Director of Threat Intelligence
Joined on May 9, 2005
Total Post Views: 106,690


Paul Ferguson (“Fergie”) is Director of Threat Intelligence at ICEBRG,io, specializing in Emerging Security Threats and Operational Intelligence. Prior to joining ICEBRG.io, Ferguson has worked for (most recently) IID, Trend Micro, Northrop Grumman, Cisco Systems, Sprint, Computer Sciences Corp. (CSC), and AT&T;, and honorably served several years of active duty service in the U.S. Army as a Communications Security (COMSEC) techie during the Cold War. He spends most free time outdoors hiking, backpacking, and generally amusing himself in the great Pacific Northwest.

Except where otherwise noted, all postings by Fergie on CircleID are licensed under a Creative Commons License.

Featured Blogs

Hello, Australia: Please Vote These Guys Out

So I heard about this ridiculous news the other day that now Australian customs officers have been given new powers to search incoming travelers' laptops and mobile phones for pornography, according to The Age. Really? Come on. Really? First the Internet filtering, a la porn wall, and now this? more

The Sad State of WHOIS, and Why Criminals Love It

I'm not even sure how to begin this post, but let me tell you -- my head explodes when I try to contact WHOIS "contacts" about criminal activity - FAIL. I think ICANN wants to do the right thing here, and has stated on multiple occasions that inaccurate WHOIS data is reason for registrar termination. That's a Good Thing... more

More Provocative Reasons for a Mandatory National Breach Disclosure

I read, with some small amount of discomfort, an article by Bill Brenner on CSO Online, wherein he interviewed several other CSOs and other "Security Execs" on their opinions on the firing of Pennsylvania CISO Robert Maley. For those who haven't heard about this, Mr. Maley was fired for talking about a security incident during the recent RSA conference without approval from his bosses. more

Glaring Weaknesses in Prosecuting International Cyber Crime

I have to tell you -- I'm not really happy about the fact that the majority of serious cyber crime on the Internet happens without any legal prosecution. I spend an enormous amount of time -- far beyond my "day job" and exceeding what some might consider my professional capacity -- tracking cyber crime. I also work closely with law enforcement (both in the U.S. and abroad) to assist in the intelligence gathering process, putting the pieces of the puzzles together, connecting the dots, and so forth. And most of the major criminal organizations are still operating (pretty much) in the open, with fear of retribution or criminal prosecution, for a number of reasons. more

U.S. Cyber Security: Blurred Vision

It has been beaten, butted, and batted around quite a bit in the past few weeks -- let's look at a rough timeline of political issues which bring me to this point. Let's look at the power struggle (I prefer to call it confusion) in the U.S. Government with regards to "Cyber Security" -- in a nutshell. In the latter part of 2008, the U.S. House of Representatives Homeland Security Committee determined that DHS was not capable of providing proper critical infrastructure protection (and other Cyber protection capabilities) due to a number of issues. This may well be a political maneuver, or it may well actually have merit. more

Opinion: UK Moving Quickly Down the Slippery Slope…

Admittedly, I'm a not Johnny-come-lately with regards to surveillance, intelligence, telecommunications, network security, law enforcement, and a cross-pollination of all-of-the-above. I actually have a very colorful background of working within all of the aforementioned disciplines - at one time or another - either through the U.S. Military, U.S Government contractors, private industry, etc. ... And unfortunately, I am not generally "shocked" very often by much of the abuses being perpetrated on unwitting Internet users, both by supposedly "trusted" entities (e.g. Democratic Governments, ISPs, etc.) more

Canada: Paying for E911 and Not Getting It - A Dangerous Proposition

While this article specifically discusses the issues of E911 service in the Canadian hinterlands, I fear that the same fiscal shell game is being played by wireless providers all over North America... Grant Robertson writes in The Globe and Mail: Every month when cellphone bills arrive, Northern Canadians are forced to pay for a 911 service they can't access. more

ICANN: Termination of Registrar EstDomains to Go Ahead

The termination of ICANN-accredited registrar EstDomains is to go ahead, effective 24 November 2008. On 28 October 2008, ICANN sent a notice of termination to EstDomains, Inc. based on an Estonian Court record reflecting the conviction of EstDomains' then president, Vladimir Tsastsin, of credit card fraud, money laundering and document forgery. Pursuant to Section 5.3 of the Registrar Accreditation Agreement (RAA), ICANN may terminate the RAA before its expiration when, "Any officer or director of [a] Registrar is convicted of a felony or of a misdemeanor related to financial activities..." more

Facebook Apps on Any Website: A Clever Move? Or a Security Nightmare?

Well, given the amount of malicious JavaScript, malware, and other possibilities to use Facebook (and other similar social networking platforms) for abuse, I certainly wouldn't categorize this news as a "clever move"... In fact, I foresee this as an extraordinarily short-sighted move with far-reaching security implications -- which will allow the levels of malicious abuse to reach new heights. more

Let’s Be Careful Out There: Bogus Windows Domains

Last week, my colleagues over at Sunbelt Software discovered a bogus Windows domain being registered earlier this month (where the "w" in "windows" is actually two "v"s). Today, I've been alerted to the fact that are several additional Windows domains which have registered where the "w"s have been also been replaced with "v"s... more