From time to time, surveys reveal human behavior that are scary. On 2008, a survey revealed that woman love chocolate more than password security. I just read another one on a Belgian news website: To stay safe, the Belgian citizen is ready to sacrifice some of his privacy! (Source: rtbf.be
Category: Security
Help Your Laptop to Survive a Security Conference
BlackHat Europe is at our doors! I’ll flight to Barcelona on Sunday evening. Just enough time (amongst other things) to prepare my laptop against the “Jungle”. Today, you can’t attend a security conference without a laptop and some Internet connectivity. To take notes, to visit websites reported during talks, to
Belgium will have its Own Cybercrime Competence Center?
As I wrote in a previous blog post, I went to the FIC2010 conference last week. One of the talks I attended was about the “2centre” initiative. 2centre (“2c” for “cc”) means “Cybercrime Centers of Excellence Network for Training, research and Education“. Those centers of excellence focus on law enforcement.
My First Visit @ FIC2010
I’m back from Lille (France) where was organized the 4th edition of “FIC” – “Forum International sur la Cybercriminalité” – during two days. This was my first edition and I was pleasantly surprised: I was a bit afraid to attend an event organized in France for French speaking people about
Detecting Fraud with OSSEC
For a while, it looks that “Fraud detection” is a hot-topic for many SIEM vendors (“Security Information and Event Management“). Recent presentations or webcasts I attended had always some time dedicated to “fraud”! The vendors can’t be blamed to find new opportunities to sell their products. Today they are solutions
Close the Security Holes in your Firewalls!
Who is not protected by a firewall today? Nobody! Our Internet (as well as local) traffic is inspected by multiple firewall layers. They are present everywhere: on Internet gateways, in front of data-centers, between departments, even your workstation is running a firewall. For a few years, a new type of
InfoSecurity, (ISC)2, ISACA, My Security Marathon
This week is a real security marathon. I was in London yesterday but came back to Belgium too late to attend the ISSA Belgian Chapter meeting. The invited speaker was a great one: Chris Hoff. According to friends, it was great! Today was also the first day of the InfoSecurity.be
Security Policies Must Be Enforced!
Last week, I had a very interesting meeting with the Belgian FCCU (“Federal Computer Crime Unit“) about the security of “public” networks. The FCCU is the Federal Police division involved in all kind of computer forensics investigations. By the way, they also have their own Linux live-CD called “Lnx6N4” which
Detecting USB Storage Usage with OSSEC
Next step in my investigations with OSSEC. The possibilities of OSSEC are awesome and could clearly, in some case, replace a commercial log management solution! After collecting the Secunia vulnerabilities into OSSEC, I switched to the “dark side”: the Microsoft Windows agent. The USB sticks are very popular at users
OpenSSH New Feature: “Netcat mode”
The new version (5.4) of OpenSSH has been released early this morning. OpenSSH is THE free implementation of the SSH protocol available on common devices and operating systems. The primary goal of OpenSSH is to allow remote access to hosts for management purpose. But many other features make OpenSSH a