IT Security News has its own Android App

I have finally found the time to make the app I always wanted to have for the “IT Security News” service.   Here is the page on Google’s Play Store: And the screenshots of the app:       Right now it is available only on Android devices, soon it will be available in the Apple’s Appstore.   Help me spread the word about it so that I can have some downloads 😉 Thanks.


How to get rid of Pokemons in your Facebook feed

Short version For those who are really, really, pissed off: Install FB Purity: http://www.fbpurity.com/ Open the FB Purity Facebook app by clicking on the word “FBP” near the search bar. Write in the main screen the word “pokemon” Save the configuration Enjoy your Pokemon free feed   Longer version Go and install FB Purity from http://www.fbpurity.com/install.htm. This means that you need to install an extension for your browser. F.B. Purity is compatible with the following web browsers: Firefox, Google Chrome, Safari, Opera and Maxthon, running on Windows, Mac, Linux. Open the FB Purity Facebook app by clicking on the word “FBP” near…


Social engineering at its best: ransomware delivery methods

I wrote already about Ransomware (and here), but in a more generic way as I will do now. From me to me, with the subject “Documents from work” is the subject of a new Locky ransomware. Attached is a Word document containing macros. In the document (which is actually an archive) is a file called  word\vbaProject.bin. That file seems to be the trigger that downloads the ransomware binary.   This is the link to the VirusTotal detection: https://virustotal.com/en/file/28ba8362af69958964bf8d7e23664cddc625e67b55ff5d5e95e9feef74158e96/analysis/1469020147/ At the moment of writing this post, 30/53 engine detect it.   My goal is not to analyze here the ransomware, but the delivery….


What’s the deal with a PhD?

I found long time ago this animated GIF on the Internet and now I managed to download it. I don’t know who created it, so I can’t give credit to anyone. Why I post this here? Because it matters and because it is exactly my experience which I like to share. Not many know, but I have been part of the PhD program of the Politehnica University Bucharest in Romania for 5 years, immediately after graduating the same university’s Computer Science faculty (field: Software Engineering). My diploma was related to Distributed Systems as well, namely about how to use CORBA…


BMW and cybersecurity

Not a month passes without seeing some major car manufacturer that has cybersecurity issues. This month we have seen made public a report from February 2016 related to BMW. The short story   The BMW ConnectedDrive Web portal was found to contain a vulnerability that could result in a compromise of registered or valid vehicle identification numbers, Vulnerability Lab warns. The security bug, affecting the BMW ConnectedDrive online service web-application, is a VIN (Vehicle Identification Number) session vulnerability, security researcher Benjamin Kunz Mejri reveals. VIN, also known as chassis number, is a unique code used in the automotive industry to…


Web Services: SOAP vs REST

There is a permanent discussion going on and I have seen quite a lot of answers. SOAP (Simple Object Access Protocol) vs. REST (Representational State Transfer) Which one to use and when? Let’s see first the main characteristics of both: S.No SOAP REST 1. SOAP stands for Simple Object Access Protocol. REST stands for Representational State Transfer. 2. SOAP is a protocol. It defines some standards that should be followed strictly. REST is an architectural style. It doesn’t define so many standards like SOAP. 3. SOAP is highly secure as it defines its own security. REST inherits security measures from the…


Ransomware: Prevention is the best solution

Ransomware is malicious software that denies you access to your computer or files until you pay a ransom. There are several types of ransomware that are commonly seen: files/folders encryptors screen ‘lockers‘ MBR ransomware (MBR: master… The post Ransomware: Prevention is the best solution appeared first on Improve Your Security. Want to get the book ? Get it from here: Improve your Security”


VPNMentor.com: Cybertalk with IT security expert Sorin Mustaca

Cybertalk with IT security expert Sorin Mustaca   vpnMentor has had the privilege of talking with Sorin Mustaca, a Certified IT consultant with over 15 years of experience in IT security, and author of “Improve Your Security”, a guide for the common end user that deals with the question of how to beware of cyber threats on the individual level.   By Ditsa Keren, 16/06/2016 Content Can you tell us a little bit about your background in IT security? With so many new threats and with the fast development of hacking technologies, how can an anti-virus stay up to date…


Network Access Control and IoT Security

Network Access Control,  is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement. When a computer connects to a computer network, it is not permitted to access anything unless it complies with a business defined policy: anti-virus protection level, system update level configuration. While the computer is being checked by a pre-installed software agent, it can only access resources that can remediate (resolve or update) any issues and nothing else. Once the policy is met (it has an antivirus, it…


Do you actually need a security product in your car? Part 3 : Intrusion Prevention and Detection Systems

I ended part 2 with the promise that we will discuss about : 2) Intrusion detection and prevention systems (IDS/IPS or IDPS) From Wikipedia: Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it. Intrusion prevention systems are considered extensions of intrusion detection systems because they both monitor network traffic and/or system activities for malicious activity. The main differences are,…


By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close