Blog

Talking about security...

8- Nov 2017
jtsec at 12th CCUF Workshop in Berlin
Posted by: José Ruiz

jtsec achieves a new milestone by giving his first international talk at the CCUF.

The Common Criteria User Forum mission is to provide a voice and communications channel amongst the CC community stakeholders including the vendors, consultants, testing laboratories, Common Criteria organizational committees, national schemes, policy makers, and other interested parties.

read more
25- Oct 2017
We help you being compliant to CCN-STIC 102 and 106 guides of spanish National Cryptological Centre (CCN)
Posted by: José Pulido

Analysis of the new CCN-STIC 102 and 106 guidelines

The spanish National Cryptological Centre (CCN, Centro Criptológico Nacional) has published in its website, on 10/25/2017, the CCN-STIC 102 and 106 Guides, where the they have included the process to be followed for Approval of ICT security products for handling classified national information and for the inclussion of ITC security products in the spanish Catalog of ITC Security Products (CPSTIC).

read more
19- Oct 2017
GDPR: Changes with respect to the Spanish data protection law (LOPD)
Posted by: Juan Martínez

Change analysis

In this article we will make a brief analysis of the most important changes made in the GDPR with respect to the old Spanish data protection law (LOPD)

read more
25- Sept 2017
JTSEC, new member of ISMS Forum Spain
Posted by: José Ruiz

JTSEC is now member of ISMS Spain Forum, a Spanish association for the information security promotion.

ISMS Forum Spain is a non-profit organization founded in January 2007 to promote the development, knowledge and culture of Information Security in Spain and to act as benefit of all the community implicates of the sector.

read more
11- Sept 2017
Deep Machine Learning
Posted by: jtsec Team

Deep Machine Learning applied to cybersecurity in today's scene

Nowadays, the scene of cybersecurity is not the most hopeful one, If we consider the continuous growing and spreading of new kinds of malware through all types of devices and operating systems. Based on the statistics from sources such as Karspersky or GDATA, it is possible to check that the malware is not under control and still growing in new variants, with the objective of avoiding security measures and taking advantage of all types of vulnerabilities.

read more
25- May 2017
How ISO/IEC 27001 could have helped protecting your business from WannaCry
Posted by: José Pulido

WannaCry cyber attack exposed weaknesses of many big companies for cyber-threat to information security. Implanting ISO/IEC 27001 norm could have protected the information of the attacked companies.

On last May 12, a worldwide cyber-attack based on WannaCrypt ransomware software was carried out by cyber criminals, affecting a great number of important corporations in many countries. This event quickly appeared in every newspaper, news webpage, and social media.

read more
28- March 2017
Resilio Sync for Synology Fixed admin password vulnerability (CVE-2017-7270)
Posted by: Javier Tallón

The vulnerability allows remote users to connect to the NAS with admin privileges

Resilio (formerly BitTorrent Sync) delivers powerful solutions using their unique private cloud software built on core bittorrent technology. For well over 15 years, BitTorrent has been the leading technology to deliver large files over the Internet. BitTorrent Sync was the world’s first product to harness this powerful protocol for commercial purposes and Resilio expands on this mission. For a wide array of applications such as large file collaboration, file sync, folder sync, automated backup, and sending large files faster and more securely, Resilio offers the industry leading and fastest private cloud solution trusted by millions of consumers and thousands of business worldwide.

read more