Sicherheit welche gefahren durch drohnen drohen golem.deReputelligence
Flugobjekte mit biologischen Kampfstoffen, Motorsäge oder Pistole: 140 Risiken durch Drohnen hat der Sicherheitsexterte Dominique Brack gesammelt. Die geplanten Angriffe sind dabei gar nicht die schlimmsten.
Der für das Schweizer Telekommunikationsunternehmen Swisscom tätige Sicherheitsexperte Dominique Brack analysiert zusammen mit anderen Anbietern kritischer Infrastrukturen mögliche Angriffsszenarien mit kommerziell erhältlichen Drohnen. Auf der Sicherheitskonferenz Deepsec in Wien hat er seine Ergebnisse vorgestellt.
Intensity levels social engineering engagement framework (seef) first cut d...Reputelligence
Intensity Levels
Intensity level ratings are a unique feature of SEEF’s methods.
The intensity levels are represented by a table of levels ranging
from 1–12, with Level 1 being the least risky and Level 12 the
highest possible risk. The table can be used for planning and scoping social engineering engagements, on a personal level or as company policy. Attack vectors are also developed and based on predefined intensity levels. Levels 1– 3 (green) represent low risk and small potential for legal implications. The green levels mainly contain Open Source Intelligence (OSINT), limited scope (local/ national) and preservation of a person’s or company’s integrity. Levels 4–6 (orange) are medium risk with potential for legal ramifications and include invasive, intrusive or ethically questionable, international or VIP engagements. Levels 7–-9 (red) involve coercion, felonies, high-profile political or medially present organizations or individuals, and risk of collateral damages. Levels 10-12 (black) are highly
illegal, including treason, breach of international law, possible death sentences, cyber warfare, industrial espionage, and loss of lives. Donot engage!
DRONES THE NEW WEAPON OF CHOICE - ALSO FOR HACKERSReputelligence
My talk will be about drone threats in general and how you can assess drone based threats. I will show the comprehensive threat assessment methodology and the countermeasures you can take against the drone threat. The threat assessment is based on a catalog of about 140 items. Particularly interesting will be looking at the drone threats in relation to:
Planting payload at specific locations (i.e. hacking equipment transported to target location for instance)
Tampering communication equipment with the help of drones
Insider threat communicate with an insider with the help of a drone
Hacking the communication of a drone
Privacy violations
etc.
The document discusses the timeline for transitioning to quantum-safe cryptography. It notes that current cryptography is based on today's technology and is secure until the first quantum computer is available that can run Shor's algorithm. This would allow encryption to be cracked. It suggests transitioning to quantum-safe cryptography when the first quantum computer integrated with Shor's algorithm emerges, which could happen quickly once that milestone is reached. The document outlines different alarm levels related to quantum computing capabilities and stresses the importance of having quantum-safe cryptography before widespread systems capable of cracking current encryption become viable.
Dominique C. Brack, known as D#fu5e and VP of operations at social engineering engagement framework (SEEF), will release the first known human-to-social-engineering interface, today.
The SEEF human-to-social-engineering interface is a powerful visual tool, allowing users to set social engineering parameter of an individual person, without having to think.
Until today, social engineering had no human-to-social-engineering interface to plant social engineering attack vectors in a detailed and appealing way.
Business shoes looking inconspicuous but still enough power to climb a wall o...Reputelligence
Everyone knows business shoes and everyone knows climbing shoes or the soles used by most of them. I never understood why business shoes have this stupid slippery useless soles on them.
It was always my dream to create a combination of a great business shoe with a great sole. My local shoemaker created this wonder for me after my wife encourage me to ask him if he could such a thing. Took some convincing though – since no one does this and it could go wrong.
It got them for my birthday. You can do this with any business shoe. The hard part is finding a capable shoemaker for mounting your Vibram soles onto a pair of business shoes.
As shoe I used a local known Swiss brand Fretzmen. If you want the contact details of my capable shoemaker let me know.
Press release social engineering engagement framework seef social engineering...Reputelligence
BURGISTEIN, Switzerland, September 1st 2016 - Dominique C. Brack, known as D#fu5e and VP of operations at social engineering engagement framework (SEEF), will release the first known social engineering icons, today.
The SEEF social engineering Icons are a powerful visual tool, allowing users to identify a message, without having to think. People recognize icons faster than words. Visual perception is one of the most productive ways through which people can obtain information and process it.
Until today, social engineering had no icons to describe social engineering attack vectors in a detailed and appealing way. The extensive collection of social engineering icons includes icons for: well-known attack vectors, like phishing, dumpster diving, tailgating, or eavesdropping, and for less known attack vectors like: befriending, reciprocation, shoulder surfing, or impersonation. In total, there about 38 icons.
Sicherheit welche gefahren durch drohnen drohen golem.deReputelligence
Flugobjekte mit biologischen Kampfstoffen, Motorsäge oder Pistole: 140 Risiken durch Drohnen hat der Sicherheitsexterte Dominique Brack gesammelt. Die geplanten Angriffe sind dabei gar nicht die schlimmsten.
Der für das Schweizer Telekommunikationsunternehmen Swisscom tätige Sicherheitsexperte Dominique Brack analysiert zusammen mit anderen Anbietern kritischer Infrastrukturen mögliche Angriffsszenarien mit kommerziell erhältlichen Drohnen. Auf der Sicherheitskonferenz Deepsec in Wien hat er seine Ergebnisse vorgestellt.
Intensity levels social engineering engagement framework (seef) first cut d...Reputelligence
Intensity Levels
Intensity level ratings are a unique feature of SEEF’s methods.
The intensity levels are represented by a table of levels ranging
from 1–12, with Level 1 being the least risky and Level 12 the
highest possible risk. The table can be used for planning and scoping social engineering engagements, on a personal level or as company policy. Attack vectors are also developed and based on predefined intensity levels. Levels 1– 3 (green) represent low risk and small potential for legal implications. The green levels mainly contain Open Source Intelligence (OSINT), limited scope (local/ national) and preservation of a person’s or company’s integrity. Levels 4–6 (orange) are medium risk with potential for legal ramifications and include invasive, intrusive or ethically questionable, international or VIP engagements. Levels 7–-9 (red) involve coercion, felonies, high-profile political or medially present organizations or individuals, and risk of collateral damages. Levels 10-12 (black) are highly
illegal, including treason, breach of international law, possible death sentences, cyber warfare, industrial espionage, and loss of lives. Donot engage!
DRONES THE NEW WEAPON OF CHOICE - ALSO FOR HACKERSReputelligence
My talk will be about drone threats in general and how you can assess drone based threats. I will show the comprehensive threat assessment methodology and the countermeasures you can take against the drone threat. The threat assessment is based on a catalog of about 140 items. Particularly interesting will be looking at the drone threats in relation to:
Planting payload at specific locations (i.e. hacking equipment transported to target location for instance)
Tampering communication equipment with the help of drones
Insider threat communicate with an insider with the help of a drone
Hacking the communication of a drone
Privacy violations
etc.
The document discusses the timeline for transitioning to quantum-safe cryptography. It notes that current cryptography is based on today's technology and is secure until the first quantum computer is available that can run Shor's algorithm. This would allow encryption to be cracked. It suggests transitioning to quantum-safe cryptography when the first quantum computer integrated with Shor's algorithm emerges, which could happen quickly once that milestone is reached. The document outlines different alarm levels related to quantum computing capabilities and stresses the importance of having quantum-safe cryptography before widespread systems capable of cracking current encryption become viable.
Dominique C. Brack, known as D#fu5e and VP of operations at social engineering engagement framework (SEEF), will release the first known human-to-social-engineering interface, today.
The SEEF human-to-social-engineering interface is a powerful visual tool, allowing users to set social engineering parameter of an individual person, without having to think.
Until today, social engineering had no human-to-social-engineering interface to plant social engineering attack vectors in a detailed and appealing way.
Business shoes looking inconspicuous but still enough power to climb a wall o...Reputelligence
Everyone knows business shoes and everyone knows climbing shoes or the soles used by most of them. I never understood why business shoes have this stupid slippery useless soles on them.
It was always my dream to create a combination of a great business shoe with a great sole. My local shoemaker created this wonder for me after my wife encourage me to ask him if he could such a thing. Took some convincing though – since no one does this and it could go wrong.
It got them for my birthday. You can do this with any business shoe. The hard part is finding a capable shoemaker for mounting your Vibram soles onto a pair of business shoes.
As shoe I used a local known Swiss brand Fretzmen. If you want the contact details of my capable shoemaker let me know.
Press release social engineering engagement framework seef social engineering...Reputelligence
BURGISTEIN, Switzerland, September 1st 2016 - Dominique C. Brack, known as D#fu5e and VP of operations at social engineering engagement framework (SEEF), will release the first known social engineering icons, today.
The SEEF social engineering Icons are a powerful visual tool, allowing users to identify a message, without having to think. People recognize icons faster than words. Visual perception is one of the most productive ways through which people can obtain information and process it.
Until today, social engineering had no icons to describe social engineering attack vectors in a detailed and appealing way. The extensive collection of social engineering icons includes icons for: well-known attack vectors, like phishing, dumpster diving, tailgating, or eavesdropping, and for less known attack vectors like: befriending, reciprocation, shoulder surfing, or impersonation. In total, there about 38 icons.
Press release social engineering engagement framework seef social engineering...Reputelligence
BURGISTEIN, Switzerland, September 1st 2016 - Dominique C. Brack, known as D#fu5e and VP of operations at social engineering engagement framework (SEEF), will release the first known social engineering icons, today.
The SEEF social engineering Icons are a powerful visual tool, allowing users to identify a message, without having to think. People recognize icons faster than words. Visual perception is one of the most productive ways through which people can obtain information and process it.
Until today, social engineering had no icons to describe social engineering attack vectors in a detailed and appealing way. The extensive collection of social engineering icons includes icons for: well-known attack vectors, like phishing, dumpster diving, tailgating, or eavesdropping, and for less known attack vectors like: befriending, reciprocation, shoulder surfing, or impersonation. In total, there about 38 icons.
Video integrated teaser awareness campaign seef Reputelligence
The document promotes social engineering prevention services offered by a company called Seef. It encourages readers to call their social engineering expert to arrange awareness sessions for staff to educate them on social engineering threats. The document suggests that awareness is better than having no knowledge or preparation for social engineering attempts.
Social engineering has become more sophisticated with precise tools and approaches, making countermeasures difficult. Various attack vectors are discussed, including dumpster diving, eavesdropping, and exploiting interpersonal relationships through small talk. Social engineers can gain a lot of private information through listening in on others' communications and conversations.
Sneak peek preview area 41 conference Zürich 10. - 11- June 2016 Reputelligence
Meet me at the http://area41.io/ conference #area41 #a41con. Join my session on June 11th afternoon. I will reveal some exclusive social engineering content. Here a sneak peak preview. Cheers Dom
The premier technical security conference in Switzerland organized by DEFCON Switzerland. The next Area41 conference will be held June 10.-11.2016 in Zurich
If you are observing the social engineering landscape in terms of social engineers, documentation, and frameworks out there, you will realize the topic has, as we call it, a low maturity. Low maturity means there are no well-defined processes or defined frameworks in which professionals can apply and benchmark themselves. Today’s landscape is little like the Wild West. There is lot of fear, uncertainty, and doubt (FUD).
With SEEF we want to oppose this situation. As you maybe have seen, our motto is visible on the book covers badge: Docendo – Discimus. It is a Latin proverb and means: “By teaching, we learn.” This is what we want. We want to teach anyone interested in social engineering the skills to do it properly, professionally, and ethically. This is Social Engineering Engagement Management (SEEF) — FIRST CUT. It is literally the first cut of the framework that we have pioneered and want to share.
May 2014 There was a line up to the problem. It was not sudden. There was time to fix the problem without shortcuts (1 year). Before the problem got out of hand (involvement of authorities).
Big mistake N#1 (unintentionally or intentionally): Volkswagen tells regulators that the differences amount to technical issues and "unexpected" test conditions. First try to cover up or the start of workarounds? Protective statement.
Recall in December 2014. Because the problem couldn't be fixed? The intention to “doctor” could also have been started here.
May 2015 next governmental involvement. Second chance to make things right i.e. coming forward or disclose voluntarily.
July 2015 point of no return. Third chance for a coming out or getting a handle on the problem.
September 2015 problem total out of control on all levels; politically, technically, environmentally, reputation wise.
Reputelligence Lifecycle v3 Volkswagen example Reputelligence
This is lifecycle applied to the Volkswagen "defeat device" problem. It show the lead up to the eruption of the problem on September 18th. Many things followed after that but they will be analysed in another problem lifecycle zooming in on those dates.
«Se Klaud Brojäkt bräiks daun – wot is se först sing yu du?» Hä?Reputelligence
Cloud readiness can be reduced to one simple statement. You don't need a maturity assessment or expensive consultants :-). Have you a working information classification policy? f yes: congratulations you can go now you will be fine. «Se Klaud Brojäkt bräiks daun – wot is se först sing yu du?»
Hä?
U blame se Se Ei O.
No no no, you dreamer you hä dream on. Ei tell dir okey.
Se sewen sinking steps.
1. Finding the right (or left) broblem to solve
2. Sefining the broblem
3. Analysing the broblem
4. Developing bossibilities
5. Selecting se best solution
6. Implementing
7. Evaluating and lörning
Reputelligence power point template lifecycle v3Reputelligence
Today, good news -- or bad news -- breaks in real time. And anything can go viral in short order. This is great for cute babies laughing in videos, or heart-warming tales of good deeds. It's not great, however, for the unexpected, inevitable crisis that any organization will face in its existence at some point. Luckily, nothing in the social media world is too much different than in the "real world."
What is the problem you might ask?
Problems (real- and digital world) usually follow a very specific pattern and dynamic. Understanding the patterns and dynamic behind will significantly improve resiliency. When does an incident become a crisis?
Managing a massive crisis is very difficult because of the information asymmetry.
Defining where you stand in a crisis is even more difficult.
Complex problem or crisis management requires specific techniques and tools. Numerous examples of bad crisis management are known to everyone. If you are managing a crisis from the inside you need actual up to date information on the current situation (where are we) and next steps (what are we going to do next). So far this was a very hard task. Either you have been at the will of a hopefully decent crisis manager or PR firm.
The lack of transparency always bugged me. I was to set out to look for ways of making the problem mangement or crisis management process more transparent for everyone involved.
I always take a highly strategic view of things and aim for practical application and simplification.
Out of this came the Reputelligence™ Problem LifeCycle. At first it looks overwhelming but i will guide you through the construction. This will help you understand the principles behind the life-cycle so you can apply it in your context.
Security agility- dynamic policy creation and rolloutReputelligence
The following example of a recent story is the perfect analogy for dynamic policy creation. The Swiss MediaMarket (Electronics Chain) reacted amicably when we were presented with a heat wave. All over the news people where warned about the topic of leaving your children or your pets in the car. Unfortunately there where fatalities due to the practice of leaving small children in the car. There was a lot of talk but MediaMarkt spun into action. This story has all the ingredients for future security (advanced persistent threats) APT's and how you will have to deal with them. The same process' will have to be applied to your policy framework.
Hack back series data is an asset - registration strategies v0.1Reputelligence
If there is just one thing you need to remember about information security it's this: "Data is an asset & asset = money"
This is all there is you need to know for information security. I also work on volunteering for a hacker high school project and the most important thing about security I try to teach the teenagers is this. "Data is an asset"
Usually I do it this way: I will have some coins at hand for this. Then I make a list together with the teenagers with attributes they use for registration for a so called "free" service. "If it's free then U are the product in some way or form". The problem with data is an asset is: it's abstract. Giving away information bytes is painless, easy and of no consequence in the first place. So I need to make a connection for the teenagers to remember or to link in the brain: data is an asset. Now the abstract concept of "Data is an asset" has been linked. The discussions becomes focused around: what do I get in return for the money (asset: your name) I paid for. Where is my freedom? Why do I don't get money if people are making money from my data and information (advertising). I should get paid if my information is used to make profit. I shouldn't reveal my information too easily.
Hack back series how to spot fake linked in profiles - a way to figure out f...Reputelligence
Hack back series is all about YOU and how I can contribute to make the internet a safer place for everyone.
LinkedIn Forensic for the standard user. I like to guide you through a forensic approach to check for false profile pictures and false profiles on LinkedIn .
The techniques you learn will are essentials skills now and in the future.
More and more you will have to do this in the digital world since attacks, scams and scum bags are upsizing their attack intelligence.
Protect yourself and become more diligent in the use of digital media.
If not even a former first lady or future presidential candidate “gets it”, what's wrong with information security awareness? Of course responsibility comes with the person using services but what about the information security adviser? Was this partially his fault too? Had he any change to raise his voice for promoting information security awareness? Fact is we all know how hard it is to train VIP’s, senior executives or developers ;-) in the matter of information security awareness (I am not talking about the great guys out there advocating information security on all levels and ranks, I am talking about the main stream people). At least I could tell you some great stories about my personal experiences with it (next time maybe).
The car industry is now at the exact same point the IT industry was decades ago. The problem is security has not been built into those system rather is has been bolted on. It is saddening to see all the past failures of the software industry have to be repeated by the car industry.
EN- Teaser for tonight's cloud presentation. Will share all the slides after the event. The graphic depicts the typical cloud project phases. Honeymoon (everyone on their horses and charge!), eclipse (oh oh first shadows), etc.
DE- Kleiner Ausblick in die Präsentation von heute Abend. Der Ausschnitt zeigt die Projekt Phasen bei einem Cloud Projekt. Die Hochzeits- Reise Phase (Alles klar sofort loslegen-Action!)
There are many definitions about what a leader entails and what not
There are similar many tips and tricks how to become one
Let me share experience and knowledge
Dive deep into the corporate world and into management wisdom
There are many definitions what a leader does and how he/ she does it
From very inspirational to utterly complicated, oversimplified to outright wrong
There is next to no definition how you actually know when you are one
Let me help you there with a simple definition
Annoying practices series stupid math quiz etc v0.2Reputelligence
About the annoying practice of publishing quizzes on social networks in order to gain likes, shares and raise in popularity. My open comment to those practicing this extensively:
Please stop sharing these quizzes, brain teasers and riddles. I have you in my contacts for professional reasons. My network is comprised of high valuable contacts and professional business associates. I see LinkedIn as a professional network and do not consider this type of interaction as a professional dialog. In order to protect myself and my valued connections I will consequently remove partners in my network who I believe disturb and distract a professional exchange. You have to value for yourself what matters more: the connection you have with me and the benefit of the associated network or the gained popularity and interaction you have through those quizzes. I do value original content and personal views for sharing but not shared canned content which I believe only fuels the purpose of gaining popularity, hits and likes. I am happy to connect back with you when you consider my view of the use of LinkedIn and the responsibility that comes with it. If you want to connect on a personal level please send a new connections request and let me know your thoughts.
It was a pleasure having you as one of my valued contacts.
About the annoying practice of publishing quizzes on social networks in order to gain likes, shares and raise in popularity. My open comment to those practicing this extensively:
Please stop sharing these quizzes, brain teasers and riddles. I have you in my contacts for professional reasons. My network is comprised of high valuable contacts and professional business associates. I see LinkedIn as a professional network and do not consider this type of interaction as a professional dialog. In order to protect myself and my valued connections I will consequently remove partners in my network who I believe disturb and distract a professional exchange. You have to value for yourself what matters more: the connection you have with me and the benefit of the associated network or the gained popularity and interaction you have through those quizzes. I do value original content and personal views for sharing but not shared canned content which I believe only fuels the purpose of gaining popularity, hits and likes. I am happy to connect back with you when you consider my view of the use of LinkedIn and the responsibility that comes with it. If you want to connect on a personal level please send a new connections request and let me know your thoughts.
It was a pleasure having you as one of my valued contacts.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Press release social engineering engagement framework seef social engineering...Reputelligence
BURGISTEIN, Switzerland, September 1st 2016 - Dominique C. Brack, known as D#fu5e and VP of operations at social engineering engagement framework (SEEF), will release the first known social engineering icons, today.
The SEEF social engineering Icons are a powerful visual tool, allowing users to identify a message, without having to think. People recognize icons faster than words. Visual perception is one of the most productive ways through which people can obtain information and process it.
Until today, social engineering had no icons to describe social engineering attack vectors in a detailed and appealing way. The extensive collection of social engineering icons includes icons for: well-known attack vectors, like phishing, dumpster diving, tailgating, or eavesdropping, and for less known attack vectors like: befriending, reciprocation, shoulder surfing, or impersonation. In total, there about 38 icons.
Video integrated teaser awareness campaign seef Reputelligence
The document promotes social engineering prevention services offered by a company called Seef. It encourages readers to call their social engineering expert to arrange awareness sessions for staff to educate them on social engineering threats. The document suggests that awareness is better than having no knowledge or preparation for social engineering attempts.
Social engineering has become more sophisticated with precise tools and approaches, making countermeasures difficult. Various attack vectors are discussed, including dumpster diving, eavesdropping, and exploiting interpersonal relationships through small talk. Social engineers can gain a lot of private information through listening in on others' communications and conversations.
Sneak peek preview area 41 conference Zürich 10. - 11- June 2016 Reputelligence
Meet me at the http://area41.io/ conference #area41 #a41con. Join my session on June 11th afternoon. I will reveal some exclusive social engineering content. Here a sneak peak preview. Cheers Dom
The premier technical security conference in Switzerland organized by DEFCON Switzerland. The next Area41 conference will be held June 10.-11.2016 in Zurich
If you are observing the social engineering landscape in terms of social engineers, documentation, and frameworks out there, you will realize the topic has, as we call it, a low maturity. Low maturity means there are no well-defined processes or defined frameworks in which professionals can apply and benchmark themselves. Today’s landscape is little like the Wild West. There is lot of fear, uncertainty, and doubt (FUD).
With SEEF we want to oppose this situation. As you maybe have seen, our motto is visible on the book covers badge: Docendo – Discimus. It is a Latin proverb and means: “By teaching, we learn.” This is what we want. We want to teach anyone interested in social engineering the skills to do it properly, professionally, and ethically. This is Social Engineering Engagement Management (SEEF) — FIRST CUT. It is literally the first cut of the framework that we have pioneered and want to share.
May 2014 There was a line up to the problem. It was not sudden. There was time to fix the problem without shortcuts (1 year). Before the problem got out of hand (involvement of authorities).
Big mistake N#1 (unintentionally or intentionally): Volkswagen tells regulators that the differences amount to technical issues and "unexpected" test conditions. First try to cover up or the start of workarounds? Protective statement.
Recall in December 2014. Because the problem couldn't be fixed? The intention to “doctor” could also have been started here.
May 2015 next governmental involvement. Second chance to make things right i.e. coming forward or disclose voluntarily.
July 2015 point of no return. Third chance for a coming out or getting a handle on the problem.
September 2015 problem total out of control on all levels; politically, technically, environmentally, reputation wise.
Reputelligence Lifecycle v3 Volkswagen example Reputelligence
This is lifecycle applied to the Volkswagen "defeat device" problem. It show the lead up to the eruption of the problem on September 18th. Many things followed after that but they will be analysed in another problem lifecycle zooming in on those dates.
«Se Klaud Brojäkt bräiks daun – wot is se först sing yu du?» Hä?Reputelligence
Cloud readiness can be reduced to one simple statement. You don't need a maturity assessment or expensive consultants :-). Have you a working information classification policy? f yes: congratulations you can go now you will be fine. «Se Klaud Brojäkt bräiks daun – wot is se först sing yu du?»
Hä?
U blame se Se Ei O.
No no no, you dreamer you hä dream on. Ei tell dir okey.
Se sewen sinking steps.
1. Finding the right (or left) broblem to solve
2. Sefining the broblem
3. Analysing the broblem
4. Developing bossibilities
5. Selecting se best solution
6. Implementing
7. Evaluating and lörning
Reputelligence power point template lifecycle v3Reputelligence
Today, good news -- or bad news -- breaks in real time. And anything can go viral in short order. This is great for cute babies laughing in videos, or heart-warming tales of good deeds. It's not great, however, for the unexpected, inevitable crisis that any organization will face in its existence at some point. Luckily, nothing in the social media world is too much different than in the "real world."
What is the problem you might ask?
Problems (real- and digital world) usually follow a very specific pattern and dynamic. Understanding the patterns and dynamic behind will significantly improve resiliency. When does an incident become a crisis?
Managing a massive crisis is very difficult because of the information asymmetry.
Defining where you stand in a crisis is even more difficult.
Complex problem or crisis management requires specific techniques and tools. Numerous examples of bad crisis management are known to everyone. If you are managing a crisis from the inside you need actual up to date information on the current situation (where are we) and next steps (what are we going to do next). So far this was a very hard task. Either you have been at the will of a hopefully decent crisis manager or PR firm.
The lack of transparency always bugged me. I was to set out to look for ways of making the problem mangement or crisis management process more transparent for everyone involved.
I always take a highly strategic view of things and aim for practical application and simplification.
Out of this came the Reputelligence™ Problem LifeCycle. At first it looks overwhelming but i will guide you through the construction. This will help you understand the principles behind the life-cycle so you can apply it in your context.
Security agility- dynamic policy creation and rolloutReputelligence
The following example of a recent story is the perfect analogy for dynamic policy creation. The Swiss MediaMarket (Electronics Chain) reacted amicably when we were presented with a heat wave. All over the news people where warned about the topic of leaving your children or your pets in the car. Unfortunately there where fatalities due to the practice of leaving small children in the car. There was a lot of talk but MediaMarkt spun into action. This story has all the ingredients for future security (advanced persistent threats) APT's and how you will have to deal with them. The same process' will have to be applied to your policy framework.
Hack back series data is an asset - registration strategies v0.1Reputelligence
If there is just one thing you need to remember about information security it's this: "Data is an asset & asset = money"
This is all there is you need to know for information security. I also work on volunteering for a hacker high school project and the most important thing about security I try to teach the teenagers is this. "Data is an asset"
Usually I do it this way: I will have some coins at hand for this. Then I make a list together with the teenagers with attributes they use for registration for a so called "free" service. "If it's free then U are the product in some way or form". The problem with data is an asset is: it's abstract. Giving away information bytes is painless, easy and of no consequence in the first place. So I need to make a connection for the teenagers to remember or to link in the brain: data is an asset. Now the abstract concept of "Data is an asset" has been linked. The discussions becomes focused around: what do I get in return for the money (asset: your name) I paid for. Where is my freedom? Why do I don't get money if people are making money from my data and information (advertising). I should get paid if my information is used to make profit. I shouldn't reveal my information too easily.
Hack back series how to spot fake linked in profiles - a way to figure out f...Reputelligence
Hack back series is all about YOU and how I can contribute to make the internet a safer place for everyone.
LinkedIn Forensic for the standard user. I like to guide you through a forensic approach to check for false profile pictures and false profiles on LinkedIn .
The techniques you learn will are essentials skills now and in the future.
More and more you will have to do this in the digital world since attacks, scams and scum bags are upsizing their attack intelligence.
Protect yourself and become more diligent in the use of digital media.
If not even a former first lady or future presidential candidate “gets it”, what's wrong with information security awareness? Of course responsibility comes with the person using services but what about the information security adviser? Was this partially his fault too? Had he any change to raise his voice for promoting information security awareness? Fact is we all know how hard it is to train VIP’s, senior executives or developers ;-) in the matter of information security awareness (I am not talking about the great guys out there advocating information security on all levels and ranks, I am talking about the main stream people). At least I could tell you some great stories about my personal experiences with it (next time maybe).
The car industry is now at the exact same point the IT industry was decades ago. The problem is security has not been built into those system rather is has been bolted on. It is saddening to see all the past failures of the software industry have to be repeated by the car industry.
EN- Teaser for tonight's cloud presentation. Will share all the slides after the event. The graphic depicts the typical cloud project phases. Honeymoon (everyone on their horses and charge!), eclipse (oh oh first shadows), etc.
DE- Kleiner Ausblick in die Präsentation von heute Abend. Der Ausschnitt zeigt die Projekt Phasen bei einem Cloud Projekt. Die Hochzeits- Reise Phase (Alles klar sofort loslegen-Action!)
There are many definitions about what a leader entails and what not
There are similar many tips and tricks how to become one
Let me share experience and knowledge
Dive deep into the corporate world and into management wisdom
There are many definitions what a leader does and how he/ she does it
From very inspirational to utterly complicated, oversimplified to outright wrong
There is next to no definition how you actually know when you are one
Let me help you there with a simple definition
Annoying practices series stupid math quiz etc v0.2Reputelligence
About the annoying practice of publishing quizzes on social networks in order to gain likes, shares and raise in popularity. My open comment to those practicing this extensively:
Please stop sharing these quizzes, brain teasers and riddles. I have you in my contacts for professional reasons. My network is comprised of high valuable contacts and professional business associates. I see LinkedIn as a professional network and do not consider this type of interaction as a professional dialog. In order to protect myself and my valued connections I will consequently remove partners in my network who I believe disturb and distract a professional exchange. You have to value for yourself what matters more: the connection you have with me and the benefit of the associated network or the gained popularity and interaction you have through those quizzes. I do value original content and personal views for sharing but not shared canned content which I believe only fuels the purpose of gaining popularity, hits and likes. I am happy to connect back with you when you consider my view of the use of LinkedIn and the responsibility that comes with it. If you want to connect on a personal level please send a new connections request and let me know your thoughts.
It was a pleasure having you as one of my valued contacts.
About the annoying practice of publishing quizzes on social networks in order to gain likes, shares and raise in popularity. My open comment to those practicing this extensively:
Please stop sharing these quizzes, brain teasers and riddles. I have you in my contacts for professional reasons. My network is comprised of high valuable contacts and professional business associates. I see LinkedIn as a professional network and do not consider this type of interaction as a professional dialog. In order to protect myself and my valued connections I will consequently remove partners in my network who I believe disturb and distract a professional exchange. You have to value for yourself what matters more: the connection you have with me and the benefit of the associated network or the gained popularity and interaction you have through those quizzes. I do value original content and personal views for sharing but not shared canned content which I believe only fuels the purpose of gaining popularity, hits and likes. I am happy to connect back with you when you consider my view of the use of LinkedIn and the responsibility that comes with it. If you want to connect on a personal level please send a new connections request and let me know your thoughts.
It was a pleasure having you as one of my valued contacts.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen