Cybersecurity Framework in the US

The White House released a framework for the critical infrastructure regarding Cybersecurity. The interesting part is, that it is not based on a certification approach but on risk management. Definitely the right mindset as it allows companies to move away from compliance management to risk management. I am absolutely convinced that managing compliance has its…

Details

badBIOS Malware – a Hoax? I hope so…

On Friday arstechnica published a longer story on Meet “badBIOS,” the mysterious Mac and PC malware that jumps airgaps. The author talks about a virus/rootkit discovered by Dragos Ruiu, (organizer of CanSecWest and PacSec). The plot looks like a bad Hollywood movie. He describes strange behavior of machines that are completely new, setup from scratch,…

Details