Uncategorized

No Image

Uncategorized November 22, 2013

About cyber attacks

Do you think that the cyberattacks have increased these last months/years?   The cyberattacks have definitely increased in the last years, but not only that. The attacks have become more like a business. It is possible now to purchase a cyberattack against an organization (the entire network), against websites and social media accounts. The cybercriminals have created a real business for the cyberattacks: – They are professionally advertised and you can choose what kind of attack you want – They are better prepared – In order to justify the costs they are better measured (the damages) In parallel to the business aspect of the cybercrime we also see a lot of ideological cyberattacks. The various ideological groups in the Internet are making their cause known to the masses by hacking known websites in order to publish there some content which advertises their cause.   Do you think that people it’s not really aware of how easy is to be a victim of a cyberattack? In general, cyberattacks are not targeting individuals but organizations. People are aware that anyone could be a victim of malware, phishing or identity theft. Some time ago it was a matter of costs in order to…

No Image

Uncategorized February 12, 2013

Was BusinessWire also hacked?

I received the following email from BusinessWire.com  which makes me think that they got somehow hacked and are forcing all users to change their password. I couldn’t see anything on their website, also Google didn’t provide anything useful. We will be requiring all Businesswire.com users to change their password in the next few days. This maintenance is part of our ongoing efforts to secure our proprietary systems, as well as the sensitive information we house for our clients. How do they secure their systems by forcing a password reset? I think that somebody hacked their DB, has stolen their passwords (hashed or not) and  now they are doing damage control. In case you asking if this was a phishing email, I don’t think so. There is no request in the email, no link whatsoever. Important Notice Regarding Your Business Wire Password Dear Client: As part of Business Wire’s continuing commitment to security, we will be requiring all Businesswire.com users to change their password in the next few days. This maintenance is part of our ongoing efforts to secure our proprietary systems, as well as the sensitive information we house for our clients. In addition to regular maintenance, we are also implementing more aggressive precautions…

No Image

Uncategorized January 18, 2013

More quotes of me about the Java zero-day exploit

“Developing critical software under pressure has only one consequence — even more bugs,” said Avira data security expert Sorin Mustaca. “I expect to soon see even more bugs and vulnerabilities related to this quick fix.”   http://www.linuxinsider.com/story/77079.html http://www.technewsworld.com/story/77079.html http://www.torontotelegraph.com/index.php/sid/211938962/scat/ebc9d7769bc0759e http://www.ecommercetimes.com/story/security/77079.html http://www.macworld.com/article/2025137/security-agency-recommends-disabling-java-due-to-exploit.html http://www.csoonline.com/article/726380/us-cert-disable-java-in-browsers-because-of-exploit http://www.cio.com/article/726307/US_CERT_Disable_Java_in_browsers_because_of_exploit http://www.computerworld.com/s/article/9235615/US_CERT_Disable_Java_in_browsers_because_of_exploit http://www.businesswire.com/news/home/20130114005440/en/Avira-Security-Software-Detects-Java-7-Exploits http://www.latinospost.com/articles/9642/20130115/java-flaw-patch-now-available-download-experts.htm     OMG.. my blog posts start to sound like those of Bruce Schneier : full of links where I am quoted … 🙂

No Image

Uncategorized January 16, 2013

Q&A over Oracle’s Java in regard to the zero-day exploit

1. This is your standard take-victims-to-a-malicious-Web-page kind of attack. Why the excitement? Because of the high danger of the breach? What? This vulnerability in Java is the second one in the last 6 months (first one on August 29, 2012). The problem with Java is that it is cross platform and it is installed on over 1 billion devices (according to Oracle) on a multitude of platforms and operating systems. If something so wide-spread like Java gets affected and misused to spread malware or worse (imagine what an impact would a DDOS started by this would have) it is absolutely normal to be so much in the mass media. 2. Oracle’s fix switches Java security settings to high by default. This requires users to expressly authorize the execution of applets which are either unsigned or self-signed. Doesn’t any decent AV system already do that if it’s set up to do that by the user? Not necessarily the AV software should do this. That there are millions of applets out there which are not signed or self-signed. If the AV producers would only report something like this, they would do nothing else than whitelist these applets. In my opinion it is…

No Image

Uncategorized October 22, 2012

1000 Contacts

I finally reached 1000 contacts on LinkedIn. Why “finally” ? Because it took me more than 10 years to reach this … Why do I do want to have so many contacts? Because : I like to be networked I think that I deliver a value to my contacts – the IT_SecurityNews Twitter feed which is delivered on LinkedIn provides valuable, hand picked information from the IT Security industry. If someone remembers your name from somewhere, it is easier to get in touch with him/her Last but not least: You never know when you need someone   Click here to add me on LinkedIn:  

No Image

Uncategorized October 10, 2012

The Avira Techblog has two languages from now on

Apparently, many German Facebook fans of Avira have difficulties reading English. Because of this reason, we have created a special page for them: http://www.facebook.com/avira.german.   Today, I have created also in the Techblog a German area which is available here: http://techblog.avira.com/de Now it is pretty lonely there, but we will add more articles soon.  

No Image

Uncategorized May 17, 2012

Finally, officially CSSLP certified

(ISC)2 requires that a candidate meets some requirements before he/she receives the right to call himself/herself (ISC)2 certified.     Receiving the (ISC)² credential is a several-step process: Required Experience – possessing the required number of years for the appropriate credential Study – taking advantage of the educational materials (ISC)² makes available for you to review and refresh your knowledge before taking the credential examination Application – validating your education and/or experience Examination – sitting and passing the appropriate exam Code of Ethics – committing to and abiding by principles and guidelines set forth by (ISC)² Endorsement Process – attesting to your eligibility requirements After that you get :    Maintaining your membership requires the following: Remain in Good Standing – to remain in good standing as a member of (ISC)² a credential holder must abide by the (ISC)² Code of Ethics Earn Continuing Professional Education Credits (CPEs) – Credential holders must earn the minimum number of Continuing Professional Education credits (CPEs) annually during each year of the three-year certification cycle. Although members may earn more than the minimum number of CPE credits required for credential maintenance for the three-year cycle, they are still required to earn and submit the minimum annual number to maintain their certification in “good standing.” Pay…

No Image

Uncategorized July 28, 2011

Google Page Speed Service

Page Speed Service is an online service to automatically speed up loading of your web pages. Page Speed Service fetches content from your servers, rewrites your pages by applying web performance best practices and serves them to end users via Google’s servers across the globe. The extent of speed up depends on a variety of factors such as content on your pages, browser, geographic location of access, bandwidth, etc. You can run tests to measure the speed up of your site in a few minutes. At this time, Page Speed Service is being offered to a limited set of webmasters free of charge. Pricing will be competitive and details will be made available later. You can request access to the service by filling this web form.   Now the reality check 🙂 Where are the 60% ?   Page Speed Service Comparison for mustaca.com   Original Optimized Difference Page Load Time 3.109s 3.406s +0.297s (9.6%) Start Render Time 2.432s 2.191s -0.241s (9.9%) Repeat View Page Load Time 2.549s 2.644s +0.095s (3.7%) Repeat View Start Render Time 2.188s 2.159s -0.029s (1.3%) Full Test Result view test view test Page Speed Service Comparison for avira.com   Original Optimized Difference Page Load Time…

No Image

Uncategorized May 18, 2011

Vote for my pictures

Click on this link: http://www.breitling.com/contest/vote.php?u=658025144 Login on Facebook and vote my pictures either one by one  or all at once: http://apps.facebook.com/breitling/votepic.php?id=3648 http://apps.facebook.com/breitling/votepic.php?id=3647 http://apps.facebook.com/breitling/votepic.php?id=3646 http://apps.facebook.com/breitling/votepic.php?id=3645   If I get enough votes I might get a voucher to get a flight license.   This is how you vote: 1. Go here: http://www.breitling.com/contest/vote.php?u=658025144 2. You are asked to login to Facebook. Please login. 3. You are presented this page: Depending on your Facebook settings, you might have to Like the page first and then click on Vote in order to see the photos.   4. Click on each picture. Note that you will see on you Facebook Wall that you voted for me.  

%d bloggers like this: