Year: 2018

Why Privacy Will Remain an Open Issue Unless

By Dudu Mimran | December 28, 2018September 28, 2020 by Dudu Mimran

2018 was a year of awakening to the dear side effects of technological innovation on privacy. The news from Facebook’s mishandling of users’ data has raised concerns everywhere. We saw the misuse of private information for optimizing business goals and abuse of personal data as a platform to serve mind-washing political influencers posing as commercial advertisers. Facebook is in a way the privacy scapegoat of the world but they are not alone. Google, Twitter, and…

My Ten Cyber Security Predictions for 2019

By Dudu Mimran | December 21, 2018September 28, 2020 by Dudu Mimran

Well, 2018 is almost over and cyber threats are still here to keep us alert and ready for our continued roller coaster ride in 2019 as well. So here are some of my predictions for the world of cybersecurity 2019: IoT IoT is slowly turning into reality and security becomes a growing concern in afterthought fashion as always. This reality will not materialize into a new cohort of specialized vendors due to its highly fragmented…

cybersecurity

How to Disclose a Security Vulnerability and Stay Alive

By Dudu Mimran | December 18, 2018September 28, 2020 by Dudu Mimran

In recent ten years, I was involved in the disclosure of multiple vulnerabilities to different organizations and each story is unique and diverse as there is no standard way of doing it. I am not a security researcher and did not find those vulnerabilities on my own, but I was there. A responsible researcher, subjective to your definition of what is responsible, discloses first the vulnerability to the developer of the product via email or…

cybersecurity

The Emerging Attention Attack Surface

By Dudu Mimran | March 16, 2018September 28, 2020 by Dudu Mimran

A well-known truth among security experts that humans are the weakest link and social engineering is the least resistant path for cyber attackers. The classic definition of social engineering is deception aimed to make people do what you want them to do. In the world of cybersecurity, it can be mistakenly opening an email attachment plagued with malicious code. The definition of social engineering is broad and does not cover deception methods. The classic ones…