John Casaretto
Latest from John Casaretto
Adobe Signing Certificate Hijacked, Company Will Revoke
Adobe released a statement from Brad Arkin, Sr. Director of Product Security and Privacy – that confirms a company build server was compromised and was allowing malicious utilities to be signed with their certificate. The recent discovery prompted a forensic discovery after which the signing infrastructure was immediately decommissioned. The company also states that the certificate in ...
Unleashing the Potential of Cloud Computing in Europe
The European Commission has launched a high-level strategy for cloud computing services. The announcement came in the form of a release “Unleashing the potential of cloud computing in Europe” Key actions of the strategy include: Cutting through the jungle of technical standards so that cloud users get interoperability, data portability and reversibility; necessary standards should be ...
Microsoft Tells Some Customers – Don’t Buy Office 2013 – w/ New Microsoft Office 365 Subscriptions
As Microsoft continues its rather public evolution, some recently announced pricing models for Microsoft Office 2013 and Office 365 are set to change the way people think about buying Office altogether. The new Office 365 offerings consist of a subscription-based model that offers cost options to users across the spectrum. The Office 365 service has ...
Kim Dotcom Reviving Megaupload as Copyright Case Could Be Crumbling
News has emerged that Kim Dotcom, notorious businessman and founder of MegaUpload.com, is reviving the service. Back in January the U.S. Department of Justice seized the domain names and sites over copyright infringement issues. According to reports, coding work for the new MegaUpload is nearly finished, servers have been ordered, and investors are lining up. ...
Mirage – The Global Cyber Espionage Campaign Tied to China
Dell’s SecureWorks Counter Threat Unit™ (CTU) research team is reporting that they have been tracking a cyber espionage campaign dating back to April 2012. The sophisticated ongoing campaign has ties to Chinese origin and has been found to be attacking a high-profile oil company in the Phillipines, a military organization in Taiwan, an energy company ...
Major Oracle Flaw Opens the Door to Database Crack
Researchers are reporting an Oracle authentication flaw that allows outside attackers and internal users the ability to brut-force crack passwords. Emerged over at Dark Reading, it is reported that the flaw would be demonstrated today at the Ekoparty security conference in Buenos Aires. Martinez Fayo and his team first reported the bugs to Oracle in ...
Splunk .conf2012 – SVP Schroeder on theCube
The energy around the .conf2012 Splunk conference has been a fascinating watch. In one of the segments viewable on the SiliconAngle channel, Guido Schroeder, the SVP of products for Splunk dropped in on theCube with Jeff Kelly and Jeff Frick to talk about the state of Splunk and what makes it the opportunity to the enterprise ...
State of the Cloud Security Report: Alert Logic
Alert Logic released their semiannual State of the Cloud Security Report today. Among the most significant outcome of the findings, was the discovery that on-premise IT infrastructure is more likely to be attacked, more often, and through a broader spectrum of attack vectors than cloud-based infrastructures. This finding counters commonly held security concerns about the ...