Archive for September, 2006

The Red Threat

From attacking our cyber information infrastructure,
People’s Liberation Army writings in recent years have called for the use of all means necessary, including -or particularly- information warfare, to support or advance their nation’s interests. [DoD’s efforts to stave off nation-state cyberattacks begin with China]
and spies stealing F-16 engines and other sensitive military tech,
On a hot […]

Farewell Tomcat, Hello JSF!

Alright, so the US Navy is marking this week as the end of line for the F-14 Tomcat. The Tomcat has been showing its age, becoming more expensive to maintain, and slowly being replaced by F/A-18 Super Hornets. As sad as it is to finally see the Tomcat go, the F-35 Lightning II (Joint Strike […]

PDF Backdoors

I’ve been following a discussion regarding backdooring PDF files on the full-disclosure mailing list originally posted by David Kierznowski and on eWeek. At his site, he discusses two techniques for exploiting Adobe Acrobat Reader and Professional. Within the POC pdf, there’s executable code that will launch a new browser window when opened. This is just […]

IAM Day 2

It’s been a couple days since I attended day two of the IAM training, but I’ve been a little busy taking that information and preparing for our class’ assessment of the school.
On day two, we went over modules 3 and 4 (available at the IATRP website, for those interested) and did an actual assessment of […]

Day 1 of NSA’s IAM

The IAM training has been going pretty well, even though it was just the first day. Today, the class went over the intital contact and pre-assessment phases. We defined the mission of our example organization (our customer) and identified points of contact within the company. Impact attributes (confidentiality, integrity, availability) were defined as well as […]