Military/Government Feasibility Study of OpenPMF™ Security Policy Automation We have a current (August/September 2018) funded opportunity for anyone here with good existing inroads into Air Force. Please only contact me if you have existing inroads. We need short-term results, so we don't need cold-calling etc. We also have already contacted a lot of [...]
Cyber supply chain is the procurement of hardware and software. Supply chain risks are a major source of IT vulnerabilities, and the different risks are highly interrelated, including cybersecurity risks. In this presentation, I will present a current case study of innovative solutions – based on data aggregation, data analytics & AI – we [...]
VPNFilter is a current malware designed to infect routers. As of 24 May 2018, it is estimated to infect approximately 500,000 to 1,000,000 routers worldwide. It can steal data, contains a "kill switch" designed to destroy the infected router on command, and is able to persist should the user reboot the router. The FBI [...]
By Dr. Ulrich Lang, CEO The press is full of coverage of Facebook's privacy breaches. The sad part of the story is that many security and privacy professionals (including myself) have been working for years to create awareness and educate about the issues that are (if you would believe the press coverage) just coming [...]
The Internet of Things (IoT) is the network of physical devices, vehicles, home appliances and other items embedded with electronics, software, sensors, actuators, and connectivity which enables these objects to connect and exchange data[i]. The IoT is going to be transformational – significantly impacting most industries and parts of society. Experts estimate that [...]
1. Increased adoption of risk-based and biometric authentication tools Anthem and Equifax breaches have raised some very serious questions on password-only authentication options. Service providers as well as consumers are now looking for alternatives that will reduce the risk of data breach. As risk-based authentication tools assess the background behavior and other data of [...]
COACH (an EU IST project 2002-2004) - developed a component based open source architecture for distributed telecom applications. COACH realises a flexible and complete Open Source component framework based on the CORBA Component Model (CCM) standard of the Object Management Group (OMG). COACH allows the rapid transformation of architecture and design level components to execution [...]
CRISIS (a multi-year EU FP6 R&D project 2010-2013) was conceived as a 3D immersive virtual world in which major incidents occur. Trainees are presented with a real-time evolving situation such as a train crash resulting in fires, explosions, increasing casualties and resources distributed around in a 3D virtual world. The trainee is required to [...]
What is wrong with CyberSecurity? According to an article in The Hill the new DHS breach illustrates perfectly what is wrong with today's cyber security practices. They say that "organizations should focus less on how a breach occurred (hacking, insider, fraud, etc.) and focus more on building up and preserving customer trust in their [...]
Firewalls come in many forms and often do not offer enough protection. In this blog post I describe a little project I've done to see how we can use a hardware firewall with Suricata based intrusion prevention in a somewhat portable way. Paranoid or necessary? I'd say necessary, considering the myriad of attacks that [...]