<h1>Cloakware Staff</h1>

Cloakware Staff

Your Evil Twin and You

Your Evil Twin and You

Digital twins are rapidly gaining popularity for the design and management of complex systems. The rise in availability of modeling tools coupled with continuous streams of real time data from live processes have turned the use of digital twins into a must for the system owner and operator. But what is the twin in the hands of a potential hacker? Read Dave Belt’s new blog…

Security Baselining AWS Accounts

Security Baselining AWS Accounts

As someone who works with cloud solutions for a security company, I am very aware of the stories in various media about security breaches in cloud accounts. Usually these are along the lines of "Company X exposes millions of customer data records by storing them in a...

The perimeter is a lie (part 1)

The perimeter is a lie (part 1)

I recall in early 2000’s having a debate with a security expert about firewalls, at the time they were advocating the firewall model was fundamentally broken! Their argument was if any traffic could get through, in any direction, for any purpose, bad guys could figure out how to use it to exploit the system. I disagreed, believing the ‘new’ filtering technology would be able to stop them, I was wrong.

AVTest annual malware report

AVTest annual malware report

AVTest.org produced their annual malware report recently and it’s interesting reading. It charts of picture of an active battle between attackers trying to make money and defenders who are fighting to keep up. The headlines of the report show malware authors are moving away from just targeting Windows PC’s and intro Macs, Linux (often in iOT) and Android.

Now you can trust the browser!

Now you can trust the browser!

In May Tim Charman and Ben Gidley presented a talk at CodeMotion in Amsterdam showing how you can use obfuscation, whitebox and integrity verification to secure communications from the browser even in the case of a man in the middle attack.

Manifesto for Cyber Security

Manifesto for Cyber Security

The recent ransomware attacks have focused lots of minds on cyber security, however many of the solutions being proposed are little more than sticking plasters to the larger underlying issue – namely systems are not secure by default. The ‘trend’ in software has been to launch it, then fix it. This is a very attractive proposition for businesses, as it lets them discover the ideas that work and don’t work, and then iteratively improve them. Most of the gadgets we use in our lives today would not exist without this mentality. However, the dark side of this approach is that almost all software is not secure. The evidence shows that pretty much every system deployed has security flaws. The only question is who finds the flaws first – bad people or good people.