Category Archives: Security
Example Analysis of Spear-phishing email
There is a good example of a detailed investigation of a malware, available on SANS reading room. It is good for learning, not only about spear phishing threats, but also about investigation techniques. Case highlights: Spear-phishing email with attachement The … Continue reading
Posted in Forensics, Security Threats, Security Training, Awareness and Reports
Comments Off on Example Analysis of Spear-phishing email
Duqu, beginning of future Stuxnet variants
Symantec has published a study of a new threat called Duqu. Main components and modules are shwon below. Highlights from Symantec report: The threat was written by the same authors Duqu’s purpose is to gather intelligence data and assets from … Continue reading
Posted in Security Threats
Comments Off on Duqu, beginning of future Stuxnet variants
Security Certification directory
CSO Online article “The Security Certification Directory” contains a good list in this subject. The directory is divided into categories: Information Security certifications, like Certificate of Cloud Security Knowledge Certified Information Systems Professional, CISSP Global Information Assurance Certification (GIAC) Certified … Continue reading
Posted in Security Certifications, Security Management
Comments Off on Security Certification directory
Security Survey Directory
CSO Online article “The security data and survey directory” contains a good list in this subject. The directory is divided into categories: Risk Management Attack Vectors Security Spending, Budgets & Priorities Physical Security and Loss Prevention Security Controls Data Security … Continue reading
Posted in Security Management
Comments Off on Security Survey Directory
Security laws and regulations directory
CSO Online article “The security laws, regulations and guidelines directory” contains a good list in this subject. This list is a good starting point when looking which laws and regulation there exist. Broadly applicable laws and regulations Industry-specific guidelines and … Continue reading
Posted in Security Management, Security Organizations
Comments Off on Security laws and regulations directory
Another Security Vocabulary bt IETF
There exist another vocabulary called “Internet Security Glossary, Version 2”. It is IETF RFC 4949 from 2007. IETF=Internet Engineering Task Force Note, in RFC 4949 the definitions might differ from the ITU and ISO definitions. For example, “information security” is … Continue reading
Posted in ICT Terminology, Security Terminology, Security Training, Awareness and Reports
Comments Off on Another Security Vocabulary bt IETF
ITU Terms and Definitions
ITU (International Telecommunication Union, intro) has online database for terms and definitions for 6 languages. Currently there are more than 100000 terms. For the term “information security” it can find a match in ITU-T. Term : information security Definition … Continue reading
Posted in ICT Terminology, ITU-T, Security Terminology, Security Training, Awareness and Reports, Telecom Security
Comments Off on ITU Terms and Definitions