I read very often about vulnerabilities and companies that got hacked. Many times, the reason for which they got hacked was because some recommendation issued by some smart people (read: security minded people) are ignored. But why are they ignored? I found some articles where several explanations are given for what is called “information avoidance“. […]
39 fixes are supposed to be delivered via iOS 8.3. Areas like KeyStore, Drivers, Backup, Kernel, Certificate Trust Policy, Networking, Lock Screen, Safari and the WebKit, and many more are being fixed. Apple doesn’t provide how critical the issues were, but from what I see there, at least a dozen or so made me raise my […]
In the News Quote for the Day “It is no secret that the cyber criminals are where the money is. If the targets are easy to breach, it is even better since this improves the ratio effort/outcome for them.” Sorin Mustaca, CSSLP, covers the basics for small to medium business inComputerWorldUK’s Infosecurity Voice and on the […]
My blog post “What is a security expert?” which I published in the (ISC)2 Blog was mentioned in the (ISC)2 EMEA Newsletter: Germany’s Sorin Mustaca, CSSLP takes an analytic look at what it means to be an information security professional, also on the (ISC)² Blog
All my blogs use WordPress. Why WordPress ? Because it is customizable and I can tweak it in any way I want… Well, almost… But from time to time there is the need to update it. Yesterday the update 4.0.1 was release which fixes important security bugs: Three cross-site scripting issues that a contributor or author […]
You must have heard of the brand new version of iOS which was release yesterday: iOS v8. While the media is still considering and reconsidering their recommendations for each device on whether or not you should upgrade, here are my reasons to update my iPad 3rd generation. I don’t have an iPhone anymore, I am an […]
The summer closes to end soon and we know that the next thing to happen is: children go back to school. Parents are always concerned (for good reasons) for what and how their children will do, and since a couple of years they have other concerns. Their children have smartphones, multiple online identities – parents […]
A team of British security consultants (Context) hacked their way into a private Wi-Fi network — using Lifx bulbs as the backdoor. In a typical Lifx setup, one bulb will automatically serve as the “master,” communicating directly with your smartphone and then relaying all info to other “slave” bulbs. Context’s team was able to hack their […]
In software engineering (and Systems Engineering), a functional requirement defines a function of a system or its component. A function is described as a set of inputs, the behavior, and outputs (see also software). Functional requirements may be calculations, technical details, data manipulation and processing and other specific functionality that define what a system is supposed to accomplish. Behavioral requirements describing all the cases where […]
I wrote many times about Java, their vulnerabilities, how to disable it… Just search in this blog for the term Java. I’ve been asked many times why do I think that we are seeing these zero day vulnerabilities. The problem The problem of Oracle is that they bought a technology that was […]
