Category: Sorin Mustaca on Cybersecurity

We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the second step in implementing NIS2 requirements is to designate a responsible person or team. Appointing an individual or a team responsible for overseeing the implementation of the NIS2 directive within your company is critical to…

Read more →

We wrote here https://www.sorinmustaca.com/how-to-nis2-eu-directive/ that the first step in implementing NIS2 requirements is to perform a gap analysis.   The most critical part when performing a gap analysis is to define upfront against which standard or security framework are you…

Read more →

The NIS2 Directive is a European Union legislative text on cybersecurity that supersedes the first NIS (Network and Information Security) Directive, adopted in July 2016. NIS vs. NIS2 While the first NIS (Network and Information Security) Directive increased the Member…

Read more →

The NIS 2 Directive is a set of cybersecurity guidelines and requirements established by the European Union (EU) . It replaces and repeals the NIS Directive (Directive 2016/1148/EC) . The full name of the directive is “Directive (EU) 2022/2555 of the European…

Read more →

This is a follow up article related to Secure Booting and Secure Flashing. It is the 5th article related to Strengthening the Security of Embedded Devices Implementing secure over-the-air (OTA) updates in embedded devices requires careful consideration of various security…

Read more →

This is the third article in the series about embedded devices security, started with Strengthening the Security of Embedded Devices The second article was Secure Booting for Embedded Devices: Safeguarding Systems from Intrusions In this article, we will explore the…

Read more →

This is the second article in the series about embedded devices security, started with Strengthening the Security of Embedded Devices Embedded devices are specialized computing systems designed to perform specific tasks or functions within a larger system. Unlike general-purpose computers,…

Read more →

Embedded devices are specialized computing systems designed to perform specific tasks or functions within a larger system. Unlike general-purpose computers, embedded devices are typically integrated into other devices or systems and are dedicated to carrying out a specific set of…

Read more →

This article is entirely written by Bing AI client integrated in Skype.   Q: write an article describing most secure settings of Microsoft Defender A: Microsoft Defender is a comprehensive security solution that protects your Windows devices from various threats,…

Read more →

In today’s interconnected and data-driven business landscape, information has become one of the most valuable assets for companies. As organizations rely heavily on technology and digital platforms, protecting sensitive data from threats has become a critical concern. This is where…

Read more →

I’ve heard many times IT people and Software Developers complaining that they have difficulties to sensibilize their managers to invest more in cybersecurity. Also some employees of my customers in the cybersecurity consulting area show sometimes frustration when we are…

Read more →

In today’s increasingly interconnected world, cyber threats pose a significant risk to businesses of all sizes. As technology advances, cybercriminals become more sophisticated, making it imperative for organizations to prioritize cybersecurity measures. While investing in robust infrastructure and advanced tools…

Read more →

The security software industry plays a vital role in safeguarding sensitive data and protecting digital infrastructure. However, the industry itself faces a significant threat from supply chain attacks. Supply chain attacks occur when cybercriminals target vulnerabilities within the supply chain…

Read more →

In an increasingly interconnected digital world, the importance of secure software cannot be overstated. Many people think that by using security software all their digital assets become automatically secured. However, it is crucial to recognize that security software itself is…

Read more →

I’ve been asked many times what are the steps to build your own business. This is not a post about “how to…”, the Internet and LinkedIn is full of them,  but more like a checklist with things you should consider…

Read more →

I’ve been asked many times what are the steps to build your own business. This is not a post about “how to…”, the Internet and LinkedIn is full of them,  but more like a checklist with things you should consider…

Read more →

Introduction The automotive industry has witnessed a paradigm shift with the increasing integration of software in vehicles. Modern cars are no longer just mechanical devices with a motor, wheels and steering; they are now sophisticated machines having dozens of CPUs…

Read more →

It’s been a while since I received a targeted phishing. This time it is on one of my email accounts hosted on Google, and strangely, their phishing filter did not catch this one.     ITNotification <ITNotices@mail.com>  sorin@mustaca.com Expiration Your…

Read more →

I received a spam and the guy offered to have my corporate site re-written. He sent me an example of how it be like in a Google Docs document. The text was very artificial, kind of those written by ChatGPT…

Read more →

As promised, I played more with ChatGPT and this time I started to dig a bit into cybersecurity for automotive. Since I am working these days on CSMS (based on ISO ECE 21434 and TISAX), part of my companies consulting…

Read more →

So much hype about ChatGPT these days.. But what does it mean? So, I gave it a try … and I created an account. This is the first post from many about ChatGPT. First thing you see when you go…

Read more →

PayPal is sending a lot of emails these days, one of these got me confused. I am sure now it is a valid email, but the multitude of different links in it and the confusing information is making this email…

Read more →

A brief history of software vulnerabilities in vehicles (Update 2023) The post A brief history of software vulnerabilities in vehicles (Update 2023) first appeared on Sorin Mustaca on Cybersecurity. This article has been indexed from Sorin Mustaca on Cybersecurity Read…

Read more →

Av-Comparatives did a long-term test of security Business Products. The details can be seen here: https://www.av-comparatives.org/tests/business-security-test-august-september-2022-factsheet/ Initially, I wanted to write about this test because I was surprised to see how well Microsoft Defender performed. But then, I started to…

Read more →

Av-Comparatives did a long-term test of security Business Products. The details can be seen here: https://www.av-comparatives.org/tests/business-security-test-august-september-2022-factsheet/ Initially, I wanted to write about this test because I was surprised to see how well Microsoft Defender performed. But then, I started to…

Read more →

Av-Comparatives did a long-term test of security Business Products. The details can be seen here: https://www.av-comparatives.org/tests/business-security-test-august-september-2022-factsheet/ Initially, I wanted to write about this test because I was surprised to see how well Microsoft Defender performed. But then, I started to…

Read more →

This article has been indexed from Sorin Mustaca on Cybersecurity (ISC)2 maintains this page https://www.isc2.org/member-counts.aspx# with the counts of all certifications per country. I wrote before about this here https://www.sorinmustaca.com/how-many-certified-secure-software-lifecycle-professionals-are-out-there/, but this was back in 2013 (1.5 years after I…

Read more →

This article has been indexed from Sorin Mustaca on Cybersecurity Today is Cyber Monday , a day when all webshops (and not only)  give big discounts to many products they sell. Even if the discount campaigns of some webshops are…

Read more →

This article has been indexed from Sorin Mustaca on Cybersecurity While I was looking after some resources for a presentation, I found this interesting lecture from ENISA.   Advancing Software Security in the EU Download PDF document, 622 KB This…

Read more →

This article has been indexed from Sorin Mustaca on Cybersecurity I have a plugin that prevents multiple unsuccessful logins. As can be seen, the spammers try several combinations like: admin (the default), then site name, and several others. It is…

Read more →

This article has been indexed from Sorin Mustaca on Cybersecurity Quelle: https://www.bsi.bund.de/DE/Service-Navi/Publikationen/Lagebericht/lagebericht_node.html   Malwarelage: Das vergangene Jahr war geprägt von einer deutlichen Ausweitung cyber-krimineller Erpressungsmethoden. Nicht nur die Anzahl der Schadprogramm-Varianten stieg zeitweise rasant an – mit bis zu 553.000…

Read more →

This article has been indexed from Sorin Mustaca on Cybersecurity I just finished the online course “Cyber Diplomacy“, a course from the United Nations Office for Disarmament Affairs. For me it was interesting to find out how much from the…

Read more →

This article has been indexed from Sorin Mustaca on Cybersecurity I just finished the online course “Cyber Diplomacy“, a course from the United Nations Office for Disarmament Affairs. For me it was interesting to find out how much from the…

Read more →

This article has been indexed from Sorin Mustaca on Cybersecurity ISC2 requires a recertification every 3 years. For this, you need to pay your fees and to make proof that you were active in the profession. This can be done…

Read more →

This article has been indexed from Sorin Mustaca on Cybersecurity ISC2 requires a recertification every 3 years. For this, you need to pay your fees and to make proof that you were active in the profession. This can be done…

Read more →

ITSecurityNews.info is my security news aggregator, which collects RSS feeds and publishes them in WordPress automatically. A long time ago I created an app using AppSpotr, but since then things have changed. So, I decided to write one myself. Of…

Read more →

ITSecurityNews.info is my security news aggregator, which collects RSS feeds and publishes them in WordPress automatically. A long time ago I created an app using AppSpotr, but since then things have changed. So, I decided to write one myself. Of…

Read more →

Read the original article: Twitter is strange when it comes to business accounts I created my company’s Twitter account, called  @EndpointCS . Obviously, I tried to add the birth date of the company: 1.1.2015. Well, imagine what happened next with…

Read more →

Read the original article: A post about searching a software developer on LinkedIn that didn’t go as planned I was and still am in need of a freelance Android developer with experience in Java. After trying all other possibilities (my…

Read more →

Read the original article: A post about searching a software developer on LinkedIn that didn’t go as planned I was and still am in need of a freelance Android developer with experience in Java. After trying all other possibilities (my…

Read more →

Read the original article: Defender Application Control or Defender SmartScreen – what can you do to not be blocked by it Ever wondered why do you get one of these popups for your Windows program, despite of the fact that…

Read more →

Read the original article: Speaking at the Virus Bulletin Conference 2020: ‘One year later: Challenges for young anti-malware products today’ Source: https://vblocalhost.com/presentations/one-year-later-challenges-for-young-anti-malware-products-today/ A year ago, at VB2019 we presented for the first time an overview of how the anti-malware world…

Read more →

Read the original article: Facebook advertising at its best It is known that the Facebook advertising is very aggressive sometimes and that it very often fails. Very often I find strange ads and I click on the details in order…

Read more →

Read the original article: A brief history of software vulnerabilities in vehicles Car Hacking News Timeline 2017-2019 [1] 2019: Hack of an OEM’s automotive cloud via third-party services and tier-1 supplier network 2019: Memory vulnerability at a cloud provider exposed…

Read more →

Read the original article: A brief history of software vulnerabilities in vehicles Car Hacking News Timeline 2017-2019 [1] 2019: Hack of an OEM’s automotive cloud via third-party services and tier-1 supplier network 2019: Memory vulnerability at a cloud provider exposed…

Read more →

Read the original article: “Your Site Has Been Hacked” ransomware email campaign in the wild I was actually not expecting this kind of ransomware… I am used by now with “You’re hacked”, “You’re infected”… and others alike , but this…

Read more →

Read the original article: “Your Site Has Been Hacked” ransomware email campaign in the wild I was actually not expecting this kind of ransomware… I am used by now with “You’re hacked”, “You’re infected”… and others alike , but this…

Read more →

I am using at home Unifi to extend my WiFi through two access points. I am writing this post as a user who paid good money for these devices and feels betraid and left alone in the dark by Unifi.…

Read more →

A Cyber Security Management System (CSMS) is soon going to become mandatory for all vehicles manufacturers and suppliers. In the automotive industry, we are currently seeing that Cyber Security is already a critical success factor. Starting with July 2024, the…

Read more →

A Cyber Security Management System (CSMS) is soon going to become mandatory for all vehicles manufacturers and suppliers. In the automotive industry, we are currently seeing that Cyber Security is already a critical success factor. Starting with July 2024, the…

Read more →

Remember by Free eBook “Improve your security” available for free at https://www.improve-your-security.org ? It looks like I started to get more customers since the Corona Pandemic.     There are almost 1000 readers ! Go ahead and download your copy…

Read more →

EN https://www.europol.europa.eu/sites/default/files/documents/safe-at-home_final.pdf DE https://www.europol.europa.eu/sites/default/files/documents/safe-at-home_de.pdf RO https://www.europol.europa.eu/sites/default/files/documents/safe-at-home_ro.pdf More here: https://www.europol.europa.eu/activities-services/public-awareness-and-prevention-guides/make-your-home-cyber-safe-stronghold    Recommendations: Wi-Fi: always change the default router password Install antivirus software on all devices connected to the internet Choose strong and different passwords  for your email and social media accounts…

Read more →

I sometimes can’t stop to ask myself if the scammers are actually human beings with feelings of loss and tragedy and if they have the same concerns as the normal citizens. I guess they are not, because otherwise you can’t…

Read more →

Experte zu Handy-Hacks: So kann man sich schützen TECHNIK 14:04 04.02.2020Zum Kurzlink Von Bolle Selke Die USA hacken das Handy von Bundeskanzlerin Angela Merkel und Saudi-Arabien das von Amazon-Chef Jeff Bezos? Müssen sich also nur Prominente Sorgen um ihr Smartphone machen?…

Read more →

Experte zu Handy-Hacks: So kann man sich schützen TECHNIK 14:04 04.02.2020Zum Kurzlink Von Bolle Selke Die USA hacken das Handy von Bundeskanzlerin Angela Merkel und Saudi-Arabien das von Amazon-Chef Jeff Bezos? Müssen sich also nur Prominente Sorgen um ihr Smartphone machen?…

Read more →

German users are receiving a lot of such spams these days: It is about a package which allegedly it has its transport costs not paid. (2 €). The user is invited to visit a page where he can be pay…

Read more →

German users are receiving a lot of such spams these days: It is about a package which allegedly it has its transport costs not paid. (2 €). The user is invited to visit a page where he can be pay…

Read more →