Microsoft has recently announced the launch of a new cross-tenant feature for its popular cloud-based productivity platform, Microsoft 365. This feature allows users to share content and collaborate with external users in different tenants, breaking down collaboration and productivity barriers between different tenants of the same organization.
[Read More]
Zero Trust in Cloud Environments
Zero Trust in the Cloud Environment: Why it’s Important and How to Implement it
[Read More]
Encryption - Importance and Future Challenges
For some people, May 30, 2020 will be a date to remember. On this day, many things stopped working, especially websites and organizations’ content filtering systems. This is especially important due to the current situation where the COVID-19 pandemic is causing society to depend heavily on the Internet not only...
[Read More]
Interview at CiberseguridadLATAM
Recently, I was interviewed about cybersecurity on the site http://www.ciberseguridadlatam.com. Here I share the link to that article.
[Read More]
Is Information Security Really Important?
Many will say that the title of this post makes the question unnecessary when they read it. We all know that security is very important and we take it very seriously, or at least that is the discourse that both public and private organizations give to their customers or system...
[Read More]
Analysis of Bill 655 – Personal Data Protection
During October, the national government announced the passage of Bill 655, through which everything related to the protection of personal data is regulated.
[Read More]
Application of Threat Management
Recently, Banesco invited me as a speaker at their internal security event, SecuriCon. I think it is a good initiative, both for raising awareness among the bank’s internal staff and for sharing current topics with peers.
[Read More]
Threat Ecosystem (Connecting the Dots)
I think I got ahead of myself a bit with the previous article on threat modeling. When I revisited the topic, I realized that there are many other topics associated with the threat model, as well as many commercial concepts that we hear all the time.
[Read More]
Threat Management
The threat management process in the cybersecurity field is more an art than a science, despite the existence of multiple theoretical models that can be applied to determine whether or not a risk exists for organizations.
[Read More]
Report on Critical Infrastructure Protection in Latin America and the Caribbean 2018
Last year, I had the opportunity to contribute to this annual report produced by the Organization of American States (OAS), this year in cooperation with Microsoft.
[Read More]
Cloud Security
I believe that by 2018, we have all heard how security is a shared responsibility, and how companies and their leaders must be informed and be ultimately responsible for the cybersecurity of their organizations. But what is rarely heard are success stories where these principles are applied and where C-level...
[Read More]
Digital Transformation
Digital transformation is the latest trendy term. But what does it really mean? After 15 years in the cybersecurity field, I must admit that the term refers to nothing more, nothing less than the adoption of formal processes and procedures within a technology organization. The idea here is that the...
[Read More]
Synchronize Google contacts with Mac OS X Mavericks
For those having trouble with this, here is the solution. Very simple, in fact, it is the same one that applies to IOS (iPhone, iPad, and iPod Touch).
[Read More]
October is Cyber Security Awareness Month
October is Cyber Security Awareness Month, or in other words, the month of awareness about information security. Over the past 2 years, SANS Internet Storm Center (ISC) has covered different topics related to this month. This year, 31 different ports/services/protocols/applications will be examined and some of the topics of greatest...
[Read More]
Accreditation and Credibility
I am sadly seeing a local trend (I do not know if it is the same abroad) of so-called “information security” experts advertising themselves as the holy grail for all security solutions that companies might need.
[Read More]
Not much news, but with some information
Well, although there is not much local news regarding information security, I can comment on some trends I have seen. Here they are:
[Read More]
Information Security (in)Security Trends
Sometimes when we write about information security, we do not know whether we are talking about the right practices to secure information or about the threats that undermine security (insecurity). These topics tend to blend together. During this article, we will discuss the trends affecting the information (in)security of us...
[Read More]
About time….
Swine Flu
Well, it appears that malware manufacturers do not rest, nor do they forgive. There is already a list of domains related to Swine Influenza (Mexican Flu in Europe / Swine Flu in USA). They do not yet appear to be spreading malware or running donation campaigns, however at least one...
[Read More]
Multiple bugs revealed in various Antivirus programs
After a brief pause due to business trips, I am collecting some recent news to post this weekend. Some may be from last week.
[Read More]
Sustained Attacks on Register.com
Information Security Resources
Just when we thought DoS attacks had gone out of style… there is not much coverage of the matter, but register.com confirms that it has been having problems with this.
[Read More]
Confused by Conficker? Continuation
Update… I know I just uploaded the article, but there is already more news about the worm. Apparently the only change has been part of Conficker’s communication method, however it is nothing like Skynet from Terminator, as was spread in the international media. Apparently some security solution vendors had predicted...
[Read More]
Confused by Conficker?
In summary, Conficker is a worm that has been dormant until now. However, recent reports and reverse engineering analysis of the code revealed a possible activation date, which is today, April 1st, 2009.
[Read More]