Monday, August 21, 2017

Two sides of the same bitter coin

The interview of the week


Last week, the low cost terror factory of the so called Islamic State (ISIS) hit the second most important city of Spain, the country that the CIGTR stands out from.  We have talked about cyberterrorism many times in this page and in fact we have two tags (this and this one) to collect the most important news about the topic. Cyberterrrism and cyber activities with terrorist purposes are two sides of the same bitter coin: a permanent menace with an increasingly path, mo matter how far it seems to be from the coward action a few days ago in Barcelona. 



Although there is no week without news on this subject, and occasionally its high value material.  And our center is doing its bit to spread the words of the the most authoritative voices in all cybersecurity matters, today we want to have a look to a research published in the Black Pool Gazzete the last days of June, with numerous experts such as Tim Owen, director at the Cybercrime Investigation Unit  of the Lancashire Central Univeristy, or Awais Rashid, co-director of the Lancaster Security Institute of the homonyms university.


Friday, August 18, 2017

Summer Diseases

The Best of the week in Cybersecurity

When we think about diseases, we think in virus, cold, constipations... Its one of the reasons why we like summer so much, we don´t have to be so  attentive to our health, or we should? Summer hot can play a dirty trick on us too: heat strokes, dehydration, sunburns, summer constipations... And in addition, bugs are like at home and get out of their hidings to take an ultraviolet rays bath. We are no longer only talking of the typical irritating flies, but about "bugs" like jellyfishes that can be  upsetting for us. 

Other bugs able to make our holidays bitter are our dear bugs which wander around the net 365 days a year. Today, in our review of the best of the week about cybersecurity, we will introduce you to some of these pleasant little bugs that have appeared, among other menaces and some good news.  


Wednesday, August 16, 2017

Friend or foe?

We all have listened the phrase "Keep your friends close to you, but keep your foes even closer" at least once. While it is true that nobody know who we must give the credit for this quote (some say Sun Tzu, others Maquiavelo...), but what we really know is who made this quote famous in the popular culture. We are talking about Mr Michael Corleone, the main character on the mythic "The Godfather 2" movie. 
But what can we do when we can´t distinguish among friends or foes when we are talking about the Internet of Things (IoT)? Nobody can doubt that it has made us to improve many aspects of our live, but we can´t deny either that it is one of the main access doors for cybercriminals. 


Monday, August 14, 2017

It´s not a kid in the basement

Weekly interview


"We have to start seeing criminals as organizations that work as a business" The quote is taken from Michael Daniel, Barak Obama´s former cyber advisor in an interview published in the technological blog of the prestigious Massachusetts Institute of Technology (MIT). Dated the 31th of July, this Monday we liked to echoing his words instead of looking one year back as we use to do at the start of the week. After all, Daniel presides an organization with very ambitious goals: The Cyber Threats Alliance (CTA).

The interview took place during the Black Hat Conference in Las Vegas and the speech is about in the role played by governments collaborating with private companies and how to face the menaces, regardless of whether they come from private agents or are sponsored by a state. "It´s not a kid in a basement" doing blunders, Daniel advices. "They are organizations that act like business, and we have to start thinking about them in terms or how to interrupt their business models". An approach that is valid even for political and "diplomatic" operations.


Friday, August 11, 2017

The virus link

Rod of Asclepius2.svg
If we were to ask about the Rod of Asclepius and Cybersecurity, more than one would shrug and, in turn, would ask: "Rod of what, who, what about security?" But the so-called universal symbol of Medicine, also known as the Rod of Aesculapius, is increasingly related to this sector. Who knows. Maybe someday we will end up going to the doctor to get antimalware pills and eye drops for the ransomware that makes us see everything with little bars. Science fiction? Techie humor? Neither one nor the other.

In our review of the weekly most important stories, today we have to put in a prominent place the first successful exploit whose mission is to infect a device from a DNA sequence. Researchers say that is similar to connect a USB with "surprise" to a computer: the target computer tries to decipher the information contained in the genetic code and, while doing so, zas!, it is hijacked by malware hidden in DNA. Today is a simple experiment, tomorrow can serve to any purpose, even any ethical purpose, that we may think of. Who would say that the link between health and bits would end up making so much sense through the word "virus".


Wednesday, August 9, 2017

We have a date with equality and diversity


Study of the week

"Gender equality is more than a goal in itself. It is a precondition for meeting the challenge of reducing poverty, promoting sustainable development and creating good governance." The appointment of the Secretary-General of the United Nations, Kofi Annan, is related to one of the demands that are most often heard in the technology sector and related: the introduction of the gender perspective, not as a concession of the masculine role to feminine, but as a true equalization of functions.

In our review of the most important study of the week, we can not ignore today the survey conducted and published by the veteran of cybersecurity Caroline Wong, vice president of security strategy at Cobalt and whose curriculum accumulates laurels: Cigital, Symantec, eBay And Zynga. With the title Women in cybersecurity: a progressive movement, Wong has tried to cover two challenges: to make society aware that the presence of women in the sector is much more real than most of the people think, and also to draw attention to the contribution of women in the field of security.


Monday, August 7, 2017

The remake culture

The last trailer of IT movie was released last week. This remake is again an adaptation of the homonymous history created by Stephen King in the 80s. As with this remake, we find old videogames reeditions, old movies that become TV series... It´s hard to find an original idea related to audiovisual culture nowadays. The reason (or problem for some) is not that   there is no people with original ideas, but that taking something that worked in the past is gives us more security than something completely new. 


 Probably you are thinking that in a rapidly changing world as the the cybersecurity world is this logic has no sense, don´t you? We regret to say that you are wrong and we can prove it (paradoxically) by going back to the past. 


Friday, August 4, 2017

Rise of Machines


Since 19th century and  through the emergence of advanced machines human being lifes started to become easier. With the arrival of this equipment able to complete autonomous asks, the life turned easier than ever. Nevertheless, fear of the unknown led to the so called luddite. This was the begging of what Asimov called later "The Frankenstein legacy", referring to the fear that human deeds could turn against their creators. Something that seems to be deeply rooted in the collective unconscious. 

With the arrival of the information age this fear has grown for years, leading to the consideration of the creation of any kind of artificial intelligence as a menace. But, is this fear rational or irrational? Today we will check it in our weekly review...


Wednesday, August 2, 2017

Mud and Wood houses

The report of the week

We call tales those stories about humanized animals that have a moral and didactic background. One of the most populars is ‘The three little pigs’ tale, in which the three main charaters move to the forest and build their own homes: the first one builds a thatch home, the second one a wood home, and the last one a bricks home. Once the pigs are stablished, the Wolf goes on seek of eating them, bringing down  easily the thatch and the Wood houses. However, the tale’s villain can’t bring down the bricks’ house, ending up chafed while trying to break  through the roof and falling in a boiling cauldron.

That tale aims to show the kids that obeying and security are much more important than playing with their friends. But tales also have lots to teach to those ones who are not that Young, as the last Thycotic’s research shows.


Monday, July 31, 2017

Now you can see it… and now you can’t

A year ago, today ...

Magicians’ profession has existed since immemorable times. In its creation at the Medo Imperium (century 7 b.C) in the mesopotamian rivers it was related to religion.  Through the times, it ended up being related to wise people and scientists. Nowadays, however, magicians are related with illusion and magic shows. They amaze the audience with their ‘mystic art’ which are nothing but tricks in order to make people believe they are watching something which actually is not real.

Magician’s job is about hidding the truth, lying to the audience and surprise them when they are not aware. Today in our retrospective we are checking that the cybersecurity world is full of magicians who hide information and leave people speechless (and not always for good).


Friday, July 28, 2017

No pain, no gain

We are in summer. It is holidays and beach time, so you can go and swim in the sea. However, you get a bad feeling when you are in front of the sea with your flip-flops full of sand. It is time to take your t-shirt off and show your ‘curves’ to the people. At that moment you remember when you joined the gym in the beginning of the year to get on shape for the summer season. You couldn’t have started happiest, but after after second day, your friend called you for having some beers and you thought ‘that’s alright, I’ll get back to the gym tomorrow or the day after…’

No pain, no gain. This sentence comes true everyday in social networks’ world. As an instance, today we are talking about the best of the week in cybersecurity.


Wednesday, July 26, 2017

The courtyard´s weak link

The report of the week

One of the most recurrent characters in The Simpsons is Nelson Muntz. This school thug has been terrorizing Sprinfield´s Primary School students for more than 30 years, interfering with the swots, with the kids parents or with another not so"exemplary" students, like the incorrigible Bart Simpson. Although there are some chapters in which we have discovered the human side of this thug, his character have not changed  at all and he continues exploiting the school courtyard most weak students.  



In the cybersecurity world we have learned the lesson and we know that there is no one, but many Nelson Muntz hovering over Internet and any internaut could become a victim of their "bullying". But, who are the weakest links in the digital courtyard? 


Monday, July 24, 2017

The Red Dawn

A year ago, today ...

In the last years of the Cold War (1984) the Red Dawn movie was released in the USA. The film was directed by John Millius and featuring stars of the time such as Patrick Swayze or Charlie Sheen, and it was a propagandist delirium in a war film format that served the US citizens as a self-indulgent excuse. But it started with a never seen before premise: the Russian Army, together with the Cuban an Nicaragua armies were able to invade the freedom country, defeating its armed forces.



This maneuver was later dismantled by a group of  "heroic" and patriotic US kids. Nevertheless, this beginning was almost unthinkable, even more in the period we are talking about. Today we remember in our retrospective how one year ago Russians were able to beat the USA, althougt it was in the cybernetic world. 


Friday, July 21, 2017

The Lord of war.

In 2005 they released the film "The Lord of War", a movie starring by Nicholas Cage and directed by Andrew Niccol. In it they told us the story of Yuri Orlov, a dealer who was dedicated to selling illegal weapons to the highest bidder. . The most curious thing about this movie is that the story is based on the real character of Viktor Buot, alias the merchant of death. 

Unfortunately, on the web (more specifically Darkweb) we find many arms dealer. However, it is not only arms dealer, but also with malware as we gather today in our post dedicated to the "best" of the week about cybersecurity.


Wednesday, July 19, 2017

Butterfly Effect


The report of the week

The Chaos Theory is based on the premise that small variations can make great changes in the future,it's impossible to predict anything in long term only with linear logical sequence approaches. This scientific theory is known popularly thanks to the concept of the butterfly effect, whose explanation is better understood through an ancient Chinese proverb: "The beating of the wings of a butterfly can cause a
 hurricane in another part of the world." This means that a small event that you may consider
unimportant may turn around and become a catastrophe.

In the world of cybersecurity we know that any small  misstep or bad step can lead to more than one problem. That's why networks are full of butterfly effects, small "unimportant" events that can be fatal to business and users.


Monday, July 17, 2017

Obstacle Race

A year ago, today ...

The obstacle race is one of the athletic competitions that more concentration of the athlete needs. You don't only need to run to the maximum to reach your goals, you also have to get around fences and jump over them. About a metre (0.971m) for men and a bit less (0,762 m) for women. To be able to get it you have to measure well the time of jump, the stride and the distance, since a mistake can be fatal and you can hit your bones on the ground. Not to mention that you probably end up wet and last when crossing the finish line.

In the world of cybersecurity, we find ourselves in an endless obstacles race. Sometimes we are the ones who make the way tricky to cyber criminals, but other times they are the ones who are in charge of preventing us from accessing our data... Today in our throwback to the past we will see who throw a spanner to the other team.


Friday, July 14, 2017

Winning the battle

There is a typical scene in the movies that takes place when our spy (James Bond, Jason Bourne or Ethan Hawke) looks at his enemy, who is defeated on the ground, and he screams in full of rage: “You may had won the battle, but not the war!” This phrase has been pictured in everyone's mind. But, what this means? In the entertainment and fiction business means that this bad guy will escape and turn the world upside down again, until our favorite hero stops him one more time. In the real world ... well... ok. Vietnamese might not win many battles but it is clear that they won the war.

Today we remember this phrase because after taking a look at the best of the week in cybersecurity, we found mixed feelings, as we have seen that many battles have been won, but the war is still to be decided.


Wednesday, July 12, 2017

Lock the door

The report of the week

Vacations are already here and it is time to leave home to enjoy a well-deserved rest, away from the routine and work. BBut, if you are a regular reader of our blog (and if not, you should also know), this time of the year is the favourite one for criminals to take our personal stuff, weather cybernetic or not. So, if you have readed us, we know that you have made sure to leave everything closed and locked tight so that no one can take advantage of your days off. However, ¿What is use locked the door if the bolt is broken?

After knowing the data collected in the Tripwire report, we are sure that there are many users who are asking themselves about it. Some security solutions no longer build trust for users and that can be a very important problem. Especially if the data corroborate this mistrust.


Monday, July 10, 2017

The weight of fame

A year ago, today ...

Most of us have fantasized about  ​​being famous sometime. Whether it's a reputed actor, a rock star who spends all day on the road or a celebrity who travels from interview to interview on all TV sets. However, like everything good thing in this life, fame has a dark back and is the loss of privacy. Some people say that it is the price of fame, but the exposure levels to which public figures are exposed are over  the humanly acceptable in many cases.


Today in our step back to the past we will talk about that loss of privacy, the victims of cybercrime in Spain and about the biggest celebrities in the world of cybersecurity.


Friday, July 7, 2017

A matter of trust

The best of the week about Cybersecurity


Relationships are based on the trust we place in other person. No matter if it is Love, friendship or business. Trust is one of the key elements on which a good relationship is based. the trust is one of the most important pillar that make a good relationship. That is why, when this pillar is broken, it is very difficult for the injured person to trust the other one again. So, in the world of cybersecurity, security breaches not only pose a risk for data loss, but also because real stakeholders can no longer trust companies that have their data.

Today,in our review about the best of the week in cyber segurity ,we are going to talk about this question on trust and unfortunately, we will also talk about many security breaches. 


Wednesday, July 5, 2017

Gold fever

When we talked about the “gold fever”, we referred to the massive migration that was on U.S around the century XX and lasted almost a whole year. This migration was because the discovery of millions gold mines throughout the American territory.Mexico, California, The Appalachians, Nevada..This was motivated for the American dream for have a better life style and its enrichment. Unfortunately, between all the people that were on the mines, just some of them got to make fortune. 

Since then, a lot of the population have this gold fever which find business with which to make a fortune. Today in our study of the week we gonna check that we have found the last golden edge of the moment: infrastructure in the cloud.


Monday, July 3, 2017

The arrival of the holidays

A year ago, today ...

Beginning july and with this hottest month is coming one of the moments most waiting by all:
The holidays. The kids have finished the school and are going to a summer camps, the youngs take the advantage to enjoy and know new placers and the families take the advantage for have a time with their beloveds . All with the only objective to enjoy and forget our concerns. Nevertheless, that moment to disconnect with the real world can be a nightmare. The holidays periods are the seasons of the years prederred by criminals for go into our house and take our precious goods.

In the cybersecurity world happen the same, although many times looks like is summer 365 days at year. Today, in our view back in time we gonna see some summer steals and summer courses too very interesting.


Friday, June 30, 2017

Natural catastrophes

We all remember perfectly how years ago, thousands of theories about the end of the world emerged at the end of 2012. These assumptions were based on the fact that the baktun (the Mayan calendar) ended on this date. Evidently, all this fall by the wayside, but it helped many authors to develop stories about apocalypse and to “scare” some people with speeches about the final judgment. One of these stories was developed in the Roland Emmerich film "2012". Without assessing the film, it proposed a destruction of the world based on various natural catastrophes.

The melting of the poles, volcanic eruptions, earthquakes…  in the film occur catastrophe after catastrophe that devastated the population This week, the networks received another wave of cyber attacks that makes us wonder if we will also be facing the end of the digital world.


Friday, June 23, 2017

The paradigm of artificial intelligence

The treatment of artificial intelligence and its settling to the everyday world has always been a controversial subject. Before it became a reality, many authors dreamed with the problems and case studies that might be the subject that we are discussing today.


Moving away from literature and fantasy, Artificial Intelligence is already a reality and its execution in the everyday world is happening. For this reason, in the 18th edition of the Summer Courses of Rey Juan Carlos University we wanted to dedicate a speech to the legal and social aspects that these new techniques represent.


Thursday, June 22, 2017

The challenge of cyber security


When you read the news that are  related to cybersecurity, it is hard not to feel devastated in many cases. Security gaps, phishing, ransomware everywhere ... Danger stalks behind any corner and you never know for sure if you'll be ready to face it.However, although the future may seem hopeless, there are always actors who are on the good side.


In the 18th edition of the URJC Summer Courses we will have the special collaboration of a speaker who works indeed for this last side. An analyst of one of the best world's leading computer companies.


Wednesday, June 21, 2017

Particle physics and machine learning

As much as it may sound like an improbable squaring of the circle, machine learning and particle physics have more in common than you can think of. This subject is taught at the beginning of the university degree. 

In the 18th edition of the URJC Summer Courses we are fortunate to have an eminence from the University of Glasgow, an expert in experimental particle physics. In addition, we also have a speaker who comes directly from Massachusetts.


Tuesday, June 20, 2017

Predictive analysis and algorithms of Machine learning for the exam in URJC courses.

As we already told you in other posts, the 18th edition of the URJC Summer Courses aims to offer a vision of how artificial intelligence and machine learning are tools that cybersecurity can use to safeguard our data in a place full of dangers such as the network.

But… How does artificial intelligence work? Does it offer us opportunities to stay more reinforced on the outside world or it also offered to cybercriminals? These are some of the topics that will be discussed on the last days of the Summer Courses.


Monday, June 19, 2017

Machine Learning, Big Data and Scientific Method in URJC Summer Courses

Machine learning is a subfield of computer science related to artificial intelligence. This area seeks the development of techniques that give machines the ability to learn thanks to the induction of knowledge. By creating "own" behaviors, it becomes very difficult to detect behavioral anomalies when cybercriminals try to steal business-sensitive data. 

Hence the importance of cybersecurity in machine learning. Therefore, in the 18th edition of the URJC Summer Courses we will have two papers dedicated exclusively to this subfield.

Marta Beltrán - Having as main target the detection of new fraud patterns and cybersecurity threats

On Monday June 26th, the teacher of the URJC Marta Beltrán Pardo will analyze how different techniques of machine learning can be used in the detection of anomalies. Thanks to this ability, she will explain how to generate a "security intelligence" capable of being applied to network intrusion detection and prevention, fraud prevention or identity management. And these are just some of the possible examples.

Professor Marta Beltrán is an Electronic Engineer (UCM 2001), graduated in Physical Sciences, branch of Industrial and Automatic Physics (UNED 2003), a PhD in Computer Science (URJC 2005) and she also has a Master's Degree in Performing Arts (URJC 2007), in which she is currently studying her second doctorate.

In addition, she is the director of the GAAP Research Group, and of the Master in Research in Advanced Hardware and Software Systems, she is a faculty member of the Master in Data Science of Rey Juan Carlos University, co-founder of the Cybersecurity Cluster and member of the academic board of the Chair of Applied Data Science to 5G of Ericsson; her latest works are related to distributed systems projects, high performance computing, cyber intelligence or research related to machine learning techniques.

Jesus Cerquiades - Data science or augury: The scientific method in the Big Data era

On Tuesday 27th, the IIIA researcher will expose the risks involved in developing predictions from data without the control given by the scientific method. The lecture will introduce attendees to machine learning and it will be discussed the extent to which the predictive capabilities offered by Big Data are a complement to the scientific method or may even make it obsolete.

The researcher Jesús Cerquiades belongs to the Institute of Research in Artificial Intelligence (IIIA) that is part of the Spanish National Research Council (CSIC). In Jesus' own words, his career is driven by two forces: research into Artificial Intelligence (machine learning and multi-agent systems) and attractive software development projects.

These are only two of the papers that will take place in the Teatro Real Carlos III of Aranjuez on the occasion of the Summer Courses of the URJC. If you want more information on the topics to be discussed from June 26 to 28, keep an eye on our social networks and on our blog, since we will continue to inform you day by day of everything that these courses can offer you.

Friday, June 16, 2017

Cybersecurity, Artificial Intelligence and Machine Learning discussed at the URJC


An area of growing importance in any enterprise, such as cybersecurity, and two areas of immediate future in economic development, such as artificial intelligence and machine learning, are meeting this year at the 18th edition of the Summer Courses of Rey Juan Carlos University. Specifically, in the course that the Research Center for Technological Risk Management (CIGTR) organizes each year since 2011.


Wednesday, June 14, 2017

The prison

Unlike many people think, incarceration (based on its original basis), has no punitive purpose exclusively. Prisons are places whose intention is to re-educate convicts and then reintegrate them into society. Just as when punishing a kid, what jail seeks when depriving of freedom is for individuals to be aware that their actions have consequences, so as to prevent them from recurring in their infractions of the law.

This "learning" method is related to the stimulus-response learning theory. This theory explains human learning or the absence of learning as a consequence of a person's reactions or responses to stimuli.


A survey conducted by Wombat Security to 2,000 respondents (1,000 from the United States and 1,000 from the UK) asked users about cybersecurity issues and which are the best practices that they considered critical to network and data security. That survey showed that half of US participants had been victims of identity theft, while only 19% of English respondents had suffered such an attack.

This difference could be conditioned by the loose security applied by the Americans in their networks. An example to clarify this claim: the survey found out that 54% of respondents considered sites such as a hotel or an international airport as safe places to use WiFi. In contrast, only 27% of UK respondents agreed with this information.

On the other hand, another important piece of information extracted from the study is that while half of the employees have a basic knowledge about phishing, 30% have no knowledge about this threat, while one in ten respondents have no idea what we are talking about. Worse still, researchers have discovered that knowledge about ransomware is even worse, with 63% of Americans and 58% of English people not knowing what to answer ransomware.

Wombat has also examined the behavior and personal choices of employees and how this is directly related to the security of their corporate devices. Of those who use a laptop or smartphone at home, Wombat concludes several risk keys:
  • 54% of US respondents and 36% of UK respondents make use of their social networks in their working devices. 
  • 58 percent of US respondents and 45 percent of UK respondents shop online on work devices
  • 57% of US respondents and 28% of UK respondents use streaming platforms in their work devices. 
  • 52% of US respondents and 30% of UK respondents play games in their work devices.
 In addition, Wombat discovers an alarming number of those same American workers allowing their close friends and family to take a look or reply to emails (43%), streaming (47%) and playing video games (50%) on their work devices.

We find it hard to learn and on many occasions it seems that the only way to do it is through our mistakes. Even with those, the human being is the only animal that stumbles twice against the same stone. We offer you all the information we can to help you avoid these stumbles, but if we are already late, we will try to light the way to avoid you flat on your face.

Monday, June 12, 2017

Normality

Legend has it that in the Middle Ages, there was a feudal lord who ruled his fief with iron fist. Suddenly, one day he lost his mind and left his castle, got undressed and began to bathe in the public fountain of the fief, under the astonished eyes of all his vassals. Evidently, that was an act of madness, but he was still the feudal lord. The final result was that from then on in that fief, it was a normal act to bathe in the public fountain and those who did not do it were banished from the lands of the lord. 

Therefore, the concept of normality is quite ambiguous. What some people consider normal, other people could consider it to be a real madness, and the other way around. Today in our look to the past we check our perception of "normal" in the world of cybersecurity.  


Friday, June 9, 2017

Appearances are deceptive

We call prejudice to the formation of a pre-established idea associated with a person. It is a psychological process based on concepts previously created and that we use to label people and thus discriminate or accept them. So we generate an opinion about someone without knowing them previously. Associated with a defense mechanism, it is a process that usually has negative connotations. Tattoos are associated with jail, beards with filth, glasses with nerds... those are some examples of outdated prejudices that confirm that these value judgments are, in most cases, erroneous. 

Hence the saying that titles this post, because many times we have been hit by reality, discovering that not everything is as we think it is. Today our review of the best of the week in cybersecurity, we apply this saying to prove for the umpteenth time that the Spanish collection of sayings never deceives.


Wednesday, June 7, 2017

The protagonists of the Cold War

The Cold War refers to the political conflict between the so-called Western Bloc, led by the United States and capitalist countries; and the Eastern Bloc, headed by the Soviet Union and other communist nations. Its origin took place after the end of World War II (1945) and ended with the fall of the communist bloc after the USSR coup d'etat attempt. That name refers to the fact that during all these years there was no direct armed conflict between the two sides, although there were small representations, such as the wars in Vietnam or Afghanistan.


It was a war of information, in which the main protagonists were the spies who were in enemy territory. Their function was to collect information to be able to anticipate any kind of belligerent action by the enemy. Spies were the eyes and ears of the political blocs, giving their commanders crucial data that offered them a position of advantage over their enemies. In the world of cybersecurity, we live in a constant Cold War where we also have the enemy at home. In this case, these spies are represented on many occasions by the Internet of Things.


Monday, June 5, 2017

Déjà vu feeling

A year ago, today ...

Do you know that feeling when you enter a place and suddenly you feel that you had been there before? No matter that you know for sure that you have never stepped on that place, a part inside of you is convinced that you have already lived that moment. This is that we call déjà vu. Some theorists think that it is related to dreams, others relate it to parapsychology, and the sciences attribute it to an anomaly in memory, specifically in the overlap between short and long term memory.

In the world of cybersecurity the feeling of déjà vu involves us over and over again. It does not matter that we fight against all types of malware, cybercriminals, etc. We find in the present many situations that already happened in the past. Today in our return to the past we have a perfect example of this effect.


Friday, June 2, 2017

Achilles heel

Homer’s Iliad is one of the most important books of ancient Greek literature. In it, the great battle waged by the Greeks and the Trojans was related. In this book appears Achilles, a Greek warrior who was considered invincible, since when he was a child his mother immersed his body in the river Styx. However, he was being held by his heel when her mother was sinking him into the water, so that part of the body remained vulnerable. This small weakness was the cause of this death in the battle of Troy, when Paris managed to hit him with a poisoned arrow.

Thus, an invincible hero perished in combat when he was considered to be immortal. This is a perfect example of everything having its weaknesses, whether it is a heel, a bug a vulnerability. Today in our review of the week we will discover several weaknesses found in the world of cybersecurity.


Wednesday, May 31, 2017

Succumb to the culture of fear

The report of the week

The "culture of fear" is a relatively new term that is closely linked to the mass media. It refers to the changes in behavior or relations that people experience influenced by fear. This term is linked to the media because thanks to the information (or in many cases, misinformation), the fears of the people we are addressing can increase or disappear. This form of manipulation is one of the most dangerous, since it can generate improper behaviors in each individual.

For that reason, ransomware is one of the main weapons of cybercriminals in the network. They take advantage of our disinformation and our fear so that we pay the ransom, when we know that we should not do it. And this happens more than we think according to the latest survey conducted by Carbon Black.


Monday, May 29, 2017

Dungeons & Dragons

A year ago, today ...

Some may know it for the film, others for the series and others thanks to one of the latest and most popular series: Stranger Things. Dungeons & Dragons is a role-playing game in which players put themselves in the shoes of knights, magicians, orcs and other fantasy heroes, while a "Dungeon Master" is in charge of narrating the story that channels the game. This figure is vital for the course of the game, as it is in charge of supervising the game and giving it the focus that the game needs. It is like being the director of your own fantasy film. 

The world of cybersecurity can often resemble these role-playing games. To start with, many people pretend to be other people, there are criminals who want to discover the treasures of our dungeons, and of course there is a dungeon master. Today in our return to the past we throw the dice to see what the destiny gave us.


Friday, May 26, 2017

The old age

When we talk about something "old", we usually refer to something with many years. The RAE itself in its second definition of the word (the first one refers exclusively to living things) describes the word old as "something that has been in existence for a long time or which persists in its state". To sum up, when we use this word, we do it with negative and past connotations. Hence many people say: "I am not old, clothes and furniture are the ones being old".
However, sooner or later we know elders with more vitality than twenty-somethings. Nor are we surprised when past fashions are back in vogue. Today in our review of the week, we notice that the news has an old touch... better said: "vintage" touch.


Wednesday, May 24, 2017

Problems of teamwork

The report of the week

Essays are an essential part of academic life. Whether it's in school, high school or college, we've all had to face a variety of essays. The real problem to pass the year came when they essays had to be done by teams. If you were lucky, you could set up your own team and surely it’d go like a dream. However, if the teacher was the one making the teams, the die was cast.

Why? Because if you were in the team with the apathetic person of the class you knew you’d have to work your part and his/hers. Or not only that, imagine that you are looking for the desired 10 while your teammates are satisfied with a simple 5. That disparity of goals could make the work become a hostile hell. The worst thing is that as adults we continue to experience similar situations, also related to companies and cybersecurity.


Monday, May 22, 2017

Don't look a gift horse…

A year ago, today ...

Gifts can be quite a headache. The first thing to do is to calculate an adequate budget (enough to make a good impression but without spending our entire salary on it), and then, find the ideal gift. Rather than the gift being ideal, it has to be right for the person receiving it. This is directly related to the theory of the sociologist Marcel Mauss, who explained that after each gift there is an exchange network: you give something away hoping you get something back.

Another of the collateral damages of this "exchange network" is that if you give away something of great value and you get something of lesser value, you will see it as an offense. Today in our retrospective review of what happened a year ago, we will see more and less grateful gifts in the world of cybersecurity.


Friday, May 19, 2017

Checkmate to cybersecurity

Chess is the strategy game par excellence. Two opponents, 16 pieces and a single goal: to kill the king. Although the rules are simple, it is not an easy game to dominate. The anticipation to your adversary and the study of all the possible variables of attack turn the chess into an art that only lives up to the best ones. In fact, this difficulty makes it to be considered a sport.

If we draw a parallel between chess and the world of cybersecurity, we could declare this week as a checkmate of cybercriminals to security in the network. The WannaCry attack that has affected more than 200,000 computers in 179 different countries has been the masterstroke that has tarnished all week.


Wednesday, May 17, 2017

Overconfidence

The report of the week

We do not realize it, but on many occasions we can become our worst enemy. When it comes to facing any challenge, as daily as it might seem, we have to do it with caution. While it is true that self-esteem is important, we should not forget that pride is considered as one of the seven deadly sins and that the higher we are, the harder we fall. 

Sometimes these "sins" can have futile consequences, but some other times can mean an annoyance of biblical proportions, and even more when we talk about cybersecurity. Unfortunately, today we know that many companies commit the sin of pride according to the latest study by Skyport Systems and Redmond Magazine, since most companies think (erroneously) that their active directory is safe.


Friday, May 12, 2017

Chop a head off and two will come out

The hydra is one of the most well-known monsters of Greek mythology. This monster was the second work of the 12 that Heracles (better known by all like Hercules) had to do by order of the oracle of Delphi, an old and ruthless aquatic monster with form of serpent of three heads. What made this monster dangerous apart from its venomous breath was that each time someone cut off one of its heads, two more will come out, being able to create up to 10,000 heads.

Today in our review of the best of the week in cybersecurity, we wanted to remember this polycephalic monster, since all the malware we find on the network reminds us of it. No matter how you manage to patch a vulnerability in your system or update your antivirus, another ransomware will always appear to take advantage of your data.


Wednesday, May 10, 2017

Feast today, famine tomorrow

The report of the week

In these times, saving on resources has become a prime tool of any small, medium or large public enterprise. As a general rule, the fact of not wasting and being thrifty is considered a virtue. However, one must be able to differentiate well between being thrifty and being stingy. We have proof of this in the wise Spanish collection of proverbs, like the phrase that titles this entrance to our study of the week.

This title has come to our mind imminently when we found out about the results of the latest report made by the University of Maryland and the International City / County Management Association (ICMA). This study reveals a rather disturbing conclusion: the main obstacle to achieving a high level of cyber security is the lack of funding.


Monday, May 8, 2017

The focus of the infection

In 2011, the renowned film director Steven Soderbergh (known for films as "Traffic" and "Ocean's
Eleven") premiered Contagion. Between a conventional and a documentary film, the director told us the story of the spread of a deadly virus that affected the entire planet. From different perspectives, we witnessed how they were trying to palliate the infestation before the population was decimated, and how the different actors interacted in order to end the disease or get profit from it.

In such an infestation, being clear about the focus of infection makes fights against infestation easier to address. Today in our retrospective we will talk about sources of infection, robberies to food chains and we will review an interview with one of the founders of the National Association of Professionals of Ethical Hacking.


Friday, May 5, 2017

With great power comes great responsibility

One of the most remembered moments of every Spiderman’s fan happens in the beginnings of the wall-crawler. With his newly acquired powers, Peter Parker passes from a nerd that everyone abused in class, to someone arrogant that had nothing to do with that young man with a good heart. His uncle Ben, aware of this attitude change (although not aware of Peter's powers), tells him about his father and tells him a phrase he will never forget: "with great power comes great responsibility."
Today in our review of the week at the best in cybersecurity, we could not help remembering the words of the wise Uncle Ben. The expenses for gaps, holes in network protocols and other incidents that make us think that we need advice like those from Uncle Ben regards cybersecurity.


Wednesday, May 3, 2017

Bank robbery

Movies about bank robberies have become so popular that nowadays we could consider them as a genre in itself. Although there are some variations, we always find several common points: a group of criminals in which each one has different abilities, a specific objective, the quarrels between criminals... It is not necessary that it is a bank that’s robbed, it can be a house, a Casino or even a museum, but we will be facing the same type of movies.

However, another common point that has this "gender" is that it always focuses on criminals but ... what about the victims? Today, in our study of the week we want to change the focus thanks to the report collected by Neustar and Harris that gathers information on how DDoS attacks affect their organizations.


Friday, April 28, 2017

Digital House of Cards

In 2013 the almighty Netflix brought to light the series House Of Cards. Starring the magnificent Kevin Spacey and directed (among others) by the always interesting David Fincher, this political drama tells the story of Frank Underwood, Democrat politician with untiring eagerness for power. Based on manipulations, plots and various strategies (of dubious legality) we accompany the protagonist in his scale to power skipping over all democratic barriers.



The name House of Cards is a perfect reference to the meticulousness of his actions, to erect his political castle, where any false step can cause it to collapse. Today in our review of the best of the week in cybersecurity we find plots worthy of the Netflix series, rigging in elections, blackmail and much more.


Wednesday, April 26, 2017

Be careful when resting at home

You get home after work. Tired of an arduous day of work, you’re going to relax and watch your favorite series. Before that, you verify that your router is not one that is full of holes. Relieved by that fact, you connect the wifi willing to see your mail. However, the fear that you open a file that you should not, or click on an unfortunate link will overwhelm you. The danger is just around the corner and any missteps can be fatal.



But what threat is more likely to catch me off guard? Vulnerabilities are everywhere and although we must be alert to all kinds of attacks, there are some of them that are more willing to take our data. For example: phishing. According to the latest study by Helpness Security, three out of four malware attacks are caused by phishing.


Monday, April 24, 2017

The Villa Diodati of cybersecurity

Summer of 1816. Percy Bysshe Shelley and his wife, Mary Shelley, went to Villa Diodati to visit the famous poet Lord Byron. Due to the weather in that year, the couple, the poet and his personal doctor (John Polidori) spent the night reading German ghosts stories. Then Lord Byron challenged his guests to use all their intellect to create each one a terror story. As a result, today we can enjoy stories like 'The Vampyre' by Polidori or the magnificent 'Frankestein' by Mary Shelley.


Today in our step back in time we are going to talk about some kind of Villa Diodati of cybersecurity. We will also discover why it is our fault that hackers are still present in our nightmares and we will know more thoroughly one of the members of the group Int3pids.