Implementing ISO 27001:2022 Annex A.16 – Information Security Incident Management Implementing ISO 27001:2022 Annex A.15 – Supplier Relationships Understanding ISO 27001:2022 Annex A.14 – System Acquisition, Development, and Maintenance…
NIS2: Perform a risk assessment NIS2: 3.Establish a cybersecurity framework NIS2: 2.Designate a responsible person or team How-To: NIS2 EU Directive Executive summary: NIS2 Directive for the EU members (updated)…
Balancing functionality and privacy concerns in AI-based Endpoint Security solutions Artificial Intelligence vs. Machine Learning Thoughts on AI and Cybersecurity ChatGPT and copywriting ChatGPT and automotive cybersecurity #2/2: TISAX certification…
If you receive such a message containing an HTML page attached, don’t open it. The email pretends to come from “craigslist – automated message, do not reply <robot@craigslist.org>” and has the subject ”Efax Corporate”. What I find interesting is that the fraudsters didn’t even bother to write JS code to detect if the script runs in […]
http://www.searchsecurity.de/specials/security_corner/isc2/ My cooperation with SearchSecurity.de is finally showing something. I was addded on the (ISC)2 Security Corner: Sorin Mustaca, Avira Operations GmbH & Co. KG Sorin Mustaca, (ISC)²-zertifizierter CSSLP, CompTIA Security+,Project+, ist seit 2000 in der IT Sicherheitsindustrie und seit 2003 bei Avira tätig. […]
We and pretty much the rest of IT world, have written about the Java zero-day exploit, about the fast patch that Oracle release to remove some of the market pressure and also about the fact that such a quick move can only mean that even more bugs were probably introduced, which might lead to other […]
“Developing critical software under pressure has only one consequence — even more bugs,” said Avira data security expert Sorin Mustaca. “I expect to soon see even more bugs and vulnerabilities related to this quick fix.” http://www.linuxinsider.com/story/77079.html http://www.technewsworld.com/story/77079.html http://www.torontotelegraph.com/index.php/sid/211938962/scat/ebc9d7769bc0759e http://www.ecommercetimes.com/story/security/77079.html http://www.macworld.com/article/2025137/security-agency-recommends-disabling-java-due-to-exploit.html http://www.csoonline.com/article/726380/us-cert-disable-java-in-browsers-because-of-exploit http://www.cio.com/article/726307/US_CERT_Disable_Java_in_browsers_because_of_exploit http://www.computerworld.com/s/article/9235615/US_CERT_Disable_Java_in_browsers_because_of_exploit http://www.businesswire.com/news/home/20130114005440/en/Avira-Security-Software-Detects-Java-7-Exploits http://www.latinospost.com/articles/9642/20130115/java-flaw-patch-now-available-download-experts.htm OMG.. my blog posts start to sound […]
We wrote a couple of times already about spams pretending to come from LinkedIn which advertise online pharmacy websites. There is a new spam campaign which changed a bit the way the messages are presented to the users. Now the emails pretend to come from “LinkedIn Co. Technical Support”, “LinkedIn Co. Administration” and from “LinkedIn Reminders”. […]
We don’t know yet if this is a bad joke intended to discredit Oracle and Java, but the media is buzzing about a possible new undetected exploit in Java. This was started by a post of the security researcher Brian Krebs who observed a thread in a known online crime forum where somebody was selling […]
Source: http://oracle.sys-con.com/node/2510668 Avira Security Software Detects Java 7 Exploits “Whenever a vulnerability like this is discovered – especially when it is in a widely distributed software like Java – the bad guys are quick to write exploits that take advantage of the flaw,” said Sorin Mustaca, IT security expert at Avira. “While Oracle ultimately needs […]
If you have read news lately, you couldn’t have missed hearing how well the tablets, smart phones and smart TVs are selling, and how badly the PC market (excluding laptops) is doing. Many so called “futurists” have predicted the passing of the PC era. But is it really gone? Is the Personal Computer really dead, […]
1. This is your standard take-victims-to-a-malicious-Web-page kind of attack. Why the excitement? Because of the high danger of the breach? What? This vulnerability in Java is the second one in the last 6 months (first one on August 29, 2012). The problem with Java is that it is cross platform and it is installed on […]
Facebook has introduced some time ago two-factor authentication for Login. This means that if someone or something tries to login using your account, there will be two steps needed: authentication using username and password (something that you know) and a mobile phone (something that you have). Step 1 Set up the two-step authentication […]
