MT @samj Post Mortem: Apparent Google Apps/Gmail Vulnerability. CloudFlare blog << Good write-up.

RT @27bslash6: "I don't know what you people do in your own country but in America we don't touch other peoples stuff":

RT @dugsong: e.g. mjr's rumors of Mossad backdoors in Check Point: tl's reversed FWN1, FWA1 auth protocols: https:/ ...

RT @nytimes: Graphic: How a secret cyberwar program against Iran worked

RT @RidT: Obama Ordered #Stuxnet, Sped Up Wave of Cyberattacks Against Iran

Flamer - I Can Haz Propaganda << Best. Analysis. Of Flame(r). Evar!!1!!11 #bloatware

Chapter 1. MAIN CLAUSES

Article 1. Subject and aim of the Convention
The subject that this Convention seeks to regulate is the activity of governments to ensure international information security.
The aim of this Convention is to act against the use of information and communication technology to violate international peace and security, as well as to set up measures ensuring that the activity of governments in the information space will:

1) further general social and economic development;

2) be carried out in such a way as to be compatible with efforts to support international peace and security;

3) correspond to generally accepted principles and norms of international law, including principles of peacefully regulating conflicts and disagreements, abstaining from the use of force, not interfering in internal issues, and respecting fundamental human rights and freedoms;

4) be compatible with the right of each individual to seek, receive, and distribute information and ideas, as is affirmed in UN documents, while keeping in mind that this right may be restricted through legislation to protect the national and social security of each State, as well as to prevent the wrongful use of and unsanctioned interference in information resources;

5) guarantee the free exchange of technology and information, while maintaining respect for the sovereignty of States and their existing political, historical, and cultural specificities.

The Future Role of Internal Audit in Enterprise Risk Management

Yes, #risk geeking it again.

MT @adschina: “security requires international cooperation” Ma Xiaotian
<< ‘Sovereignty’ card invoked.

MT @jeffreycarr: Flame, Russia and the ITU: A Geopolitical Agenda? << Addressing the elephant in the room.

Basic Instructions: How to Collaborate - looks a bit too familiar. Need stronger coffee now.

Next time someone rants at me about PHP and ===, I'm just going to respond with this piece of JavaScript:

RT @adschina: 'Asean must tackle cyber security threat' << Telling that South China Sea issues took 2nd place.

RT @adschina: Chip backdoor inserted by U.S. firm, not China

RT @joncallas: iOS Security Guide out from Apple: Contains high level description of many iOS things.

RT @Aelkus: ..of other military capabilities rather than standalone strategic weapon.

RT @BHDicaire: #Risk assessment the key to budgeting #security resources #InfoSec << Needs "Informed" prefix.

RT @Telegraph: China and Russia reaffirm support for #Syria despite #Houla massacre

@caseyjohnellis @krypt3ia Just put this on and relax. For a certain definition of “relax”:

RT @vmyths: The last word on #Flame. I’m glad THAT’s over with! << Phew, that was close.

“Kaspersky first spotted the #flame virus in 2010” ... And didn't report it until now? Why, @e_kaspersky?

RT @jeffreycarr: Via @nprnews: 'Flame' Malware Designed For Spying, Not 'Cyber War' < my interview on All Things ...

Why finance industry must constantly automate to keep up: And why IT gains don't translate to lower costs.

MT @jackmcd83 Conspiracy theorists of 'domestic drones' would be better off worrying about these: << Pet rock 2.0!

Chinese general calls for international cyber space rules (via @adschina) << No prize for guessing the tenor.

RT @ErrataRob: This story of Chinese hackers backdoor military chips is bogus, of course << Yes indeed.

Good read: #Cyberwar: A New ‘Absolute Weapon’?
Decent summary:

Howard Schmidt at CERIAS on #cyber issues: “What we need is coordination, not another branch of government.”

RT @mikko: CrySyS has published their report on Skywiper / Flamer but their site seems overloaded.

RT @AlecMuffett: : When Security Geeks Get Snarky << What else to expect from @tqbf

Alleged Chinese-planted backdoor:
In perspective: #cyberwar H/T @AlecMuffett

Alleged Chinese-planted backdoor:
In perspective: #cyberwar H/T @AlecMuffett

RT @gcluley: Flamer worm – Iran claims to discover new Stuxnet-like malware << Stars vaporware 2.0

RT @yo9fah: Stand-alone #malware removal tools - #ESET Knowledgebase << May come handy shortly.

RT @AlecMuffett: : If you want to follow the #Cambridge #FPGAbackdoor story hype the most effective search is ...

MT @Glebe2037: The Dark Side of the Moon - The 8-bit Album << Background music for strategy work.

What Is the Role of Lawyers in Cyberwarfare? - ABA Journal << Finally read this. Much recommended.

RT @alexhutton: << I LOL’d. You evil, evil man. :-)

[SuggestedReading] PowerSploit - A PowerShell Post-Exploitation Framework

RT @klightowler: Former Lloyds online security head charged with £2.46m fraud
<< Opportunity+knowledge=danger.

Description:
The world has been infiltrated with hackers who are out to steal your personal data if they can get their hands on it. The agents are well armed with forensic investigation techniques and sworn to catch these cyberpunks.

Will you get away clean or catch the hacker by ridding yourself of all of your cards before every other player.

RT @seanlawson: IMPORTANT: #Propaganda firm owner ran smear campaign against USA TODAY journalists #cyber #PSYOP

22 years of web browsers: I still remember first time I used NCSA Mosaic. And arrival of Netscape 0.9.

RT @RidT: New INSS study on "Cyber Warfare" [pdf] // Unfortunately the study doesn't look too impressive at first g ...

The APT Deception « The Day Before Zero << What I always wanted to say but never had the time. #cyberwar

US "hacked" Yemeni AQAP sites by ... buying ad space. Don't people read past headlines? #cyberwar

MT @Aelkus: Setting the Record Straight on Eradication in Helmand << Motions w/out thought. Unsurprising.

MT @selil: Info assurance and security : cyberwar :: muskets : sharks with lasers << Must read.

“Prisoners of cyber war: Employing captured pre-breach intelligence to turn the tide” << Interesting premise.

RT @AlecMuffett: : Chainmail Socks for #Barefoot Running. Yes, really. Eat your heart out #Vibram << Shiny!

RT @cyberguerre: 5 things the #Pentagon isn't telling us about the Chinese military << "Why" more important than "what"

RT @gusworldau: Ouch! Telstra just lost 35,000 customer passwords in a hacking attack. << Oops.

Finally found the "Rapid APT Id Service" site again: - Love their cool #APT group graphs :) Blog:

Finally found the "Rapid APT Id Service" site again: - Love their cool #APT group graphs :) Blog:

RT @jackmcd83 The UK's position in the coming Israel/Iran war over @KingsofWar << Video:

RT @jackmcd83 The UK's position in the coming Israel/Iran war over @KingsofWar << Video:

RT @alexhutton: So the #APT is low risk? << But... but... but APT!!!

MT @selil: Kaspersky resorts to scaremongering over iOS antivirus ban << Careful with that axe, Eugene.

RT @e_kaspersky: Kaspersky teams up with UN ITU for ITU Telecom World 2012 <- expect some *really* interesting p ...

RT @mrkoot: Notes on Electromagnetic Pulse (EMP) in US, UK, NL (May 22) /c @ncsc_nl @defensie @krypt3ia @packetknif ...

RT @caseyjohnellis: RT @eevblog: Ikea's Large Hadron Collider: << Priceless.

Patriot Hackers, Cyber Vigilantes, and Shot Placement

(via Instapaper)

RT @rybolov: > @Akamai: What you need to know about BEAST << I'm secure, I use SSLv1 ;-)

Also see and , all by @mountainrunner

Also see and , all by @mountainrunner

Not a public diplomacy fan, but most of the "Smith Mundt Repeal = Propaganda" folks are not familiar with its history:

RT @DRMcCarthy1: Unmanned and Dangerous - By Louise Arbour | @FP_Magazine : Nice addition to legal/moral debate on ...

MT @metalabasia: US hopeful China will recognise its cyber war rules << Right after recognizing Taiwan's sovereignty.

India signing the Budapest Convention on #cybercrime is a good, big, news.

US report on China shows Cold War mentality << China's mild response certainly has greater effect than in the past.

U.S. Rethinks Secrecy on Drone Program - (via Instapaper)

RT @mikko: Sensepost has gone and reverse engineered some key parts of the RSA SecureID software:
Hat tip to @Tom

I think now most people are starting to realize that Jester is another DoSer that’s getting too much attention, and Jester likes getting attention, I think he enjoys getting attention. I think that’s why he’s taking credit for things he didn’t do. And put online dramas, so people will know about him. After all what has he done apart from doing DoS attacks? He’s like a thug surrounded by trolls that support him, without his fans he’s just no body.