Author: Matthew Rosenquist

Posted on

Falsely Vilifying Cryptocurrency in the Name of Cybersecurity

Falsely Vilifying Cryptocurrency in the Name of Cybersecurity
by Matthew Rosenquist on 02-02-2021 at 6:00 am
Categories: Security
12 Comments

Falsely Vilifying Cryptocurrency in the Name of Cybersecurity

I get frustrated by shortsighted perceptions, which are misleading and dangerous is far easier to vilify something people don’t fully understand.

Here is another article, titled Bitcoin is Aiding the Ransomware Industry, published by Coindesk, implying cryptocurrency is the cause of digital crime.

This is one of many such… Read More

Posted on

Intel’s Secret Key to Decrypt Microcode Patches is Exposed

Intel’s Secret Key to Decrypt Microcode Patches is Exposed
by Matthew Rosenquist on 11-07-2020 at 8:00 am
Categories: Intel, Security

Intels Secret Key to Decrypt Microcode Patches is Exposed

A group of security vulnerability researchers, after many months of work, were able to figure out the update process and secret key used to decrypt Intel microcode updates for the Goldmont architecture product lines.

This is an important finding as it peels back yet another layer of the onion that protects the core CPU from malicious

Read More
Posted on

We Don’t Want IoT Cybersecurity Regulations

We Don’t Want IoT Cybersecurity Regulations
by Matthew Rosenquist on 10-14-2020 at 6:00 am
Categories: IoT, Security
3 Comments

We Dont Want IoT Cybersecurity Regulations

It simply makes no sense to call for IoT devices to be certified safe-and-secure. Before you get bent out of shape, hear me out.

Regulations are unwieldy blunt instruments, best left as a last resort. Cybersecurity regulations are not nimble, tend to be outdated the day they are instituted, and become a lowest-common-threshold… Read More

Posted on

Painful IoT Security Lessons Highlighted by a Digital Padlock

Painful IoT Security Lessons Highlighted by a Digital Padlock
by Matthew Rosenquist on 10-04-2020 at 10:00 am
Categories: IoT, Security

Painful IoT Security Lessons Highlighted by a Digital Padlock

The first warning sign was “hackproof” in the 360Lock marketing materials. As it turns out, with no surprise to any security professional, the NFC and Bluetooth enabled padlock proved to be anything but secure.

Straightforward penetration testing revealed horrible logical and physical security for a padlock that promotes… Read More

Posted on

The 10 Worst Cybersecurity Strategies

The 10 Worst Cybersecurity Strategies
by Matthew Rosenquist on 07-26-2020 at 8:00 am
Categories: Security

The 10 Worst Cybersecurity Strategies

Counting down to the absolutely worst cybersecurity strategies. Sadly, these are all prevalent in the industry. Many organizations have failed spectacularly simply because they chose to follow a long-term path that leads to disaster. You know who you are…

Let’s count them down.

10. Cyber-Insurance

No need for security, … Read More

Posted on

Will AI Rescue the World from the Impending Doom of Cyber-Attacks or be the Cause

Will AI Rescue the World from the Impending Doom of Cyber-Attacks or be the Cause
by Matthew Rosenquist on 07-12-2020 at 6:00 am
Categories: AI, Security

Will AI rescue the world from the impending doom of cyber attacks or be the cause

There has been a good deal of publicized chatter about impending cyber attacks at an unprecedented scale and how Artificial Intelligence (AI) could help stop them. Not surprisingly much of the discussion is led by AI vendors in the cybersecurity space. Although they have a vested interest in raising an alarm, they do have a … Read More

Posted on

Teaching AI to be Evil with Unethical Data

Teaching AI to be Evil with Unethical Data
by Matthew Rosenquist on 07-05-2020 at 2:00 pm
Categories: AI, Security
1 Comment

Teaching AI to be Evil with Unethical Data

An Artificial Intelligence (AI) system is only as good as its training. For AI Machine Learning (ML) and Deep Learning (DL) frameworks, the training data sets are a crucial element that defines how the system will operate. Feed it skewed or biased information and it will create a flawed inference engine.

MIT recently removed Read More

Posted on

Killer Drones to be Available on the Global Arms Markets

Killer Drones to be Available on the Global Arms Markets
by Matthew Rosenquist on 07-01-2020 at 10:00 am
Categories: Security
13 Comments

Killer Drones to be Available on the Global Arms Markets

Turkey may be the first customer for the Kargu series of weaponized suicide drones specifically developed for military use.  These semi-autonomous devices have been in development since 2017 and will eventually be upgraded to operate collectively as an autonomous swarm to conduct mass synchronized attacks.

This situation… Read More

Posted on

Intel Designs Chips to Protect from ROP Attacks

Intel Designs Chips to Protect from ROP Attacks
by Matthew Rosenquist on 06-28-2020 at 10:00 am
Categories: Intel, Security

Intel Designs Chips to Protect from ROP Attacks

Intel comes late to the game but will be delivering an embedded defense for Return Oriented Programming (ROP) types of cyber hacks. I first blogged about this back in Sept of 2016. Yes, almost four years have passed and I had hoped it would see the light of day much earlier.

The feature, to debut in the Tiger Lake microarchitecture… Read More

Posted on

Misunderstanding the Economic Factors of Cybercrime

Misunderstanding the Economic Factors of Cybercrime
by Matthew Rosenquist on 05-31-2020 at 6:00 am
Categories: Security
1 Comment

Misunderstanding the Economic Factors of Cybercrime

A new study by Cambridge Cybercrime Centre titled Cybercrime is (often) boring: maintaining the infrastructure of cybercrime economies concludes that cybercrime is boring and recommends authorities change their strategy to highlight the tedium in order to dissuade the growth of cybercrime.

Warning: Full-blown rant ahead,Read More