Who am I and why should you care?

Well, if you are reading this page you were looking for me, referred to this page, or bored.

I am a professional geek that offers a variety of consulting services with a focus on network and information security. As you can tell by my choice of web page that web design is not an area that I offer as a service. A majority of my consulting engagements are helping clients meet compliance requirements (primarily PCI DSS) and creating remediation plans. I have served as an E-Discovery consultant and worked with numerous local and federal agencies. I also provided some of the first detections of Conflicker B / Downadup B (yeah, lucky me right?).

On these pages you will find random rants, notes to myself, and maybe the occasional useful nugget of information. If you find something that is useful please feel free to bookmark or tweet accordingly.

Thanks,

Eric


SANS Consolidated Security News

  1. CVE-2011-4041 (Natl. Vulnerability Database)
  2. Data breach? Blame your third party's remote access systems (NetworkWorld Security)
  3. Trustwave issued a man-in-the-middle certificate (Heise Security News)
  4. Avast! Mobile Security (The Register)
  5. Bugtraq: security bulletin HPSBMU02736 SSRT100699 rev.2 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information (SecurityFocus Vulnerabilities)
  6. ISC Feature of the Week: Security Dashboard, (Tue, Feb 7th) (InternetStormCenter)
  7. Fresh iPhone Apps for Feb. 7: Hotels by Orbitz, TripLingo Romance Edition, The Hacker, Dream Pethouse (Appolicious) (Yahoo Security)
  8. Commerce Dept's Economic Development Administration Suffers Cyber Attack (February 2 & 3, 2012) (SANS Newsbites)
  9. "Challenges in Smart Object Security: too many layers, not enough ram" - Michael Richardson (Internet Drafts)
  10. Encryption Key To Evolving Data-Centric Security Model (Network Computing Security)