Author

 Gadi Evron
Twitter
LinkedIn
RSS
E-Mail

Profile of Gadi Evron

CEO & Founder, Cymmetria, head of Israeli CERT, Chairman, Cyber Threat Intelligence Alliance
News & Commentary Posts: 70

Gadi is CEO and founder of Cymmetria, a cyber deception startup and chairman of the Israeli CERT. Previously, he was vice president of cybersecurity strategy for Kaspersky Lab and led PwC's Cyber Security Center of Excellence, located in Israel. He is widely recognized for his work in Internet security and global incident response, and considered the first botnet expert. Gadi was CISO for the Israeli government Internet operation, founder of the Israeli Government CERT and a research fellow at Tel Aviv University, working on cyber warfare projects. Gadi authored two books on information security, organizes global professional working groups, chairs worldwide conferences, and is a frequent lecturer.

Articles by Gadi Evron

Stuxnet: An Amateur's Weapon

10/15/2010
Stuxnet, a Trojan supposedly designed to attack Iran's nuclear program, is so technically advanced that it is said to be able to remotely explode a power plant without the controller noticing. Such an advanced weapon was developed by people with means. But whoever they are, they're amateurs.

Post a Comment

Girl Quits Job! Oh, What A Meme

8/11/2010
Who hasn't yet seen the "Girl quits her job on dry erase board, emails entire office" meme? It hit the Net like an hurricane, and I liked it immediately. In fact, fake or not -- I still do. What can we learn from it?

Post a Comment

Yet Another Facebook Malware Evolution

8/9/2010
Every once in a while I like to discuss the strategic view and how different players affect each other in the realm of cybercrime. This post is about the latest evolutionary development in the fight -- with Facebook malware.

Post a Comment

Facebook And National Security: Two Cases

7/9/2010
Dark Reading's Kelly Jackson Higgins wrote about the fake Robin Sage account, which duped many in vetted circles to add "Robin" as a Facebook friend. Now from Israel comes a story of how soldiers from a secret IDF base created a Facebook group for it.

Post a Comment

The Myth Of Cyberattack Deterrence

5/10/2010
Deterrence online is one of the biggest idiocies of the past couple of years. There are some interesting research possibilities in the subject matter, but not as it is portrayed today -- a cure-all strategy.

Post a Comment

Alert: Disposable Facebook Apps Installing Adware

5/6/2010
Just like throwaway domains on the wider Internet, it seems like criminals now use throwaway applications on Facebook. They bring one app online to lure users and potentially infect them, and by the time one is taken down by Facebook, they create yet another.

Post a Comment

Al Qaeda Implicated In Cyberattacks

4/30/2010
Some papers recently became publicly available in the case of terrorism suspect Mohamedou Ould Slahi, accused of being one of Al-Qaeda's top recruiters. The papers revealed Al-Qaeda hacking activity, which demonstrates what proof of accountability in Internet attacks is, and how many of us jump to conclusions about countries, such as China, without it.

Post a Comment

NSA Director On The Cyber-Counterattack

4/15/2010
According to an Associated Press report, the director of the National Security Agency told Congress the U.S. should respond in force to computer-based attacks -- even when the attacker is not known. Is that possible, and is it a good idea?

Post a Comment

Stop Counting Bots

4/9/2010
How many bots are on the Internet, and why should we care? This is an argument I've been making since the late 1990s, and it is high time I got it in writing outside of closed circles.

Post a Comment

A Russian Strategist's Take On Information Warfare

3/26/2010
Today I'd like to introduce you to one of the main thinkers on information warfare, who most of you never heard of. S.P. Rastorguev (Расторгуев C.П.). He is a Russian strategist who unfortunately, as far as I can find, hasn't been translated.

Post a Comment

Cyberwarfare: Play Offense Or Defense?

3/11/2010
One of the key differences in military theory between Internet warfare and kinetic warfare is whether defense or offense are stronger. Here's a shortened version of an argument I am formulating about this matter following years of debate.

Post a Comment

Social Networks, Data Leaks, And Operation Security

3/4/2010
Following a Facebook update from a soldier on an upcoming operation, the Israeli Defense Forces (IDF) canceled an operation into the West Bank, illustrating how the connected world makes maintaining operational security (OPSEC) all the more difficult.

Post a Comment

Mozilla's Add-On Policies And Spyware Surprises

2/17/2010
I've been using FlashGot on and off for years. It is a useful plug-in that helps you download multiple files from the same Web page "automagically." So when Firefox informed me about a new update for an add-on I've used for years, I clicked "OK" and updated it, only to find a surprise the next time I used Google.

Post a Comment

How Much Crypto You Really Need

2/11/2010
Last month an international team of researchers announced they had managed to factor a 768-bit RSA key. This raises interesting questions about handling encryption and planning ahead in your security strategy.

Post a Comment

'Brand' Your Employees

2/5/2010
You might want your product to be in the news every day, and for your PR to create miracles for you. But if you want attention, then your company must speak out on big security issues and news.

Post a Comment

Google/China Reality Check Amid The Fog Of Cyberwar

1/21/2010
We've all heard about the Chinese attacks against Google by now. We've heard of Google's moral standing, how corporations now impact international relations, and how censorship is bad and freedom is good. However, some important questions lost in the fog of war need to be asked.

Post a Comment

Share Your New Security Innovations

1/15/2010
I am working with InformationWeek Analytics to create an analysis of the year's top five technology innovations in the security arena. If you are a vendor and believe you have the next big thing, then you should contact us.

Post a Comment

NSA Iraqi Computer Attacks And U.S. Defense

11/18/2009
A National Journal Magazine article called "The Cyberwar Plan" has been making waves the last few days in our circles -- it's about how cell phone and computer attacks were supposedly used against Iraqi insurgents by the National Security Agency (NSA). Its significance is far more than just what's on the surface, however.

Post a Comment

Never Understimate The Power Of A Botnet

11/14/2009
A deputy director at the Office of Cyber Security in the Cabinet Office in the U.K. said in a recent Home Affairs Committee meeting that botnets are not a big risk for debilitating attacks against the government's networks, but are more likely to be used as a tool to extort money.

Post a Comment

Phishing Your Users for Better Security

10/12/2009
A couple of years ago, William Perlgrin taught users about phishing...by phishing them. In doing so, the director of the New York State Office of Cyber Security and Critical Infrastructure Coordination, created an awareness program that (for the most part) worked.

Post a Comment

Blacklisting For Extra Mail Server Security

9/10/2009
A majority of systems around the world use Internet blacklists as lists of IP addresses that are most likely compromised -- by bots -- and used by these systems to block or otherwise filter email. However, these lists can sometimes be used beyond the blacklist's design intent for increased security, but only after careful consideration.

Post a Comment

Why I Refuse to Update My Website Certificate

8/20/2009
Every year or so, someone reports a supposed security vulnerability in a site that I run, warning me that the certificate has expired. I always respond that I would be happy to update it when I get a free moment, but that it is far from a priority.

Post a Comment

Reclaiming The Email Channel

8/14/2009
Financial institutions and ecommerce sites use email as a marketing platform, training users to trust email -- essentially blazing a trail for the phishers.

Post a Comment

The BlackBerry 'Trojan Horse'

7/23/2009
Research In Motion's announcement that users in the United Arab Emirates (UAE) who installed an update on their BlackBerrys ended up with a surveillance application raises some key questions.

Post a Comment

Incident Response Is Not Forensics

7/16/2009
Professionals who handle computer security incident response traditionally have also been charged with forensics. They find the evidence of wrongdoing, and preserve it in a court-approved fashion. This best practice is a good one, even when saving data for law enforcement is not a necessity or a priority.

Post a Comment

DDoS Cyberwarfare Hurts Us All

7/9/2009
A distributed denial of service (DDoS) attack has been in the news in recent days due to attacks against the U.S. government -- with fingers pointed at North Korea. But people forget a few basic truths people when it comes to information warfare (or cyberwarfare) and DDoS attacks.

Post a Comment

Government Takes Action On Internet Badness

6/17/2009
Sources of online criminal activity, such as Atrivo/Intercage and McColo, are no longer around. While I am not quite willing to share the full story behind these takedowns just yet, I can say that community action was the key.

Post a Comment

Cybercriminals: More Obvious Than They Think?

5/29/2009
Attackers often use and abuse security by obscurity, which can lessen the likelihood that they will be caught. From them we can learn a lot about profiling attackers on our networks, and how they work to achieve better operational security. Take their use of encryption.

Post a Comment

Lessons From Fighting Cybercrime

5/17/2009
The history of anti-spam teaches us about half-baked ideas and how people succeeded or failed to implement them. The analogy of evolution, while limited, demonstrates how reactionary solutions can achieve strategic goals before they are made obsolete by countermeasures.

Post a Comment

CouchSurfing: A Working Trust Model

5/7/2009
Trust. At the beginning we take it on faith. On the Internet, a fortiori, all the more so. While security professionals struggle to establish online trust, CouchSurfing, a social site for tourists who want to borrow your couch and, perhaps -- wink, wink -- make friends, has a working trust model that is cool to boot.

Post a Comment

The Irony Of Preventing Security Failures

5/1/2009
It used to be that we were judged by not suffering security incidents. But today everyone gets hit, so we are now judged by how we deal with a breach. But what if nothing happens because we stopped it? That may be the most dangerous option in the long term.

Post a Comment

Analyzing Security Psychology

4/21/2009
The integration of psychology into the security strategic-thinking process is critical for the advancement of information security. The human element influences all security controls because all of these controls seek to regulate human behavior.

Post a Comment

I'm Interested, But In You

4/20/2009
Social engineering is a disturbing aspect of overall security threat analysis because it is the human element that is least in our control. Security and psychology -- once again -- go hand in hand.

Post a Comment

SCADA Security: What SCADA Security?

4/7/2009
SCADA, the control systems for such infrastructure services as water and energy, has us worried whenever critical infrastructure defense is mentioned. Why, then, is it the most insecure industry on the planet?

Post a Comment
Cybersecurity's 'Broken' Hiring Process
Kelly Jackson Higgins, Executive Editor at Dark Reading,  10/11/2017
How Systematic Lying Can Improve Your Security
Lance Cottrell, Chief Scientist, Ntrepid,  10/11/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Search Cybersecuruty and you will get unicorn.
Current Issue
Security Vulnerabilities: The Next Wave
Just when you thought it was safe, researchers have unveiled a new round of IT security flaws. Is your enterprise ready?
Flash Poll
The State of Ransomware
The State of Ransomware
Ransomware has become one of the most prevalent new cybersecurity threats faced by today's enterprises. This new report from Dark Reading includes feedback from IT and IT security professionals about their organization's ransomware experiences, defense plans, and malware challenges. Find out what they had to say!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.