General

For many still not clear what “cloud” means

There is a very good and detailed article on Wikipedia about what Cloud computing means: Cloud computing, also known as on-demand computing, is a kind of Internet-based computing that provides shared processing resources and data to computers and other devices on-demand. It is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications and services) that can be rapidly provisioned and released with minimal management effort. There are 3 layers of “cloud”, or cloud flavors: SaaS: Software as a Service PaaS: Platform As A Service IaaS: Infrastructure As A Service  …


Digital clock mathemathics

If you’re like me, you definitely have such a digital clock somewhere in your house, most probably near your bed. Ever wondered what is the maximum number of segments of the clock that are used at a certain hour? And what time is it then? I did… and here is how I count them. I wrote a Perl script that calculates the number of segments of each hour and each minute: 24h x 60 min. Each number has maximum 7 segments. This would be the number 8. Here is the number of segments for each digit 0..9 : 6,2,5,5,4,5,6,3,7,6; Important rules:…


My article in Security Insider Kompendium: IT Security for small and medium companies

The Compendium and the article are free, you only need to register in order to download Source: Kompendium IT-Sicherheit für den Mittelstand     Article: Zahlt sich kostenlose Sicherheit wirklich aus? Freeware, Open Source und unentgeltliche Cloud-Dienste Malware, Hacking-Attacken, Software-Schwachstellen: Ist es angesichts der ausufernden Bedrohungslandschaft überhaupt möglich, sich mit Security-Tools für lau umfassend abzusichern? In diesem Beitrag gehen wir dieser Frage auf den Grund. Page 28-30 This article appeared also here: http://www.sorinmustaca.com/2013/07/05/security-for-free-die-deutsche-edition/  


This is how you know you got a good SEO!

When some chinese spammer gets in touch with you about your domain, you know that they have found you somehow. My guess is that they take LinkedIn as source and they scrape anything in a certain area.   Dear Sir or Madam, We are an agency for registering domain names authorized by Chinese government. Today, our center received an application from WAONG Holdings Ltd applying to register “mustaca” as their brand name and some top-level domain names(.CN .HK etc). After our careful investigation, We found the main body of domain names is same as yours. As a professional registrar, We…


Where PC security and Automotive security meet

I visited yesterday the IAA in Frankfurt. IAA stands for International Automobile Exhibition and takes place every year in Frankfurt, Germany. This is the place where every year the latest cars are being presented but also the newest technologies around cars. This year it was a lot about mobility, interaction, autonomous parking and driving, interconnectivity between cars and IoT. I addressed more the car parts suppliers than the car manufacturers. For us it was more interesting to get involved in the devices that are easily and directly attackable. Things like entertainment systems, connected devices of the car, GPS devices,etc.. Challenges:…


What is Strategic Product Management and why do we need it in the security industry

“Strategic Product Management” is, first of all, a buzz word. A hype, if you want. But that doesn’t mean that you don’t need it. Most technology companies have a product management department that should act as the “voice of the customer” on one side and translating their finding into requirements on the other side. I won’t go into the debate if this makes sense or not. Read here about Product Manager, Product Marketing Manager and Technical Product Manager. PMs typically generate an extensive roadmap of new products and enhancements which almost always never get implemented. But is product management really being used…


Email campaign with malware: Javascript downloaders instead of executables as attachments

Several types of emails are being sent with a ZIP attachment containing a single file with this mask: <number>.doc.js.   Here is as text. Apparently, Google loves text because it can index it better, so I am doing here some SEO 🙂   Notice to Appear, You have not paid for driving on a toll road. Please, do not forget to service your debt. The copy of the invoice is attached to this email. Yours faithfully, Sean Worley, E-ZPass Manager. ——————————- Notice to Appear, This is to inform you to appear in the Court on the August 22 for your…


There are also nice parts in giving information to Google. The result is … impressive.

I am logged in in the Chrome browser with my Google account. I have my birthday correctly added there, and yes, it is today… 🙂   Result:  A Google start page personalized for me. I have to say that I am kind of … impressed. Of course it is easy to do it with such much information. But to have this idea implemented is a great thing.   Good job, Google. And thanks.  


How to convince your boss that adding security features from the beginning is worth doing it!

Everything of value has a cost. The same applies to security! I recently flew to Berlin for business purposes with a known airline. As I was the first one checking in, I was asked if I want the seat near the emergency exit. This is, usually, the place where you have more space for your legs. So, I said without thinking too much: Yeeess, please :). The plane was a very small one with propellers and the emergency exit was actually the first seat (1 A). Just in front of the cockpit and face to face with the flight attendant. Now, if you…


What do you think: aggressive sales campaign or fraud?

What do you think after you quickly read this letter? What makes this email special: addressed to me, using the data from the domain registration (mandatory things, which my registrar added) uses my domain name A lot of red text written in capitals special keywords like “notice”, “important”, “notification”, “expiration”, “act”, “immediately” has a clear deadline on it First time I read it I went very quickly and I thought that they try to take over my domain by requiring me to “prolong” the registration with them. This would have required to transfer the domain to them and then pay yearly fees to…


By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close