First of all, auditor needs to be a SME, not only to the security management system, but also specifically in regards to ISO 27001. The reason is related to the fact that “terminology” or “particular definition” of terms is important. Then there are three simple aspects of any process or policy document which should have been adequately addressed by… Continue reading How to effectively audit any ISO 27001 process?
Author: Kaveh Mofidi
While I enjoy working with electronics, computers, and the fields of information and cybersecurity, I believe our challenges as humans extend far beyond infosec—and even beyond technology itself. The real task, I would argue, is to discover solutions for unlimited clean energy, drinkable water, practical waste management and to address the root causes of hunger, war, and injustice on our beautiful little planet. Our primary goal—each of us—should be to keep Earth livable. That is the true challenge we face.
ISO 27001 Audit Tips and Tricks
the easy way to maintain an effective, low cost and smart ISO 27001 security management system Even though there is no magic behind auditing a system based on ISO 27001, there are simple tricks which help you handle ISO 27001 or many other similar standards and frameworks, both as and auditor and auditee. I would… Continue reading ISO 27001 Audit Tips and Tricks
About SECURETARGET
Once Upon A Time . . . SECURE TARGET was one of the first independent group of professional freelancers in field of IT security, founded 1996 in Islamic Republic of Iran, when even using Internet in the country was a dream! The freelance group directed by its founder, Kaveh Mofidi and initially named ‘Iran Security… Continue reading About SECURETARGET
Cyber-War: An Analysis
Let’s learn about War and away from it in order to provide peace to people… Download and read Cyber War, (PDF) An Analysis, an ebook in Farsi text. In a Cyberwar, the importance of public services is equal to military bases! Publication: SECURE TARGET Cyber-Peace in English…Soon.
Microsoft Windows Huge Text Processing Instability
SECURE TARGET (Security Advisory October 17, 2004) Topic: Microsoft Windows Huge Text Processing Instability Discovery Date: October 14, 2004Original Advisory External Links: VULDB, Full-Disclosure, BugTraq, SICHERHEITSLüCKEN, Addict3d, Ls, Der Keiler, Seifried, NetSys, Mail Archive, SecLists, Neohapsis, Checksum, Network Security, Virus, DoddsNet, ReadList, Mega Security, Security Trap, Virovvch, DevArchives Affected applications and platforms: Notepad, NotePad2 and… Continue reading Microsoft Windows Huge Text Processing Instability
PerfectNav Crashes IE
Secure Target Network (Security Advisory February 25, 2004) Topic: PerfectNav Crashes IE Discovery Date: February 24, 2004 Original Advisory External: Full-Disclosure, BugTraq, Security Tracker, xforce, SANS Affected applications and platforms: Microsoft Internet Explorer 6 Service Pack 1 and older versions Introduction: PerfectNav is designed to redirect your URL typing errors to PerfectNav’s web page. Bundled… Continue reading PerfectNav Crashes IE
New IE Thread crashes by WU
Secure Target Network (Security Advisory December 31, 2003) Topic: New IE Thread crashes by WU Discovery Date: December 30, 2003 Original Advisory External: Full-Disclosure Affected applications and platforms: Microsoft Internet Explorer 6 Service Pack 1 Introduction: Any time you open your Windows Update (WU / wupdmgr.exe) and go to “Scan for Updates”; it takes a… Continue reading New IE Thread crashes by WU
Microsoft Outlook PST Exposure
Secure Target Network (Security Advisory August 31, 2003) Topic: Microsoft Outlook PST Exposure Discovery Date: August 28, 2003 Original Advisory External: Zone-h, Security Tracker, openwall, Full-Disclosure Affected applications and platforms: All versions of Outlook on any Windows platform Introduction: everyone work with .pst files, storing and managing his/her Outlook Data transparently under Microsoft Outlook. A… Continue reading Microsoft Outlook PST Exposure
Recycle Bin Unavailability of Service
Secure Target Network (Security Advisory July 24, 2003) Topic: Recycle Bin Unavailability of Service Discovery Date: July 24, 2003Original Advisory External: VulnDiscuss, List, openwall —–BEGIN PGP SIGNED MESSAGE—– Hash: SHA1 Secure Target Network (Security Advisory August 04, 2003) Topic: Recycle Bin Unavailability of Service Discovery date: July 24, 2003 Affected applications and platforms: Windows XP… Continue reading Recycle Bin Unavailability of Service
OE DBX Exposure
Secure Target Network (Security Advisory October 27, 2002) Topic: OE DBX Exposure Discovery date: October 02, 2002 Discovered by: Kaveh Mofidi External: Security Tracker, Bugtraq, Secunia Affected applications and platforms: All versions of Outlook Express on any Windows platform Introduction You already worked with .dbx files, storing and managing your messages under OE. A default… Continue reading OE DBX Exposure