20 Jan 2018

What did Cybersecurity and Cyberwar look like in 1999?

Think all these news stories you are reading about cybersecurity, cyberwar, and cyberconflict are breaking new ground? It is worth taking a read through the several hundred entries meticulously compiled in Mich Kabay’s 1999 Infosec Year in Review which I recently found on an old drive while searching for other

Read More
05 Jan 2018

The Two AI Books Chinese President Xi Jinping is Reading

China’s president Xi Jinping further signaled his interest in having China emerge as a dominant artificial intelligence power with the placement of two AI books on his bookshelf during his New Year’s Eve address to the nation. The two books featured on the president’s bookshelf were The Master Algorithm by Pedro

Read More
08 Dec 2017

Best Security, Business, and Technology Books of 2017

In looking at advances in technology over the past year, I’m reminded of the Lenin quote “There are decades where nothing happens; and there are weeks where decades happen.” It seems that to make the most sense of the top security and business trends you need to have a keen

Read More
21 Feb 2017

The 2017 Red Teamer’s Bookshelf

“It’s been a couple of months since we first announced that Red Team Journal, Redteams.net, and OODALoop would be compiling the latest ‘Red Teamer’s Bookshelf’ jointly. For those of you who’ve been waiting, the list is finally here. It’s larger than previous years, so we’ve organized the titles by category

Read More
07 Feb 2017

Our Science Fiction Cyber Future

“The cybersecurity industry is currently enamored with concepts of autonomous defense, including elements of machine learning, behavioral analytics, and artificial intelligence—and rightly so. Programed to be able to study all vulnerabilities in the public domain, autonomous bots (autbots)—not to be confused with bots simply conducting repetitive tasks like guessing default

Read More
07 Dec 2016

Best Security, Business, and Technology Books of 2016

Dozens of times per year, I get asked to recommend my favorite books so I couldn’t say no when the OODA Loop team asked me to build on Mark Mateski’s popular Red Teaming book list by providing my top 10 books for 2016. I have very eclectic interests, so I’ve

Read More
07 Jun 2016

The Ultimate Targeted Attack: Malvertisments

I’ve been in evil genius mode with Lou a few times on this. The advertising networks provide a tremendous amount of granularity that can be used for very focused attacks. For network defenders, they can also be very useful for attribution operations as well.

Read More
22 Oct 2015

10 Red Teaming Lessons Learned Over 20 Years

I’ve been a red teamer for twenty years now, perhaps even longer, but I didn’t know what to call it until 1995 when I started working with the Department of Defense. I’ve also been fortunate to participate in or lead hundreds of red teams within many divergent disciplines ranging from

Read More
19 Feb 2015

Every Cyber Attacker is an Insider

I recently witnessed the CIO of a publicly traded company dismissing the results of a successful red team to the Board of Directors by stating that the “the test wasn’t realistic as the red team had insider access.” The “insider” access in this instance was a network connection with no

Read More
12 Dec 2014

Terrorism Reference CDROM

This CDROM was created as an academic research resource for those with an interest in terrorism and counterterrorism issues. This edition was developed in collaboration with the American Society for Industrial Security’s (ASIS) National Capital Region for exclusive distribution to the attendees of the 2002 Countering Terrorism Seminar on June

Read More