Merry Riskmas

People of all ages look forward to Christmas holidays. Children think of the gifts they will receive from Santa, and those of us who are older savor the thought of spending the holidays in joyous company with friends and family. Christmas is considered by most, including myself, as the most wonderful time of ye...

Read More

Hard Dollar, Hard Times in IT Spending

The consequences of "hard" dollar and the weakening of demand in the emerging economies of the world will suffer, this year, the global IT market. Spending on IT is expected to move, internationally, to the level of $ 2.69 trillion in 2015, down by 3.5% compared with a year earlier, with all - without exception - branches of the world economy to reduce investment costs of Information Technolo...

Read More

From Information Security to Digital Competitiveness

Information is the lifeblood of almost all businesses today. At the same time, not a week goes by without news of another big hack or security breach. The pressure on the security function is immense, and security professionals need a fine balance of skills to bring together risk, compliance, operations and technology in any large organization. Sadly, they rarely find time to grow their relationships and standing...

Read More

Our First Birthday

Its been a year since the first post appeared in ISL blog! On September 1st, we celebrate our birthday and in order to thank all our loyal followers we have setup a small giveaway as the least we can do to thank you for all your support. The whole process is powered by Rafflecopter and all you have to do is follow us on Twitter, tweet about our birthday, or visit our Facebook page. Each of these actions will give you one chance to win one of the...

Read More

Tell Me Who You Are, and I Will Tell You Your Lock Pattern

You are predictable, your passwords are predictable, and so are your PINs. This simple fact is often exploited by hackers, as well as the agencies watching you. But what about your Android lock patterns? Can who you are reveal what patterns you crea...

Read More

Patch Management for Home Users

For system administrators, patch management is a routine activity. But for most home users, patch management is a uncharted waters. Knowing when to patch products and how often patches need to be applied are some of the questions that most home users never think about. Knowing what to patch and when can make a difference in the security of your home computer or netwo...

Read More

Stagefright: The Latest Android Phobia

Zimperium zLabs, discovered what they believe to be the worst Android vulnerabilities discovered to date. The vulnerability, nicknamed 'Stagefright', it is a media library that processes several popular media formats. Since media processing is often time-sensitive, the library is implemented in native code (C++) that is more prone to memory...

Read More

Cyber Safety Tips for Summer Vacation

Haven't taken your summer vacation yet? You should make sure that you enjoy your vacation to the fullest by avoiding the stress of dealing with identity the...

Read More

Financial Malware: Past and Present

Malware is not only increasingly diversified and capable, but also easier to create. Through 2015, this widespread threat will continue to grow unabated. An effective cyber criminal effort could just as well be predicated on an overwhelming amount of simple pieces of malware as it could be upon a monolithic, state-level attack. There are two primary mitigation vectors that can be used against such powerful...

Read More

Does IT Security Fail?

RSA, the security division of EMC, with the contribution of Northeastern University, recently published a report on the reasons why the IT security sector fails to effectively address the modern cyber attacks. The report highlights the challenges faced by the industry, while deepening the best practices that can build an organization...

Read More

The Future of Cyber Crime

Over the past years we have witnessed the illegal uses of the Internet to completely change in form, shape, and objectives. Today's hackers are often members of the organized crime who hack computers for profit or even for political power. Motivated by radical new goals and armed with exceptional programming skills they pose a major challenge to cybercrime researchers and law enforcement investigators alike. The field of cybercrime is a multidisciplinary...

Read More

Setup an Information Security Awareness Program

Protecting corporate data should be part of any organization-wide information security awareness program. The security awareness program should be delivered in a way that fits the overall culture of the organization and has the most impact to personnel. Security awareness should be conducted as an on-going program to ensure that training and knowledge is not just delivered as an annual activity, rather it is used to maintain a high level of security...

Read More

Ides of March

So, you have studied hard and succeeded in your CISA exams. You passed a strict selection process and got the certification. You abide by the code of professional ethics. And now wha...

Read More

UI Interference Attack

The method relies on exploiting the shared memory, meaning the memory almost all programs use to store the nuts and bolts of their work, which enables various processes running on the operating system to share data between th...

Read More

Windows Server 2003 - The End Is Near

In July 2015 Microsoft will be ending Extended Support for Windows Server 2003. What this means is that standard, packaged support offerings will no longer be available and also that Microsoft will stop issuing security patches for this product. Thus, organizations will be exposed to significant risk if they stay on the Windows Server 2003 platform beyond the termination date. Organizations need to start planning for a migration to Windows Server...

Read More

Desert Falcons

The action group Desert Falcons, a digital espionage network that targeted many organizations and high-profile individuals from the Middle East, was revealed during the Kaspersky Lab Security Analyst Summit in Mexico. Analysts consider this unit as the first known Arab group of "digital mercenaries" who have developed and executed integrated digital espionage operations against compani...

Read More

ENISA Threat Landscape 2014

ENISA published the third yearly report in sequence Threat Landscape 2014 (ETL 2014), consolidating and analyzing the top cyber threats and the evolution, encountered in 2014. ENISA Threat Landscape 2014, an activity contributing towards achieving the objectives...

Read More