Measuring the Imponderable: Auditing IT Risks
Stefano “Korolev” Maccaglia and Angela Scaringella
Many technologies today offer a “click one and catch all” solution. However, in our experience such technologies are simply just a good start. Technologies rely on a wide set of cases already collected and analysed but there is no technology that can “understand” your environment because it is unique and different from others.
Security Risk Assessment How to measure and to be aware of the Risk Assessment element as part of Risk Management in the field of cyber security
Many organizations – both public and private – nowa-days, have implemented and developed their own security risk assessment template tool. The main goal for the template is first to analyse work-flow, then to identify the assets, threat sources and vulnerabilities.
Setting up a Virtual Environment For Testing
It’s hard to have enough rack space, power and cooling, as it should be in a datacenter, at home to host physi-cal servers and enterprise storages along with network and fabric switches: the best way to overcome this challenge is to build a virtual-virtual environment on a well-equipped home personal computer. In this article you will find out what I have built at home: as you read the article you will find that not all the features will be available be-cause some of those are hardware related. Anyway you will have enough material to test and experiment a lot.
We will take look at virtualization basics, setting up a virtual environment and various risk and vulnerabilities associated with virtualization environment.
Spear-phishing, PDF and Countermeasures
Thom Hastings, Martha Gjessing Bakken and Kristine Ivarsøy
In this article we will examine the use of a malicious PDF email attachment as an attack vector into an organization via a client-side attack. The PDF is be packaged in such a way as to avoid antivirus detection. In addition, we will discuss countermeasures to such an attack, both technical and nontechnical, using an updated IDS signature, and proper management techniques such as employee education.
VoIP: A New Era in Threats
Knútur Birgir Otterstedt and Matthew Arnold
Over the last decade VoIP has become increasingly popular, with service providers gaining millions of subscribers each year. However, VoIP is an inexperienced platform, which translates into millions of subscribers being exposed to new phishing and spoofing threats annually. Are you exposed to these threats?
Interview with Andre Luiz Ota – CEO of Ikonn Systems Engineering
Andre Luiz Ota is the CEO and one of the founders of Ikonn Systems Engineering. When younger, he was very curious, never destructive or harmful, but always liked to test his knowledge and vulnerabilities of software, applications, servers and databases. Always used it in order to know the failures and not to make any mistakes in his applications.