General

Cybersecurity vs. Information Security (infosec)

Somebody asked me why do I have in my LinkedIn profile “IT Security Expert” and in my company website www.mustaca.com “Sorin Mustaca Cybersecurity”. In order to answer that, I need to clarify the difference between Cybersecurity and Information Security (infosec). I googled a bit because I don’t have too much time and I did find something which is closest to my opinion. See Sources for a list.   Information security (or “InfoSec”) is the practice of defending information from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording or destruction. It is a general term that can be used regardless of the…


“Cyber Security” or “Cybersecurity” ?

“Cybersecurity” and “cyber security” are getting more and more mixed usage lately, so much that they are becoming almost as ambiguous as the term “cloud” was a few years back. The challenge information security executives and professionals are faced with is knowing  ̶  as the title implies  ̶  when and why the term should be used and how it should be presented, as a single word or two. While there isn’t any recognized authority on the subject per se, there are at least some credible sources providing guidance that can help those of us in the industry to decide on…


For many still not clear what “cloud” means

There is a very good and detailed article on Wikipedia about what Cloud computing means: Cloud computing, also known as on-demand computing, is a kind of Internet-based computing that provides shared processing resources and data to computers and other devices on-demand. It is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort. There are 3 layers of “cloud”, or cloud flavors: SaaS: Software as a Service PaaS: Platform As A Service IaaS: Infrastructure As A Service  …


Digital clock mathemathics

If you’re like me, you definitely have such a digital clock somewhere in your house, most probably near your bed. Ever wondered what is the maximum number of segments of the clock that are used at a certain hour? And what time is it then? I did… and here is how I count them. I wrote a Perl script that calculates the number of segments of each hour and each minute: 24h x 60 min. Each number has maximum 7 segments. This would be the number 8. Here is the number of segments for each digit 0..9 : 6,2,5,5,4,5,6,3,7,6; Important rules:…


My article in Security Insider Kompendium: IT Security for small and medium companies

The Compendium and the article are free, you only need to register in order to download Source: Kompendium IT-Sicherheit für den Mittelstand     Article: Zahlt sich kostenlose Sicherheit wirklich aus? Freeware, Open Source und unentgeltliche Cloud-Dienste Malware, Hacking-Attacken, Software-Schwachstellen: Ist es angesichts der ausufernden Bedrohungslandschaft überhaupt möglich, sich mit Security-Tools für lau umfassend abzusichern? In diesem Beitrag gehen wir dieser Frage auf den Grund. Page 28-30 This article appeared also here: http://www.sorinmustaca.com/2013/07/05/security-for-free-die-deutsche-edition/  


This is how you know you got a good SEO!

When some chinese spammer gets in touch with you about your domain, you know that they have found you somehow. My guess is that they take LinkedIn as source and they scrape anything in a certain area.   Dear Sir or Madam, We are an agency for registering domain names authorized by Chinese government. Today, our center received an application from WAONG Holdings Ltd applying to register “mustaca” as their brand name and some top-level domain names(.CN .HK etc). After our careful investigation, We found the main body of domain names is same as yours. As a professional registrar, We…


Where PC security and Automotive security meet

I visited yesterday the IAA in Frankfurt. IAA stands for International Automobile Exhibition and takes place every year in Frankfurt, Germany. This is the place where every year the latest cars are being presented but also the newest technologies around cars. This year it was a lot about mobility, interaction, autonomous parking and driving, interconnectivity between cars and IoT. I addressed more the car parts suppliers than the car manufacturers. For us it was more interesting to get involved in the devices that are easily and directly attackable. Things like entertainment systems, connected devices of the car, GPS devices,etc.. Challenges:…


What is Strategic Product Management and why do we need it in the security industry

“Strategic Product Management” is, first of all, a buzz word. A hype, if you want. But that doesn’t mean that you don’t need it. Most technology companies have a product management department that should act as the “voice of the customer” on one side and translating their finding into requirements on the other side. I won’t go into the debate if this makes sense or not. Read here about Product Manager, Product Marketing Manager and Technical Product Manager. PMs typically generate an extensive roadmap of new products and enhancements which almost always never get implemented. But is product management really being used…


Email campaign with malware: Javascript downloaders instead of executables as attachments

Several types of emails are being sent with a ZIP attachment containing a single file with this mask: <number>.doc.js.   Here is as text. Apparently, Google loves text because it can index it better, so I am doing here some SEO 🙂   Notice to Appear, You have not paid for driving on a toll road. Please, do not forget to service your debt. The copy of the invoice is attached to this email. Yours faithfully, Sean Worley, E-ZPass Manager. ——————————- Notice to Appear, This is to inform you to appear in the Court on the August 22 for your…


There are also nice parts in giving information to Google. The result is … impressive.

I am logged in in the Chrome browser with my Google account. I have my birthday correctly added there, and yes, it is today… 🙂   Result:  A Google start page personalized for me. I have to say that I am kind of … impressed. Of course it is easy to do it with such much information. But to have this idea implemented is a great thing.   Good job, Google. And thanks.  


By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close