Security Newsletter 22 is available
The Security Newsletter 22 is available. We are proud to have as guest Joan DAEMEN. Joan is one of the authors of KECCAK, the new algorithm selected by NIST to become the new official SHA-3 function....
View ArticleFavor helps
If you do favor to one person, will this person more likely comply to your request? Dennis Regan studied this question in 1971. The purpose was to validate: Subject is more likely to respond your...
View ArticleSocial engineering and catastrophes
Recently, I visited a security company. They presented their new impressive Security Operational Centers. The security analysts had a continuous update of the sanity of their networks, the most...
View ArticleCloud services as Command and Control
Cloud services are increasing the surface of attack of corporate networks. For instance, we associate usually to file sharing services the risk of leak of confidential information. This is a real...
View ArticleStealing account with mobile phone-based two-factor authentication
Attackers often entice users to become the weakest link. Phishing and scams exploit the human weakness. These attacks become even creepier if the attacker circumvents legitimate security mechanisms....
View ArticleA “charitable” ransomware
This is not a joke. Heimdal Security disclosed a new variant of ransomware combining CryptoWall 4 and CryptXX. It has all the usual components of ransomware. The ransom itself is high: five bitcoins...
View ArticleLaw 7 – You Are the Weakest Link
This post is the seventh post in a series of ten posts. The previous post explored the sixth law: Security is not stronger than its weakest link. Although often neglected, the seventh law is...
View Article