I just sow a post by AV-Comparatives called “AV-Comparatives Explains the Implications of Takeovers in the IT-Security Industry” The entire article is very interesting and it is worth reading. And it is also objective and valid as well! Great job, AV-Comparatives! What made me write this post is the graphic at the end of the post (courtesy of AV-Comparatives): I became immediately nostalgic when I sow that it starts with 2003, the acquisition of GeCAD by Microsoft. I was there when this happened! For those who don’t know, I started my career in cybersecurity in 1999 at RAV Antivirus, produced until 2003 by GeCAD. I was in the industry when all these M&A happened and I was actually working with some of them when they were acquired. I am still working with some of them. 😉 Of course, the most interesting one was Avira being acquired twice in 12 months. I was no longer working as an employee of Avira, but I was working with Avira in 2020, when it was first acquired. I don’t know if these acquisitions are the only ones that happened in the AV industry, but this list it is for sure the most complete…Read More
Today is Cyber Monday , a day when all webshops (and not only) give big discounts to many products they sell. Even if the discount campaigns of some webshops are incredible and too good to let it go, you should think twice before giving the order: the discount is for a product that everybody wants and seems very hard to find. Think of PS5, latest XBOX, etc…. the discount is waaaaayyy too big to miss you haven’t seen that website/webshop before you haven’t bought from that webshop before you haven’t seen on the Internet any review about that webshop you are being requested to give your personal details, card or bank PIN number If you answered YES to at least one, then STOP right here, right NOW. As a rule of thumb If something is too good to be true, then probably it isn’t! How can you recognize if a webshop is fake or fraud? Transform the 5 statements above in questions and ask yourself. Is the discount for a product that everybody wants and seems very hard to find? Why would any shop (online or offline) exactly the product that everybody wants at almost any price, reduce it…
While I was looking after some resources for a presentation, I found this interesting lecture from ENISA. Advancing Software Security in the EU Download PDF document, 622 KB This study discusses some key elements of software security and provides a concise overview of the most relevant existing approaches and standards while identifying shortcomings associated with the secure software development landscape, related to different inherent aspects of the process. Lastly, it provides a number of practical considerations relevant to the different aspects of software development within the newly established EU cybersecurity certification framework and the EU cybersecurity certification schemes. Fundamental security principles are often overlooked during software development. This is because Security is a non functional feature. Functional requirements are about behaviour of the system towards the outside world (e.g. a user), whereas non-functional requirements are mainly about the internal mechanisms. Many of the security requirements are non-functional; for example on how to store passwords in a database. Security requirements originate from different sources, such as – explicit functional and non-functional requests from user(s), – requirements and obligations originating from the underlying legal framework – requirements that are considered as best practices, company policies, in widely accepted guidelines, from threat…
I have a plugin that prevents multiple unsuccessful logins. As can be seen, the spammers try several combinations like: admin (the default), then site name, and several others. It is critical to create a user name that is different than the obvious names, especially the default username “admin”. Another interesting thing is that I get both IPv4 as well as IPv6 IP addresses. More and more IPv6. Also, a spammer will continuously try to hack you, because they have automated scripts. So, it makes sense to block them for a longer time. For example, I use these settings: The plugin I am using is “Limit Login Attempts Reloaded”. I am not affiliated with them in any way.
Quelle: https://www.bsi.bund.de/DE/Service-Navi/Publikationen/Lagebericht/lagebericht_node.html Malwarelage: Das vergangene Jahr war geprägt von einer deutlichen Ausweitung cyber-krimineller Erpressungsmethoden. Nicht nur die Anzahl der Schadprogramm-Varianten stieg zeitweise rasant an – mit bis zu 553.000 neuen Varianten pro Tag der höchste jemals gemessene Wert (siehe Kapitel Neue Schadprogramm-Varianten, Seite 11). Auch die Qualität der Angriffe nahm weiterhin beträchtlich zu. https://multimedia.gsb.bund.de/BSI/Video/Lagebericht/2021/lagebericht-1-Schadprogramm-Varianten.mp4 Die Hauptbedrohungen: Cyber-Erpressungen entwickeln sich zur größten Bedrohung (Ransomware) https://multimedia.gsb.bund.de/BSI/Video/Lagebericht/2021/lagebericht-2-Ransomware.mp4 Schwachstellen https://multimedia.gsb.bund.de/BSI/Video/Lagebericht/2021/Lagebericht-3-MS-Exchange-Schwachstellen.mp4 Der Faktor „Mensch” Mehr in dem PDF Dokument von BSI hier: https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/Lageberichte/Lagebericht2021.pdf?__blob=publicationFile&v=3
I just finished the online course “Cyber Diplomacy“, a course from the United Nations Office for Disarmament Affairs. For me it was interesting to find out how much from the real world has been already applied to the cybersecurity world. Unfortunately, by seeing this, I realized that actually nobody cares about these UN resolutions. For example, did you know that a country should not allow hackers to perform attacks on another country from within its territory? And how should this be controlled? We hear almost every week that Russia, China, Iran, North Korea, and many more are performing cyberattacks on “their enemies” (observe the quotes). If they are members of UN (click the links above to see details. Conclusion: The course is interesting, even if you don’t actually learn new concepts about cybersecurity. You do learn how serious cybersecurity is being taken by the UN. And this is good…
ISC2 requires a recertification every 3 years. For this, you need to pay your fees and to make proof that you were active in the profession. This can be done by submitting for review the work that has been done in this certification cycle. And here are all 3 with links:
ITSecurityNews.info is my security news aggregator, which collects RSS feeds and publishes them in WordPress automatically. A long time ago I created an app using AppSpotr, but since then things have changed. So, I decided to write one myself. Of course, not from scratch, I took an open source project called fNotifier and changed it to my needs. The app remains running as a service and polls regularly (see screenshot below – Settings) for new feeds. And after one rejection due to Policies, it was approved in the Play Store: https://play.google.com/store/apps/details?id=org.itsecuritynews It is actually enough to visit the website on a mobile device and you will see immediately on the top of the page an offer to install the app.
I created my company’s Twitter account, called @EndpointCS . Obviously, I tried to add the birth date of the company: 1.1.2015. Well, imagine what happened next with my brand new account: it got locked because the owner of the account must be at least 13 years old. And my company is only 6 years old. I had to submit a photo of my ID in order to get it unlocked. Fortunately, and very surprisingly for me, the process took a few minutes. Did they automatize it ? I think so… otherwise it couldn’t have been so fast. So, Twitter, get your processes straight. In case you’re wondering, there is no official way to set up a business account. You still need a person to create it and mark it as such. And that person must be 13 years or older. 🙂
If you use Stack-Overflow today, you will be surprised to see this popup: This has caused an explosion of Reddit comments here: https://www.reddit.com/r/webdev/comments/mhkume/stack_overflows_new_copypaste_limit/ When you click on “Learn More”, you get to see this : Aha, 3 keys for $39.99 … riiiight 🙂 If you click on the “Pre-order” you get to see this: April Fools joke. Hahahahah 🙂 But those guys from Reddit didn’t laugh, at the beginning. 🙂