Category Archives: Security Incidents and Cases

Randomly found “stories” which relates to security.
The purpose of this category is to show that things happens, and that things are not perfect.
The question is “What can be learned from this? What this means?”
These blogs are mostly links to original source.
This is experimental… ( since these are more news that guidance…)

Global heatmap, by G4S Risk Consulting

Global Intelligence System (GIS) is providing an online service, including a Heatmap and Global forecast reports. There are forecast reports freely available, and they can provide short and concise information about current threats and hazards globally. Please see the links … Continue reading

Posted in Security Incidents and Cases, Security Organizations, Security Threats | Comments Off on Global heatmap, by G4S Risk Consulting

2015 Information security breaches survey, conducted by PwC

There is a survey report available (2015, UK specific). It contains several good information for security professionals and management. From main site: The information security breaches survey is carried out annually for Department for Business, Innovation and Skills (BIS) by … Continue reading

Posted in Security Incidents and Cases, Security Management | Comments Off on 2015 Information security breaches survey, conducted by PwC

Annual Global Security Report, by Trustwave

Trustwave is maintaining the annual report on their Global Security Report page. The content of the 2014 report is well presented and structured, and easy to read (without heavy and long sentences). Definitely worth to look. One example page is … Continue reading

Posted in Security, Security Incidents and Cases, Security News, Security Training, Awareness and Reports | Comments Off on Annual Global Security Report, by Trustwave

POS malware, some links to material

Increasing number of attacks has been taken against Point of Sales devices and systems. There are several good overviews and materials on this topic, and those are revealing details of the technics used in these targeted attacks. Main sources PoS … Continue reading

Posted in Risk Management, Security Incidents and Cases, Security Management, Security News, Security Threats, Security Training, Awareness and Reports | Comments Off on POS malware, some links to material

STIX, Structured Threat Information eXpression, by Mitre

Structured Threat Information eXpression STIX is a collaborative community-driven effort to define and develop a standardized language to represent structured cyber threat information. STIX Use Cases STIX sample This is from the training material. From samples page: STIX Tree Viewer … Continue reading

Posted in ICT, ICT Standards, Security Incidents and Cases, Security Standardization and Practises, Security Threats | Comments Off on STIX, Structured Threat Information eXpression, by Mitre

Indicators of Compromise, OpenIOC and CyBOX

Indicator of compromise IOC IOC in computer forensics is an artifact observed on a network or in operating system that with high confidence indicates a computer intrusion. Typical IOCs are virus signatures and IP addresses, MD5 hashes of malware files … Continue reading

Posted in ICT, ICT Standards, Security Incidents and Cases, Security Standardization and Practises, Security Threats | Comments Off on Indicators of Compromise, OpenIOC and CyBOX

Data Breach reports, by ITRC

Identity Theft Resource Center (ITRC) has been tracking security breaches since 2005, looking for patterns, new trends and any information that may better help us to educate consumers and businesses on the need for understanding the value of protecting personal … Continue reading

Posted in ICT, Security Incidents and Cases, Security Threats, Security Training, Awareness and Reports | Comments Off on Data Breach reports, by ITRC