The impact of cyber crime on Belgian Businesses

In 2017, the Belgian Cost of Cybercrime project (KUL) published the results of an enlightening study aiming to measure the impact of cybercrime, and more broadly cyber attacks, on Belgian Businesses. We can highligt two results from this paper: First most businesses have been hit by one form or another of cyberattack, some even more […]

Are you prepared to face a TDOS?

Recently, DHS (US Department of Homeland Security) announced they are developing with private partners a solution to mitigate Telephony Denial of Services (TDOS) against emergency numbers and other critical phone numbers. For the past years TDOS attacks seems to have flourish in the US. They are often used to claim a ransom to the targeted number […]

StartSSL is blocked by Chrome & Firefox and they didn’t notified their customers

The SSL certificates issued by Israel based Certificate Authority StartSSL (https://www.startssl.com/) are blocked by Google Chrome and Mozilla Firefox since March 2017. Behind what could be just a technical issue, there is some disturbing facts: First, the reason why Google and Mozilla have decided to progressively block StartSSL (and more importantly WoSign) is the issuance […]

We need more (security) fixers!

This past few years, interest and budgets for ethical hackers and pentesters has grown rapidly. They gain more and more visibility (see the Belgian Cyber Security Challenge or the European Cyber Security Challenge). More important, consulting companies are recruiting young and talented hackers by the dozen those last years. During the last decade, lot of (nor […]

With the US judge ruling against Google, will GDPR force European companies to leave the cloud?

You may have heard that the US federal Judge Thomas Rueter has ruled against Google in their refusal to seize personal emails of one of their customer to the FBI based on the fact that these data were stored in an European Data Center. While in 2016, in a case against Microsoft, a federal judge ruled that US investigators could […]

Why is usability important for security management?

Why is usability important for security management? Is it even important? Obviously for a lot of people, it is not. And that’s a problem. But what is usability anyway? Usability? According to Wikipedia, and I find the definition pretty accurate, usability is “the ease of use and learnability of a human-made object such as a […]

Will IoT kill us someday?

When you’re working in the security industry, being paranoid is kind of natural (or is it the other way around?). So, when you see how easy people, processes and technologies can be hacked, you become rapidly suspicious of anything. We all know bad things can happen and most of the time we try to mitigate […]

Should companies create Bitcoin accounts to be ready to pay ransoms?

In the past months, the press made public different security incidents involving companies being victims of ransomware (1)(2). Most of the time, a ransom had to be paid in Bitcoins. It’s logical as Bitcoins are much easier and cheaper to launder the money and hide the recipient than traditional money laundering circuits. You may decide […]

Your phishing awareness campaign may do more harm than good

Phishing and spear phishing campaigns become more and more elaborate, hence more difficult to identify and consequently more successful. Crelan’s 70 million € loss, early 2016 is a good example of the potential impact of such a successful social engineering attack. As automated security systems are unlikely to detect and block the most elaborate and […]

Is Cybersecurity a good buzzword?

For years now, Information security is a fast growing market. At least for a couple of years, the cyber security market is growing fast. Even in these times of budget cut in many sectors, quite often the cyber security department manages to negotiate an increase of its operational budget. That’s significant, isn’t it? Moreover, nowadays […]

%d blogueurs aiment cette page :