Jason Soroko

About

Jason Soroko is Head of Malware Research for Entrust. Soroko has spent more than 10 years with Entrust in various developer or architect roles. As malware becomes more advanced, the need for Entrust to understand evolving threats requires considerable investment. Soroko frequents security conferences and tradeshows to educate the industry on identity-based security and ensures Entrust stays at the forefront of understanding this offensive capabilities possessed by today’s malicious actors. Prior to joining Entrust, Jason worked in Geographic Information Systems (GIS) for the oil and gas industry.

Blog Posts 1-10 of 12

‘Silver Bullets’ versus Defense in Depth

April 23, 2014 by Jason Soroko     No Comments

I am privileged to speak with a lot of organizations that are architecting their security infrastructure.  Some of them have purchased a security point solution and honestly believe that they are now “secure.”   If you spend time walking through the vendor halls at security conferences you will get a good sense for the sheer [Read More...]

Reactive Cybersecurity Strategy Is Not A Strategy

April 16, 2014 by Jason Soroko     No Comments

It’s encouraging that many organizations have become aware of security of their networks and computer resources. This awareness is sometimes triggered by breach or fraud headlines in tech journalism, which leads to concern and curiosity. It is immediately apparent when I’m speaking with a company that has suffered from an attack because their questions are [Read More...]

The Identity Context

February 19, 2014 by Jason Soroko     No Comments
This entry is part 3 of 3 in the series Identity Context: Defense's Next Play

This entry is part 3 of 3 in the series Identity Context: Defense’s Next PlayPart Three: The Identity Context  All attacks involve some form of stolen identity. According to Mandiant’s threat landscape study, 100 percent of breaches they investigated involve stolen credentials. In our own studies — where we reverse-engineered malware and studied the source [Read More...]

Blacklisting – Finite Utility

February 12, 2014 by Jason Soroko     No Comments
This entry is part 2 of 3 in the series Identity Context: Defense's Next Play

This entry is part 2 of 3 in the series Identity Context: Defense’s Next Play Part Two: Blacklisting – Finite Utility  Malicious actors are ruled by the laws of economics just like everyone else; they have finite resources. If they want to attack many targets, the chances are good that they will reuse their tools [Read More...]

Filed Under:
Tagged With:

Network and Desktop Operating Systems Have Too Much Trust

February 5, 2014 by Jason Soroko     1 Comment
This entry is part 1 of 3 in the series Identity Context: Defense's Next Play

This entry is part 1 of 3 in the series Identity Context: Defense’s Next Play Part One: Network and Desktop Operating Systems Have Too Much Trust At Black Hat 2012, John Flynn showed a slide with the text, “The kids these days, they’re hacking the system as a whole.” There is a wide assumption that [Read More...]

You Can’t Defend Against What You Can’t Detect: Malicious Signals in Legitimate Noise

February 4, 2014 by Jason Soroko     No Comments

 As a CIO, CISO, or anyone else who has to defend a corporate environment from malicious activity, there are many point solutions to spend your budget on. A lot of these technologies are really good and there certainly is no shortage of them.    Walk around a vendor floor of any large security conference and [Read More...]

Filed Under:
Tagged With:

Playing in the Digital Sandbox: Mobile versus Desktop Security

January 27, 2014 by Jason Soroko     No Comments

Mobile operating systems consume resources from unknown sources on the Internet all the time, and yet they are not infected in the same manner as desktop operating systems. Certainly, sideloaded malicious Android apps are able to access parts of a mobile device that the user has authorized (e.g., pictures, contacts, SMS).  We have also seen [Read More...]

Filed Under:
Tagged With:

Playing in the Digital Sandbox: Balancing System Trust

January 22, 2014 by Jason Soroko     No Comments

On a daily basis, most people using desktop operating systems consume resources and ‘rich content’ from unknown sources on the Internet, typically via technologies ‘under the hood’ of our Web browsers.  These include Java, browser plugins like Adobe Flash, PDF readers, HTML5 and others. All are meant to create a rich and seamless user experience. [Read More...]

Filed Under:
Tagged With:

Credit Card Number Theft: POS Malware and the Path of Least Resistance

January 15, 2014 by Jason Soroko     No Comments

It was December 2011 when we first read about payment card number theft that occurred at Subway sandwich shops. Now, we’re sorting through the theft of 40 million payment cards from Target. That number was revised to 70 million names and identifying information such as phone numbers.   Researchers, most notably Brian Krebs, have done a [Read More...]

Bypassing Fingerprint Biometrics Nothing New

October 2, 2013 by Jason Soroko     No Comments

So, Germany’s Chaos Computer Club — which weirdly sounds like an outcast AV group at someone’s high school — claims to have circumvented Apple’s new Touch ID fingerprint biometric sensor featured on the just-released iPhone 5s. This isn’t news. Sure, it’s new in relation to attacking the consumer-loved iPhone image. But the “hack” shown is [Read More...]