Category Archives: Security
POS malware, some links to material
Increasing number of attacks has been taken against Point of Sales devices and systems. There are several good overviews and materials on this topic, and those are revealing details of the technics used in these targeted attacks. Main sources PoS … Continue reading
Posted in Risk Management, Security Incidents and Cases, Security Management, Security News, Security Threats, Security Training, Awareness and Reports
Comments Off on POS malware, some links to material
Murmur, tool for simple and secure voice conference
Murmur is an open source alternative for DIY voice conferencing using encrypted communication. It is used especially in gaming, but it can easily be used for small working teams or for family multiparty talks. Plus: Quick and easy to setup … Continue reading
Posted in Anvanced Tools, DIY, Privacy, Smartphones, Tools
Comments Off on Murmur, tool for simple and secure voice conference
STIX, Structured Threat Information eXpression, by Mitre
Structured Threat Information eXpression STIX is a collaborative community-driven effort to define and develop a standardized language to represent structured cyber threat information. STIX Use Cases STIX sample This is from the training material. From samples page: STIX Tree Viewer … Continue reading
Posted in ICT, ICT Standards, Security Incidents and Cases, Security Standardization and Practises, Security Threats
Comments Off on STIX, Structured Threat Information eXpression, by Mitre
Indicators of Compromise, OpenIOC and CyBOX
Indicator of compromise IOC IOC in computer forensics is an artifact observed on a network or in operating system that with high confidence indicates a computer intrusion. Typical IOCs are virus signatures and IP addresses, MD5 hashes of malware files … Continue reading
Posted in ICT, ICT Standards, Security Incidents and Cases, Security Standardization and Practises, Security Threats
Comments Off on Indicators of Compromise, OpenIOC and CyBOX
Data Breach reports, by ITRC
Identity Theft Resource Center (ITRC) has been tracking security breaches since 2005, looking for patterns, new trends and any information that may better help us to educate consumers and businesses on the need for understanding the value of protecting personal … Continue reading
Posted in ICT, Security Incidents and Cases, Security Threats, Security Training, Awareness and Reports
Comments Off on Data Breach reports, by ITRC
Cyber essentials
Cyber Essentials scheme is one of the actions under the UK Government policy “Keeping the UK safe in cyber space“. The Cyber Essentials scheme has been developed by Government and industry to fulfil two functions. It provides a clear statement … Continue reading
Posted in Cybersecurity, ICT Regulation, Risk Management, Security Certifications, Security Standardization and Practises
Comments Off on Cyber essentials
Data Protection Laws of the World, by DLA Piper
DLA Piper has published a valuable information source on data protection laws. The handbook is available online (see figure below), or directly as downloadable pdf (almost 400 pages). Other links blog article “Privacy and Data Protection by Country”
Posted in ICT, ICT Books, ICT Regulation, Privacy
Comments Off on Data Protection Laws of the World, by DLA Piper