GDPR
Microsoft-security-update
Microsoft has released fixes for 51 new CVE’s this month.
For the first patch Tuesday of the year Microsoft released patches for 96 vulnerabilities. Of these CVE’s 9 are rated as critical
The last patch Tuesday of the year. This month 67 patches for new CVEs were released by Microsoft. That brings the yearly total up to 887 patches.
71 CVEs have been fixed this patch Tuesday, on top of this 8 Microsoft Edge and 3 OpenSSL patches were released earlier this month. This is also the first patch...
A smaller patch this month, with fixes for 44 CVEs. But don’t let your guard down as Microsoft reported 2 publicly known vulnerabilities and even 1 that is currently being...
Patches for 117 CVEs were released this month by Microsoft. 13 of these are rated as critical also 6 of these exploits are publicly known and 4 are reported being...
Microsoft released patches for 50 CVEs this month, 5 are rated as critical and the others as important. An unusually high amount of bugs are reported to be publicly exploited...
Microsoft released patches for 55 CVEs this month of which 26 are rated as critical. This makes it a slower month than usual but there are still some very important...
Patches for 114 CVEs were released this month which makes this the busiest month of 2021 so far. Of these bugs, 19 are rated as critical. 1 bug is currently...
The third Patch Tuesday of the week brings more exploited vulnerabilities than usual so this is definitely one to pay attention to. A few of the CVEs were actually released...
For the second patch of 2021 we have 56 CVEs to look at. 11 of these vulnerabilities have been rated as critical and 43 as important. While the number of...
The first patch Tuesday of 2021! The blog team wishes you all the best for this new year. We kick the year off with 83 bugfixes this patch including one...
We end 2020 with a slower month, as per usual for December patches. 58 vulnerabilities have been addressed this final month of the year, of which 9 are rated critical...
The second Tuesday of the month is upon us again which means Microsoft has released its patch for this month, it provides fixes for 112 vulnerabilities. 17 patches have been...
As every second Tuesday of the month, the Microsoft security patch has arrived. This month’s patch brings fixes for 87 vulnerabilities, 11 of which are rated critical and 75 are...
This Patch Tuesday fixes 129 known vulnerabilities of which 23 are rated as critical.
This Patch Tuesday provides fixes for 120 vulnerabilities of which 17 are classified as critical and 103 as important. The update also provides a fix for 2 zero-day vulnerabilities that...
Every second Tuesday of the month, Microsoft releases a security update for all their software products. The update released on 14 July 2020 affects Windows, Microsoft’s web browsers and office...
Microsoft
Hi, my name is Enes Murat Kokcu, I’m a part of the Ordina security unit.
Microsoft has released fixes for 51 new CVE’s this month.
For the first patch Tuesday of the year Microsoft released patches for 96 vulnerabilities. Of these CVE’s 9 are rated as critical
The last patch Tuesday of the year. This month 67 patches for new CVEs were released by Microsoft. That brings the yearly total up to 887 patches.
71 CVEs have been fixed this patch Tuesday, on top of this 8 Microsoft Edge and 3 OpenSSL patches were released earlier this month. This is also the first patch...
A smaller patch this month, with fixes for 44 CVEs. But don’t let your guard down as Microsoft reported 2 publicly known vulnerabilities and even 1 that is currently being...
Patches for 117 CVEs were released this month by Microsoft. 13 of these are rated as critical also 6 of these exploits are publicly known and 4 are reported being...
Microsoft released patches for 50 CVEs this month, 5 are rated as critical and the others as important. An unusually high amount of bugs are reported to be publicly exploited...
Microsoft released patches for 55 CVEs this month of which 26 are rated as critical. This makes it a slower month than usual but there are still some very important...
Patches for 114 CVEs were released this month which makes this the busiest month of 2021 so far. Of these bugs, 19 are rated as critical. 1 bug is currently...
The third Patch Tuesday of the week brings more exploited vulnerabilities than usual so this is definitely one to pay attention to. A few of the CVEs were actually released...
For the second patch of 2021 we have 56 CVEs to look at. 11 of these vulnerabilities have been rated as critical and 43 as important. While the number of...
The first patch Tuesday of 2021! The blog team wishes you all the best for this new year. We kick the year off with 83 bugfixes this patch including one...
We end 2020 with a slower month, as per usual for December patches. 58 vulnerabilities have been addressed this final month of the year, of which 9 are rated critical...
The second Tuesday of the month is upon us again which means Microsoft has released its patch for this month, it provides fixes for 112 vulnerabilities. 17 patches have been...
As every second Tuesday of the month, the Microsoft security patch has arrived. This month’s patch brings fixes for 87 vulnerabilities, 11 of which are rated critical and 75 are...
This Patch Tuesday fixes 129 known vulnerabilities of which 23 are rated as critical.
This Patch Tuesday provides fixes for 120 vulnerabilities of which 17 are classified as critical and 103 as important. The update also provides a fix for 2 zero-day vulnerabilities that...
Every second Tuesday of the month, Microsoft releases a security update for all their software products. The update released on 14 July 2020 affects Windows, Microsoft’s web browsers and office...
BCMS
Vendor Management (Third Party Management or Supplier Management) is a popular topic in the information security world these days. Security in leading companies has been little by little but certainly...
One of the most common but critical misconceptions around Business Continuity Management is confusion of Business Impact Analysis (BIA) with Risk Assessment. Both are key elements of the Business Continuity...
On 10 March 2021, there was a fire at a cloud datacenter owned by the largest hosting provider in Europe, OVH. The fire was brought under control within hours, but...
If you are familiar with the Business Continuity Management (BCM) system, then you may know the terms Disaster Recovery Management (DRM) and Disaster Recovery Plan (DRP). Both BCM and DRM...
Do you think developing Business Continuity Management System (BCMS) is a hard challenge? This may be because you know some BCMSs contain detailed processes and lots of documentation. I would...
In Japan where I used to work, a Business Continuity Management System (BCMS) is a common business function. Due to its geographical setting, Japan has repeatedly been impacted by natural...
our-consultants
Emmanouil is a talented penetration tester who also has experience in a variety of other cybersecurity areas. Let’s see how he has gotten to this point.
interview
Last year around July, I was looking for a job and Ordina caught my eye. Especially its security area looked very interesting, so I scheduled a meeting to see if...
Firstly please tell us about your background. I am a 25 year old computer science student from UCLL. My first career choice was to become a software developer. But after...
My name is Tom De Wandel, a Cyber Security Professional student at Howest Bruges. To finish my stud-ies, I had to do a 3-month-during internship in an ICT company. Ordina...
Katerina is a university student who studies Computer Science. She assessed vulnerabilities of our internal network as her internship assignment.
Robin is studying Cloud and Cybersecurity at his university. To conclude his achievement, he had an internship at Ordina Security & Privacy unit.
Thomas is a university student who has ambition in red teaming. He had an internship at Ordina Security & Privacy unit for three months.
Emmanouil is a talented penetration tester who also has experience in a variety of other cybersecurity areas. Let’s see how he has gotten to this point.
Audit
Audits are not there to tell people they are doing a bad job. Audits are not there to blame people.
Compliance
Audits are not there to tell people they are doing a bad job. Audits are not there to blame people.
Cybercrime
At the start of this year, the 13th of January to be precise, West-Flemish weaving machine producer Picanol fell victim to a large-scale ransomware attack. The production lines in several...
ransomware
Even if you effectively maintain preventive measures, you still could become a ransomware victim some-day in the future. Here are some important points you must keep in mind in case...
As the old saying goes, to prevent is better than to cure. In order to prevent ransomware, we need to know what the most common attack vectors (methods) are and...
“Another one bites the dust” by Queen – it is one of my favorite songs and coincidentally one of my first thoughts when I hear that another organization has fallen...
Do we understand at all levels the importance of Cyber Security nowadays? For some, Cyber Security and its awareness is well understood, for others, it is yet a work in...
cybercrime
Even if you effectively maintain preventive measures, you still could become a ransomware victim some-day in the future. Here are some important points you must keep in mind in case...
The phrase “A chain is only as strong as its weakest link” is commonly used in the cyber security world how only one weak entry point is needed for a...
As the old saying goes, to prevent is better than to cure. In order to prevent ransomware, we need to know what the most common attack vectors (methods) are and...
“Another one bites the dust” by Queen – it is one of my favorite songs and coincidentally one of my first thoughts when I hear that another organization has fallen...
Ordina
Last year around July, I was looking for a job and Ordina caught my eye. Especially its security area looked very interesting, so I scheduled a meeting to see if...
Firstly please tell us about your background. I am a 25 year old computer science student from UCLL. My first career choice was to become a software developer. But after...
My name is Tom De Wandel, a Cyber Security Professional student at Howest Bruges. To finish my stud-ies, I had to do a 3-month-during internship in an ICT company. Ordina...
Katerina is a university student who studies Computer Science. She assessed vulnerabilities of our internal network as her internship assignment.
Robin is studying Cloud and Cybersecurity at his university. To conclude his achievement, he had an internship at Ordina Security & Privacy unit.
Thomas is a university student who has ambition in red teaming. He had an internship at Ordina Security & Privacy unit for three months.
After completing his master degree, Thomas joined Ordina Security and Privacy unit in 2020. Let’s see how he looks at Ordina and his career. Firstly please tell us about your...
disaster-recovery
On 10 March 2021, there was a fire at a cloud datacenter owned by the largest hosting provider in Europe, OVH. The fire was brought under control within hours, but...
personal-security
An endpoint is any device that connects to the network such as laptops, desktops, tablets, IoT devices, smartphones, servers, workstations, printers, etc. These serve as the entry points for many...
In the first installment of the spring cleaning series, we touched upon your digital footprint and how to protect your access. With this 3rd part of the spring cleaning series,...
In the first installment of the spring cleaning series, we touched upon your digital footprint and how to protect your access. In this second installment of the spring cleaning, we...
Spring is here – time to do a big spring clean-up. I’m referring to your “digital home”. Is your cyber hygiene up to date? If you are privacy conscious, you...
Redteaming
If you haven’t read it yet, you can find part 1 of this story here.
I got a request to perform a black box penetration test. The client was a multinational company with a presence in at least 5 countries. I had a limited experience...
project-management
Projects are set up in every field, especially in the Information Security field. They are created to work towards changes within a company in a controlled manner. Even though many...
Projects are set up in every field, especially in the Information Security field. They are created to work towards changes within a company in a controlled manner. Even though many...
security-management
Cyber security is a major global issue, and it is the case in Europe. In order to deal cyber threats, it is important to know how the European Union (EU)...
On 16 January 2023, the EU Digital Operational Resilience Act (DORA) entered into force. It will apply from 17 January 2025 and the requirements will become mandatory. The DORA consolidates...
What is the NIS-2 Directive?
In the previous article, I explained risk may include positive risks and risk management is indivisible from the business strategy. In this article, we will think risk management from the...
Security is an important topic for many companies but if you think only security is the matter, you may go too far or wrong direction. Through this blog series, I...
The International Accreditation Forum issued Transition Requirements for ISO/IEC 27001:2022 on 9th August 2022. ISO/IEC 27001 Information Security Management is one of the most common ISMS (Information Security Management System)...
Article by Bram Patelski of Ordina Netherlands
A new version of the globally accepted set of security control guidelines, ISO/IEC 27002:2022 was published on 15 February 2022. ISO/IEC 27002 is a part of the ISO/IEC 27000 series...
IAM (Identity and Access Management) has become a high priority issue for many companies. IAM is the process of ensuring that everyone has the right access at any time within...
Does the board of directors understand the organisation’s dependence on information technologies? Does the organisation recognise the importance of information security and provide support at a high level? Does the...
It is nothing special to hear about a cybersecurity incident; cybersecurity has become one of the most important aspects of any company that has IT systems.
An endpoint is any device that connects to the network such as laptops, desktops, tablets, IoT devices, smartphones, servers, workstations, printers, etc. These serve as the entry points for many...
There are two methodologies for IT security guidance: ISO 27001 (ISO/IEC 27001 Information Security Management) and NIST 800-53 (Security and Privacy Controls for Information Systems and Organizations). How do you...
Shadow IT is the use of IT systems without the knowledge of the IT or security group within the organisation. Software is an example, and as not all programs are...
redteaming
Nowadays, 3 words are enough to shake up a company; “We got hacked”. Admittingly, there are more elaborate ways to explain such a situation, but you get the gist. I...
penetration-test
Nowadays, 3 words are enough to shake up a company; “We got hacked”. Admittingly, there are more elaborate ways to explain such a situation, but you get the gist. I...
Privacy
How can I determine whether GDPR is applicable or not for an application/system? Without going into ‘territorial’ details, the answer is rather simple: if your application/system is processing(*) personal data,...
The boundaries between security & privacy are blurring. Today security professionals are expected to have experience in both fields and to be able to advise on cases related to protection...
