Archive for the 'IT Security' Category

CISOs, Techies and Board execs. The unsolvable issue?

I have been participating in NG Security European summit lately, where there were lots of nice presentations about how CISOs are perceived by Board and Business Leaders. And the resuts are frightening. As IT needed decades to get at the Board level, Infosec isn’t mature yet and need to evolve its way to sell itself better.

Continue Reading »


Bruno Kerouanton on avril 13th 2016 in IT Security

Layered security on my laptop, in 10 (not so easy) steps !

160106-hardening0Some of my friends tell my I’m kind of paranoid, but I can’t help keeping my laptop very secure (at least as much I believe).

When Windows 10 was released, I had the following options: either keep Windows 8 on my PC, or upgrade to Win10, with some advantages. The start menu was back (although I didn’t need it since I’m using the great TrueLaunchBar utility since many many years), it was a free upgrade (I know what you’ll think about this), and it allowed me to be more secure and test new features. On the other side, it’s obvious Microsoft has shifted into the Cloud business, and now heavily relies on data harvesting. That means I need to harden my laptop to prevent any data leaks.

If you want to understand how to setup a similar config, here is my step-by-step checklist of what I’ve done :

Continue Reading »


Bruno Kerouanton on janvier 5th 2016 in IT Security

My own Spam Tracker


Since nearly 10 years, I use dedicated email addresses/passwords for every single website or company I register online.

That may seem cumbersome to many, as I need to log into a custom platform to create a new email address during registration, and I need to keep a record of all those passwords/emails/credentials somewhere, to remember what and where I’ve done, but this has numerous benefits :

Continue Reading »


Bruno Kerouanton on janvier 5th 2016 in IT Security

Messing around with Python versions

I’ve recently reinstalled or updated most of my currently used applications. During the process, 150122.pythonI’ve lost several hours messing around with Python versions and architecture models, « thanks » to cryptic error messages, and incompatibilities.

Here’s a short summary of issues and solutions, so you won’t spend useless time finding what’s wrong !

If you don’t want to read all this, just in short, install both 32bit builds of Python 2.7 and Python 3.3, and NOT the 64bit builds or Python 3.4.

Continue Reading »

No Comments »

Bruno Kerouanton on janvier 21st 2015 in IT, IT Security

CISOs, are corporate Policies obsolete? And are you already dead?


I’ve always wondered about this dilemna :
Even if, as a CISO, you define the best Infosec policy ever, and forbid your users all use of Cloud or unknown services such as Gmail, Dropbox, LogMeIn, TeamViewer to prevent Data Leakage, is that really efficient ?

Your company is not in a closed environment. Or it is already in bankrupcy, because you don’t have clients and contractors.

Continue Reading »


Bruno Kerouanton on octobre 9th 2014 in IT Security

New malware received : Dossier_1848785.exe

140110-malwareI’ve just received a new malware in one of my spam mailboxes.


The embedded file is a Zip archive, containing a fake PDF (the icon is a PDF, but it’s really a .exe file).

Continue Reading »

No Comments »

Bruno Kerouanton on janvier 10th 2014 in IT Security

So. I’ve erased all my Tweets – Bref. j’ai effacé mes Tweets !

140108-Banning-TwitterAmongst the good resolutions I’ve taken for 2014, I’ve decided to reset my Twitter account !

You may have noticed that I didn’t tweet anything after december 30th, 2013. The reason for this is that I wanted to archive all my previous tweets and delete them. It’s really no use keeping them on Twitter, as I realized most tweets are about fresh news that becomes obsolete a few days after, or excerpts from « personal messages » between Twitter users, that don’t need to stay online.

Continue Reading »


Bruno Kerouanton on janvier 8th 2014 in Blog's life, General, IT Security

New great (free) tool : Microsoft Message Analyzer

131121-ether2R.I.P Microsoft Network Monitor, welcome Microsoft Message Analyzer !

As I was investigating all my issues, I tried to see if there was another tool to sniff low-level packets and interactions with the system. Wireshark is a good sniffer, but being multiplatform and portable limits its capabilities to network.

I discovered that Microsoft had a new free product replacing their old (but still good) Network Monitor 3.4. It’s called Microsoft Message Analyzer, can be downloaded here, and seems to be quite interesting according to the dedicated TechNet blog and forums.

Continue Reading »

No Comments »

Bruno Kerouanton on novembre 21st 2013 in IT, IT Security

Je me souviens…

Je me souviens…


Continue Reading »


Bruno Kerouanton on novembre 11th 2013 in Blog's life, IT Security

A strange behavior of my PC

131101-investigationLast february, I’ve ordered and received a new laptop, to act as my main personal PC. Quite sophisticated, with lots of RAM, CPU, GPU, and SSD, so I could use it also as my infosec lab (running VMs, calculating hashes, doing forensics and more). As my close friends know, I always buy licenses of software I use, and don’t mess with pirated software for a few ethical reasons. So I also bought a Windows 8 Pro set of DVDs from my local store, and installed it a few days later. I also spent several weeks reinstalling all my software from scratch, reactivating licenses and configuring the whole so I could find my old environment back on the new laptop. So this was a laptop which wasn’t supposed to be crashing, using legit software, and admit I really enjoy using it.
But the issues that I experience since the acquisition are quite annoying, forcing me to stay « offline » for several weeks since the begining of the year, and spending days trying to recover backups, understand issues and more… Some of my frequent email correspondants know that I had those issues, since I was quite slow in answering emails during those « shutdown » periods…

Continue Reading »


Bruno Kerouanton on novembre 1st 2013 in IT, IT Security