• #kiev russian helicopters and tanks intimidate the population in Crimea

     source http://www.youtube.com/watch?v=ZUthbNCA1nc




    source https://twitter.com/LTUworld/status/439434646708051968/photo/1

  • target breach shows that big databreaches can never be covered by cyberinsurance

    Cates explained how customers he has worked with have listed a data breach as the second biggest risk on their books after natural disasters. He used the Target breach as an example. “To date, the cost of remediation has been $61m, and $44m of that is covered by cyber-insurance”, he said. “The costs will continue and will eventually total and hundreds of millions. Gartner says that for every $5.6 a data breach costs you, the prevention would have cost only $1.”

    tell that to your CIO who never will believe that anything like that is possible and that those small investments are even necessary and have numerous different advantages

  • Italian privacy commission fined for 4 million Euro in 2013 and will continue in 2014

    In 2014, the Garante's investigations will concentrate on especially on overseas call centres and mobile payment systems, Italy's Data Protection Authority has announced. The inspection plan for the first six months of 2014 is to focus on the areas identified last year, for example, large public databases, management of public networks for wi-fi access, telephone marketing, and mobile payments.  Call centres outsourced to non-EU countries will be given special attention. The Garante also plans to conduct investigations on compliance with the new requirements to report data breaches for telephone companies and Internet service providers.

    Last year, the Garante conducted 411 investigations in various sectors, which is a 4% increase on 2012, and the fines imposed reached some 4 million euros altogether.

    The Garante is able to  carry out a large number of audits as it collaborates with the Special Unit of the Guardia di Finanza, which is an Italian law enforcement agency with offices all over Italy, under the authority of the Minister of Economy and Finance.

    See the Garante newsletter of 25 February (in Italian) at http://www.garanteprivacy.it/web/guest/home/docweb/-/docweb-display/docweb/2949470

  • textsecure the app for encrypted texting

    TextSecure, the secure messaging app developed by the encrypted communication provider WhisperSystems, is no longer merely a private short messaging service (SMS) application. According to a blog post penned by WhisperSystems co-founder Moxie Marlinspike, TextSecure is now a private, asynchronous instant messaging application that does not depend on SMS or multimedia messaging service (MMS).


    In its latest version – released on Google Play today – encrypted group chat and push messaging capabilities are among the app’s new features. However it also offers end-to-end encryption, forward secrecy, and deniability with little or no user-input.  To be clear, the TextSecure server never stores or has access to any user communication or other data.

  • exBelgian Globalsign supports certificate transparancy

    “When implemented, Certificate Transparency helps guard against several types of certificate-based threats, including misissued certificates, maliciously acquired certificates, and rogue CAs. These threats can increase financial liabilities for domain owners, tarnish the reputation of legitimate CAs, and expose Internet users to a wide range of attacks such as a website spoofing, server impersonation, and man-in-the-middle attacks,” Google’s description of the framework says.

    The method requires the CAs to cooperate and submit their certificates to these public logs, and that’s one of the things that’s holding up its broad adoption.


    “We need to get the CAs to change their behavior so they emit certificates this way,” Chris Palmer, a security engineer on the Chrome team at Google, said in a talk at TrustyCon here Thursday.

    big customers or other CA should put pressure on their CA to do the same thing

    if they have nothing to hide they have nothing to lose

  • California Attoryney General's answer to 21 million dataloss ..... a new brochure

    California Attorney General Kamala Harris on Thursday elevated cybersecurity to a major focus of the state's top crime-fighting agency.

    Harris said the personal information of 21.3 million Californians has been compromised in the past two years. Nearly three-quarters of the 300 data breaches were at retailers.

    California is one of the few states that require companies to report when the data of 500 or more customers is stolen

    and the major new initiative is a brochure that has some guidelines

    makes me laugh.... or sick

  • a paywall for Belgian magazines nobody wants

    De digitale markt bracht in 2013 evenmin soelaas. Zo schaften 269 mensen een digitale Humo aan. Nochtans maakte bladmanager Lisbeth Rillaerts zich vorig jaar bij het vertrek van Van Driessche sterk dat het verlies aan printkopers de voorbije jaren "ruimschoots gecompenseerd werd met een relevant bereik via andere platformen".

    De digitale versie van Story moest het wekelijks met 258 lezers stellen. Knack verkocht wekelijks 349 digitale exemplaren, P-Magazine 118.

    well you would have understood the numbers, it means that only 269 people subscribed to the digital version of Humo which has now 134.000 readers

    I used to read Humo during decennia but now I don't know why I should because there no more really investigative articles in it (which was the reason it became a household name attracting the best investigative journalists and the best interviewers) nor any qualitative commentary about the programs.

    but it also means that those paywalls are enormous moneylosers and that it would be much cheapier to throw their enormous and very interesting archives online (and for Humo their fabuluous artistic covers) and get money by traffic and selling prints and re-use of articles.

    the populair daily press is just sensational rubbish I don't care about and that has been reduced elsewhere to pennypress (one euro in fact) not worth any cent more - even not the paper it is written on

  • the new anti-riot cars that the Braslians have bought for the world cup

    there are many dictators who will be looking with interest to these cars

  • something for the FCCU or an European agency an European db of malware

    For example, the FBI has been building a database of malware samples, snappily dubbed the Binary Analysis, Characterization, and Storage System (BACSS), for its investigators. Later this year a declassified version of this, dubbed Malware Investigator, will be made available to security partners, said Comey, who was sworn in as director in September.

    "If a company has been hacked you can send the malware back to us and, in most cases, get a report back in hours about how it works, who it might be targeting and where we've seen it before," he told the conference today.

    "Our goal is to make BACSS the same kind of repository that we have long maintained for fingerprints, criminal records and DNA."

    The FBI will also expand its eGuardian program that allows companies to automatically update the agency about data security breaches involving classified and non-classified material.

  • #kiev russian armed roadblocks on the road to the Crimae

    with police and riotcontrol troops birkut and armed men and russian flags


    the only question is how much of the territory will be lost and in after how much bloodshed

  • yourdeal.be unsecure login and defaced

    so this is the non-secured login

    this is the defacement, luckily they didn't place a phishing page

  • #kiev moment of truth arriving with more russian troops and ships arriving at Crimae

    so how would you could this

    mobilizing troops, sending mp's, having russian military out of their bases with tanks and machineguns and having military training for your troops on nearly all the western borders ?


    there is one advantage is the Crimae becomes independent

    than the Ukraine can become a mamber of NATO as there are no foreign military bases anymore

    and it will have to come under our umbrella as otherwise the Russian bear will leave it never alone

    just believing what he says is so.....munich

  • free SANS tool to test if your network can eliminate 85% of all attacks with these 4 settings

    source https://www.qualys.com/forms/sans-top-4-security-controls/

  • ex security guru from the US says NSA can hack European cloudservers to proof they are not safe

    "NSA and any other world-class intelligence agency can hack into databases even if they not in the US," said former White House security advisor Richard Clarke in a speech at the Cloud Security Alliance summit in San Francisco on Monday. "Non-US companies are using NSA revelations as a marketing tool."

    well that is a reason to have a look at your logs not ?


  • the next (in)security frontier : connected medical devices (that are hacked)

    But another troubling aspect is that once attackers gain access to these devices, they can use them to launch attacks on other devices. 


    Indeed, the report tracked the origin of some of the malicious traffic coming out of medical sites that had been hacked: 


    "The findings of this study indicate that 7% of traffic was coming from radiology imaging software, another 7% of malicious traffic originated from video conferencing systems, and another 3% came from digital video systems that are most likely used for consults and remote procedures."


    In following the trails of this malicious traffic, Norse found detailed information about the layouts of hospitals and specifications of various lifesaving equipment.

    the same old song : first the product than the security

    and in between the incidents and articles and products to secure something that should have been secured from the beginning - before it came to market

    why is it so difficult to let a new medicine on the market and why is it so easy to place unsecured vulnerable connected devices on the market

    deconnect them - period

  • the first wifi virus that automatically attacks unprotected Access points

    Researchers from the University’s School of Computer Science and Electrical Engineering and Electronics, simulated an attack on Belfast and London in a laboratory setting, and found that “Chameleon” behaved like an airborne virus, travelling across the WiFi network via Access Points (APs) that connect households and businesses to WiFi networks.


    Areas that are more densely populated have more APs in closer proximity to each other, which meant that the virus propagated more quickly, particularly across networks connectable within a 10-50 metre radius.


    Alan Marshall, Professor of Network Security at the University, said: “When “Chameleon” attacked an AP it didn’t affect how it worked, but was able to collect and report the credentials of all other WiFi users who connected to it. The virus then sought out other WiFi APs that it could connect to and infect.”


    “Chameleon” was able to avoid detection as current virus detection systems look for viruses that are present on the Internet or computers, but Chameleon is only ever present in the WiFi network. Whilst many APs are sufficiently encrypted and password protected, the virus simply moved on to find those which weren’t strongly protected including open access WiFi points common in locations such as coffee shops and airports.

    as there is no antivirus on the Access Points it is more easy to infect and it doesn't need to do more as everything goes through the access points (passwords, information,....)

  • from Brasil to Europe and bypassing the USA_NSA

    BRUSSELS (Reuters) - Brazil and the European Union agreed on Monday to lay an undersea communications cable from Lisbon to Fortaleza to reduce Brazil's reliance on the United States after Washington spied on Brasilia.

    At a summit in Brussels, Brazilian President Dilma Rousseff said the $185 million cable project was central to "guarantee the neutrality" of the Internet, signaling her desire to shield Brazil's Internet traffic from U.S. surveillance.

    "We have to respect privacy, human rights and the sovereignty of nations. We don't want businesses to be spied upon," Rousseff told a joint news conference with the presidents of the European Commission and the European Council.

    "The Internet is one of the best things man has ever invented. So we agreed for the need to guarantee ... the neutrality of the network, a democratic area where we can protect freedom of expression," Rousseff said.

    But you will have to bypass also the UK because everything that comes into the UK is intercepted by the NSA who is paying for the bases in the UK