I published the following diary on isc.sans.edu: “May People Be Considered as IOC?“: That’s a tricky question! May we manage a list of people like regular IOC’s? An IOC (Indicator of Compromise) is a piece of information, usually technical, that helps to detect malicious (or at least suspicious) activities. Classic types
Everybody is aware of the massive amount of refugees crossing Europe borders to try to find a better life. I won’t start a debate about this, it’s not the goal of this blog. But, when I was contacted by a friend who asked me if I could help some refugees
In March 2011, Brian Honan contributed to an issue of the INSECURE magazine with an article called “Management are from Mars, information security professional are from Venus“. This title comes from the John Gray’s worldwide bestseller where he presents the relations between men and women. Still today, we can reuse this subject
Often, as security professionals, we tend to blame our users. Not all people are security aware and take the right decision when facing a potential security issue. Yes, we know: they click, they open, they answer questions, they trust, …
I just had a good experience today about the “social impact” of malware infections and I would like to share it with you. For most infosec people, it is part of the game to play the fireman for family and friends when they are in trouble with their computer. The
The third edition of BSidesLondon has been announced! Â The crew has already started to work on the event organization and the CFP is open. Block already your agenda:Â April 24th, 2013 – Kensington & Chelsea Town Hall. I attended the two first editions as a speaker in 2011 and regular visitor
Strange title isn’t it? Be patient, you’ll understand. Today, I’d like to post a small reflection about a discussion I had with other infosec guys during BruCON. This is not directly related to information security… though! The discussion was about the difficulties to combine a job and family life! Let’s
Real time events or network traffic analysis is interesting to track suspicious behaviors. And, if you add some external sources of information, you could increase even more the capability of detecting real events. Such ranking sources applies usually to IP addresses and domain names. They are plenty of online resources
During the last BruCON edition (0x03), we operated our own DNS resolver. Instead of using public servers or the ones proposed by our ISP, pushing our own DNS resolver to network visitors can be really interesting. Of course, addicted to logs, I activated the “queries_log” feature of bind to log
In big organizations with lot of employees, not all people have the right attitude or knowledge to use information assets in a good safe way. This is not a complain, just a fact. To educate these people, a security awareness program must be implemented to make them aware of the
