Dan Tofan

Newsletter 26 – May 02, 2019

Some interesting stuff that I found online:     SECURITY: “Hidden backdoors” into Huawei’s equipment – https://www.bloomberg.com/news/articles/2019-04-30/vodafone-found-hidden-backdoors-in-huawei-equipment https://www.theregister.co.uk/2019/04/30/huawei_enterprise_router_backdoor_is_telnet/ Lessons learned from Maersk after NotPetya- https://www.zdnet.com/article/ransomware-the-key-lesson-maersk-learned-from-battling-the-notpetya-attack/   Good point of view on what is “reasonable security” – https://www.csoonline.com/article/3390150/what-is-reasonable-security-and-how-to-meet-the-requirement.amp.html ENISA’s human behavioral aspects of cyber security – https://www.enisa.europa.eu/publications/cybersecurity-culture-guidelines-behavioural-aspects-of-cybersecurity/ Top 25 women leaders in cyber security – https://www.thesoftwarereport.com/top-25-women-leaders-in-cybersecurity-of-2019/ […]

Read more

Newsletter 25 – April 25, 2019

Some interesting stuff that I found online:   SECURITY: Interesting case involving Fortinet – https://www.cyberscoop.com/fortinet-legal-settlement-china-us-military/ EC decides there is no evidence Kaspersky is malicious – http://www.scmagazine.com/home/security-news/european-commission-no-evidence-kaspersky-software-is-malicious/ TajMahal, a sophisticated APT – https://securelist.com/project-tajmahal/90240/ Apparently, there is proof that Huawei was funded by Chinese state  – https://www.forbes.com/sites/zakdoffman/2019/04/20/cia-offers-proof-huawei-has-been-funded-by-chinas-military-and-intelligence/#57b368377208 Stuxnet, goes as far as 2005 actually – https://www.darkreading.com/threat-intelligence/stuxnet-family-tree-grows/d/d-id/1334511   […]

Read more

Newsletter 24 – April 19, 2019

Some interesting stuff that I found online:   SECURITY: Some of my thoughts on the future of cyber security – https://medium.com/@tofandan/how-about-the-future-of-cyber-security-ec1515a206c7 Interesting developments in the cyber insurance market – https://www.nytimes.com/2019/04/15/technology/cyberinsurance-notpetya-attack.html Top cyber security influencers to follow on social media – https://blog.appknox.com/top-cybersecurity-influencers/     Next steps for Julian Assange – https://www.politico.com/newsletters/morning-cybersecurity/2019/04/12/whats-next-for-julian-assange-581816   SOCIAL: A quick pick […]

Read more

Newsletter 23 – April 10, 2019

Some interesting stuff that I found online:   SECURITY: Some of my thoughts on the future of cyber security – https://medium.com/@tofandan/how-about-the-future-of-cyber-security-ec1515a206c7 Key takeaways from the EU Cyber Security Forum – https://cybersecforum.eu/en/brussels/2019-takeaways/?mc_cid=4fd730efcc&mc_eid=3fb0bc48fe 38 mil. Euros available from EC for cyber security projects – https://ec.europa.eu/info/news/eu38-million-available-digital-security-research-projects-2019-mar-14_en   A little something on cyber security staff retention policies – https://www.helpnetsecurity.com/2019/03/04/cybersecurity-staff-retention-tactics/ […]

Read more

How about the future of cyber security?

  A simple online search for “cyber security predictions” will reveal a tremendous number of results. Everybody feels confident enough that they can predict the future in this area. But to what good, if human predictions are no better than “chimps randomly throwing darts at the possible outcomes”. Are we even near close to what […]

Read more

Newsletter 22 – February 28, 2019

Some interesting stuff that I found online:   SECURITY: Top 5 Cybersecurity Economic Reports for 2019 – https://www.linkedin.com/pulse/top-5-cybersecurity-reports-2019-quick-reference-guide-steve-morgan/ “There is an ongoing and significant risk to key parts of the Domain Name System (DNS) infrastructure” – https://www.icann.org/news/announcement-2019-02-22-en ESTI standard on IoT security – https://www.etsi.org/newsroom/press-releases/1549-2019-02-etsi-releases-first-globally-applicable-standard-for-consumer-iot-security CrowdStrike 2018 Global Threat Report – https://www.crowdstrike.com/resources/reports/2018-crowdstrike-global-threat-report-blurring-the-lines-between-statecraft-and-tradecraft/ Senior cyber professionals burnout […]

Read more

Newsletter 21 – February 12, 2019

Some interesting stuff that I found online: SECURITY: Why is it so difficult to cooperate in cyber security – https://medium.com/@tofandan/what-does-it-take-to-cooperate-in-cyber-security-3921e9c0eece Dell Secureworks list of security predictions for 2019 – https://www.secureworks.com/blog/what-to-expect-in-cybersecurity-for-2019 ENISA publishes a tool that supports developers to build secure mobile applications – https://www.enisa.europa.eu/news/enisa-news/better-security-measures-for-smartphones-enisa-has-created-a-smashing-new-tool Russia’s tests on how the country can survive without access to […]

Read more

What does it take to cooperate in cyber-security

Cooperation is “the process of groups of organisms working or acting together for common or mutual benefit, as opposed to working in competition for selfish benefit” (Wikipedia). Thus, mutual benefit seems to be the key ingredient here. Nevertheless, identifying the mutual benefit appears to be an issue in cyber-security (and other fields, for that matter) […]

Read more

Newsletter 20 – January 25, 2019

Some interesting stuff that I found online: SECURITY: The glorified values around cyber security – https://medium.com/@tofandan/the-glorified-economic-values-around-cyber-security-7533e12a55ec Full Report on the Equifax breach – https://republicans-oversight.house.gov/wp-content/uploads/2018/12/Equifax-Report.pdf A Pedagogic Cybersecurity Framework A proposal for teaching the organizational, legal, and international aspects of cybersecurity – http://peterswire.net/wp-content/uploads/Pedagogic-cybersecurity-framework.pdf EU Commision’s bug bounty program with prizes from 3.000 to 25.000 EURO – […]

Read more

The GLORIFIED economic values around cyber security

Almost every source presenting financial facts in cyber security will astonish you with figures going into the area of hundred billions, giving you the impression that, if you work in the industry, you must be one of the luckiest guys in the world to work in such a profitable area. Nevertheless, caution must be used […]

Read more