Bill Roth

Today, Symantec announced its latest discovery, Duqu. Quite ominously, it is being called the precursor to the next Stuxnet, an attack that is often considered the most complex of this decade. In fact, activity is still being linked to the Stuxnet team. So what kind of havoc is Duqu wreaking? According to the Symantec report, essentially the Duqu worm (called that because it creates files with the file name prefix “~DQ”) is logging keystrokes and using encryption assets from Taiwanese certificate authorities to encrypt and extract payloads. So far, only a few sites are known to be attacked the Duqu code. Still, certificate authorities are being encouraged to check their systems and inventory to confirm that they have not been compromised. What is alarming is just how similar Duqu is to Stuxnet. The infection model and just about everything else is the same—there is ... (more)

Say “Auf Wiedersehen!” to Data Privacy Concerns

The buzz around “big data” raises concerns about the privacy of the massive amounts of data collected. One of our customers, a telecom company in the U.S. uses our software to collect more than 60 billion messages per day from over 40 different devices. Where does this data go? How do companies ensure that personal information contained in these messages does not fall into the wrong hands? In Europe, these questions are of heightened importance. Germany and Switzerland (and soon the rest of the E.U.) legally require organizations to have strict data privacy modes on IT data they ... (more)

Cloud Computing: RSA Conference 2011: Cryptography Panel

In a nearly full conference hall, the Tuesday morning RSA 2011 keynotes included talks from EMC, VMWare and Symantec, and an all-star cryptography panel, where an impassioned plea was made for more openness from the National Security Agency.  The panel started by opening remarks by Ari Juels, Director of RSA Labs, who asked as a moderator. The main theme was the the history of the first modern cipher, the Data Encryption Standard, or DES. The back-story on this algorithm is that it was government standard, and was widely believed to have been modified to have a backdoor so that i... (more)

New Research: Guy Churchward on Security Management in a Virtual IT World

From our Friends at MGI Research: New Research Report: 20 Questions with LogLogic CEO Guy Churchward, focuses on the key issues that are shaping the market for IT security management tools. Guy is one of the more technically competent enterprise technology CEOs we have spoken to in recent history. He is also someone who keenly understands the holistic picture of what is needed to make a tech company successful in the current market. Guy's in-depth 20 Questions session with MGI's Managing Director, Igor Stenmark, focused on how the transition from physical to virtual, from in-h... (more)

The Future of Log Management and Smart Grid Technology

With the many log formats involved with Smart Grid, many energy companies are searching for a way to centralize the collection of logs, regardless of data format. A centralized log management tool, such as LogLogic, is seen to be an ideal way to collect and correlate security events and make responding to security events more efficient. “Down the road, we’re looking at instrumentation and monitoring of the various substations and the lines themselves, as well as home area networking with automated monitoring of major appliances, air conditioning, thermostat, etc.,” says an oper... (more)