General

General July 24, 2020

Facebook advertising at its best

It is known that the Facebook advertising is very aggressive sometimes and that it very often fails. Very often I find strange ads and I click on the details in order to to see why was it displayed to me. If you click on Hide Ad: And then, for example, click on “Irrelevant”:   Then, you can click on “Why did I see this ad?”. I found very strange to see one ad for some kind of sales training and process improving (?!). To my surprise, I’ve seen that the ad was targeting “Star Wars” fans… :))   The other two requirements are always the same: – 18+ – location Germany     So, is this intended and there is actually some study that shows that Star Wars fans are more inclined to buy consulting for improving sales ? What do you think ?    

Read More

General April 20, 2020

“Your Site Has Been Hacked” ransomware email campaign in the wild

I was actually not expecting this kind of ransomware… I am used by now with “You’re hacked”, “You’re infected”… and others alike , but this one with the website is actually really interesting. What I find very disturbing is the fact that there are 5 transactions. A few were for tests, I think, but there is at least one who paid. They do use the a correct website of mine. PS: Of course that my site hasn’t been hacked :))   Here are some of the headers: Return-Path: <hacker@autoservistoth.cz> Received: from autoservistoth.cz ([213.157.59.58]) by mx.google.com with ESMTP id ce7si16117485edb.534.2020.04.17.03.08.14 for <sorin@mustaca.com>; Fri, 17 Apr 2020 03:08:23 -0700 (PDT) Received-SPF: neutral (google.com: 213.157.59.58 is neither permitted nor denied by best guess record for domain of hacker@autoservistoth.cz) client-ip=213.157.59.58; Authentication-Results: mx.google.com; spf=neutral (google.com: 213.157.59.58 is neither permitted nor denied by best guess record for domain of hacker@autoservistoth.cz) smtp.mailfrom=hacker@autoservistoth.cz X-AntiVirus: Checked by Dr.Web [version: 11.1.11.04270, engine: 11.1.9.04170, virus records: 6152810, updated: 8.05.2017] Return-path: <postmaster@thehomebase.top> From: “Hacker” <hacker@autoservistoth.cz> To: sorin@mustaca.com   For indexing better, this is the body of the email. PLEASE FORWARD THIS EMAIL TO SOMEONE IN YOUR COMPANY WHO IS ALLOWED TO MAKE IMPORTANT DECISIONS! We have hacked your website http://www.xxxxxx.com and extracted…

General April 13, 2020

Hey, UniFi, why Java? Or “The Best way to destroy customer trust”

I am using at home Unifi to extend my WiFi through two access points. I am writing this post as a user who paid good money for these devices and feels betraid and left alone in the dark by Unifi. While installing the Unifi Controller on  new machine, I am prompted to install Java. I am forwarded on this page: https://www.java.com/en/download/win10.jsp     Of course, I know that Oracle changed licensing. Yes, this is supposed to be free for personal use. But I don’t like to support this concept, as I personally think that Java should be free for all. So, I tried to install OpenJDK, which is free to use for everybody: https://jdk.java.net/java-se-ri/14 And here started the problems: there is just a ZIP archive on that website. Sooooo, then I googled which environment variables are installed and I set all of them manually. That is a challenge itself, as the OJDK doesn’t seem to come with the required JAR files. Unfortunately, the Unifi Controller refuses to detect the OpenJDK. Then I started to google again on how to use Unifi with OpenJDK: Here As I was assuming, a lot of people are asking the very same thing. It appears…

General April 7, 2020

CSMS – Cyber Security Management System: New Regulations coming from ISO 21434 and WP.29

A Cyber Security Management System (CSMS) is soon going to become mandatory for all vehicles manufacturers and suppliers. In the automotive industry, we are currently seeing that Cyber Security is already a critical success factor. Starting with July 2024, the type approval of vehicles will only be possible if a certified CSMS is available and Cyber Security is ensured throughout the entire life cycle of the vehicle. UNECE WP.29, an upcoming UN regulation on Cyber Security and the ISO/SAE 21434 standard are expected to make this mandatory from mid 2024.   But what is a Cyber Security Management System ? We have a bit of an idea from WP.29: The vehicle manufacturer shall demonstrate to an Approval Authority or Technical Service that their Cyber Security Management System applies to the following phases: – Development phase; – Production phase; – Post-production phase.   There are some phases missing here, right? What about: Design Architecture Change Management Updates   More details in the next post.

General, improve-your-security, News March 27, 2020

People have started to read more about security !

Remember by Free eBook “Improve your security” available for free at https://www.improve-your-security.org ? It looks like I started to get more customers since the Corona Pandemic.     There are almost 1000 readers ! Go ahead and download your copy for free: https://www.improve-your-security.org/download/

General, News March 26, 2020

How to stay safe when being exclusively online

EN https://www.europol.europa.eu/sites/default/files/documents/safe-at-home_final.pdf DE https://www.europol.europa.eu/sites/default/files/documents/safe-at-home_de.pdf RO https://www.europol.europa.eu/sites/default/files/documents/safe-at-home_ro.pdf More here: https://www.europol.europa.eu/activities-services/public-awareness-and-prevention-guides/make-your-home-cyber-safe-stronghold    Recommendations: Wi-Fi: always change the default router password Install antivirus software on all devices connected to the internet Choose strong and different passwords  for your email and social media accounts Review your apps’ permissions and delete those you don’t use Back up your data and run regular  software updates Secure electronic devices with passwords, PIN or biometric information Review the privacy  settings of your social media accounts Online shopping safety tips Buy from reliable online vendors and check individual ratings Think twice: if an offer sounds too good to be true, it probably is Use credit cards when shopping online for stronger customer protection Check your bank account often for suspicious activity   DO NOT: Reply to suspicious messages or calls Open links and attachments in unsolicited emails and text messages Share your bank card details or personal financial information Buy things online that seem to be sold out everywhere else Send money upfront to someone you don’t know Share news that doesn’t come from official sources Make donations to charities without double-checking their authenticity                              …

General, Spam & Phishing March 18, 2020

Bitcoin scam related to the Corona virus

As I mentioned before, there is a lot going on in the cyberspace related to the Corona virus. Unfortunately, many of the things circulating are scams or information that direct to malware. This is an email circulating currently in massive waves in various languages (here in German):   Hallo Sorin Mustaca Falls Sie es noch nicht gehört haben – Bitcoin wird voraussichtlich vor Ende des Jahres über 100.000 Euro erreichen! Das ist 5mal höher als der Höchststand von 2017. Die Prognosen beruhen auf der Ankündigung großer Unternehmen wie Facebook und Uber, dass sie dieses Jahr in die Krypto-Arena einsteigen werden. Wir bieten Ihnen einen Platz auf unserer privaten Anlageplattform – Sie können Ihr kostenloses Konto sofort registrieren und Ihre Reise noch heute beginnen. Ihre Investitionskosten: 250$ Erstellen Sie ein kostenloses Konto   Freundliche Grüße BTC-Era Unsubscribe   They are requesting me to invest 250$ in BTC with the promise that by the end of the year a BTC will be 100K EUR worth. Stay away from such platforms … 🙂

General March 7, 2020

Defending Against COVID-19 Cyber Scams

I personally did not see a scam like this yet, so I quote here the CISA Newsletter.Source: National Cyber Awareness System:   Defending Against COVID-19 Cyber Scams 03/06/2020 01:53 PM EST Original release date: March 6, 2020 The Cybersecurity and Infrastructure Security Agency (CISA) warns individuals to remain vigilant for scams related to Coronavirus Disease 2019 (COVID-19). Cyber actors may send emails with malicious attachments or links to fraudulent websites to trick victims into revealing sensitive information or donating to fraudulent charities or causes. Exercise caution in handling any email with a COVID-19-related subject line, attachment, or hyperlink, and be wary of social media pleas, texts, or calls related to COVID-19. CISA encourages individuals to remain vigilant and take the following precautions. Avoid clicking on links in unsolicited emails and be wary of email attachments. See Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams for more information. Use trusted sources—such as legitimate, government websites—for up-to-date, fact-based information about COVID-19. Do not reveal personal or financial information in email, and do not respond to email solicitations for this information. Verify a charity’s authenticity before making donations. Review the Federal Trade Commission’s page on Charity Scams for more information. Review CISA Insights on Risk Management for COVID-19 for…

General, News September 19, 2019

Products of big security companies flagged as deceptors by Appesteem

Appesteem maintains the Deceptor list, a list of programs who do not respect their requirements. The deceptor list contains most of the time emergent products who want to make $$$ very fast by using some gray-area techniques. I personally have never seen a product of any established company in this list.   To my surprize, while working on the VB Conference paper described in the previous post , I saw two products: Avast Driver Updater since August 5 :   There is a bunch of AV companies already blocking the installer/app from running: Dr.Web ESET K7 Malwarebytes Panda Sophos Trend Micro VirIT Webroot Microsoft      AVG TuneUp Premium since June 4th: There is a bunch of AV companies already blocking the installer/app from running: AegisLab BitDefender Emsisoft GData Ikarus Symantec Microsoft   They are both violating the ACR-004. ACR-004:App offers an ongoing subscription service, but does not offer free fixes for the free scan results shown. For Driver Update utility, it can ask for one time fix payment, but not the term based service payment.   If we see the submission date, it is clear that these are no mistakes: they are business models and the companies are not…

General March 15, 2019

ISO27001 and GDPR

We are talking about Article 32 of GDPR: https://gdpr-info.eu/art-32-gdpr/ It basically says that you should have some measures in place in order to protect customer data by reducing the risk of a customer data to be lost or stolen(through a data breach, through classical theft, losing drives, making information public unintentionally an so on).   Taking into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, the controller and the processor shall implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk, including inter alia as appropriate: the pseudonymisation and encryption of personal data; the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services; the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident; a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing. In assessing the appropriate level of security account shall be…

%d bloggers like this:

By continuing to use the site, you agree to the use of cookies and to its Privacy Policy more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close