Posts by Peter DiToro
Emphasizing Security Best Practices; the Rise and Fall of Diginotar
Between June 2011 and the end of the year, Diginotar, a Dutch Certificate Authority and wholly owned subsidiary of Vasco Data Security International, fell from a rising Euro tech star to a government takeover and subsequent bankruptcy. Diginotar had the wind in its sails; a deep-pocketed American parent, the full trust and patronage of the…Read More
Targeting the Extended Supply Chain – a Brief Review of Stuxnet
In November, 2010 Iranian president Mahmoud Ahmadinejad announced that a “cyber weapon” had been deployed against the Natanz nuclear laboratory. Indeed, some infosec pundits subsequently referred to the attack, called “Stuxnet”, as the first true cyber weapon to be used in anger. While that may be debatable, what is not in question is the design,…Read More
RPKI – The most important Internet security component you never heard of.
What do AWS, Radware, Nintendo, Google, and Facebook all have in common (other than being some of the smartest actors in internet commerce)? Over the past 18 months, they have all been impacted by outages traceable to the Border Gateway Protocol (BGP). The BGP was designed in 1994, literally on a napkin, to route data…Read More