What ISO27002 has in store for 2022

In current times, security measures have become increasingly important for the continuity of our businesses, to guarantee the safety for our clients and to confirm our company’s reputation. While thinking of security, our minds will often jump to the ISO/IEC 27001:2013 and ISO/IEC 27002:2013 standards. Especially in Europe & Asia, these have been the leading … Continue reading What ISO27002 has in store for 2022

Girls Day at NVISO Encourages Young Guests To Find Their Dream Job

NVISO employees in Frankfurt and Munich showcased their work in Cybersecurity to the girls with live hacking demos, a view behind the scenes of NVISO and hands-on tips for their personal online security. Participating in the Germany- Wide "Girls Day", we further widened the field of future career choices for the young visitors and brought … Continue reading Girls Day at NVISO Encourages Young Guests To Find Their Dream Job

Analyzing a “multilayer” Maldoc: A Beginner’s Guide

In this blog post, we will not only analyze an interesting malicious document, but we will also demonstrate the steps required to get you up and running with the necessary analysis tools. There is also a howto video for this blog post. I was asked to help with the analysis of a PDF document containing … Continue reading Analyzing a “multilayer” Maldoc: A Beginner’s Guide

Automate, automate, automate: Three Ways to Increase the Value from Third Party Risk Management Efforts

Third Party Risk Management (“TPRM”) efforts are often considered labour-intensive, with numerous tedious, manual steps. Often, an equal amount of effort is put into managing the process as is to focusing on risks. In order to avoid this, we’d like to share three ways in which we’ve been boosting our own TPRM efficiency - through … Continue reading Automate, automate, automate: Three Ways to Increase the Value from Third Party Risk Management Efforts

New mobile malware family now also targets Belgian financial apps

While banking trojans have been around for a very long time now, we have never seen a mobile malware family attack the applications of Belgian financial institutions. Until today... Earlier this week, the Italy-based Cleafy published an article about a new android malware family which they dubbed TeaBot. The sample we will take a look … Continue reading New mobile malware family now also targets Belgian financial apps

Securing IACS based on ISA/IEC 62443 – Part 1: The Big Picture

For many years, industrial automation and control systems (IACS) relied on the fact that they were usually isolated in physically secured areas, running on proprietary hardware and software. When open technologies, standard operating systems and protocols started pushing their way into IACS replacing proprietary solutions, the former “security through obscurity” approach did no longer work. … Continue reading Securing IACS based on ISA/IEC 62443 – Part 1: The Big Picture