risk management) to the business, and other topics. Great insight into how to talk with business leaders.

Other great sessions going on but no time to talk about them at the moment. Since I'm helping organize and run the event...I'm a little busy.

Updates later.

October 24, 2008

Domain Registration Mining Turns Up Republican Plans?

So I was doing some mining of recent domain name registrations and discovered some funny things. I was found some Sarah Palin domains but none of them appear to be hers. Now why in the world would a political figure on the national scene like her NOT register her domain name? Going to sarahpalin.com I see a FOR SALE sign.

I see other domains that aren't hers...

(all registered on 10/21-10/22/2008)

Are the republicans admitting defeat and preparing for the next election? Currently these domains appear to be parked with nothing on them about Palin. Maybe just opportunistic business person capitalizing on clicks. Turmac Corporation is who is listed as the registrant - dont know if they are working for her or domain squatter.

And then there's Joe the Plumber from Ohio. Oh look, a couple domains (all registered on 10/22/2008)...


Looking at these websites it appears that it isn't infamous Ohio plumber but rather someone else who says they aren't a plumber and will be voting democratic.

Lastly, are the democrats getting ahead of themselves?


No, just another squatter looking for click $$.

So the lesson for all you budding politicians out there: register your domain name. BTW, I have registered GREGFEEZEL.COM but have no interest in going into politics...at least not today. LOL

Malware Challenge

Know how to analyze malware either statically or live? You'll want to check out this cool contest that Tyler Hudak and I are holding...and the best thing: there's cool prizes you could win. We are giving away an iPod, free copy of IDA Pro, a IDA Pro book, a $25 Best Buy gift certificate, Greg Hoglund's Rootkits book, the great book The Art of Computer Virus Research and Defense, and more. Be sure to read the rules page for details.

You dont have to be an expert to try it out. So go on over to http://www.malwarechallenge.info/ but you have to hurray because we stop accepting submissions this Sunday October 26, 2008 at 23:59 EST!

We will be reviewing the submissions at the Information Security Summit being held in Independence Ohio on October 30th and 31st.

Let the blah blah blogging begin!

Welcome to my new blog! Well after much prodding by friends I finally took the plunge and started a blog - boy will the world be sorry. ha ha. ;-)

The origin of the name is from my daughter who describes what I do at work (and hobby) to people as "security blah blah." And since this blog will contain my thoughts on various topics, the name is appropriate. Hopefully you'll find some of the content interesting and maybe even entertaining.

So here goes nothing...blah blah...