Category Archives: Blog

Tool for extracting possible IoC information from files

This blog post presents a tool called ioc_strings that can be used to gather relevant technical information from file strings. The tool is developed for CinCan project to be used in incident analysis Continuous Integration (CI) pipelines, and also for standalone use for incident analyst. ioc_strings tool extracts possible IoC (Indicator of Compromize) information from files, such as urls, domains, emails, hashes etc. These IoC types are compatible with Cortex-Analyzers, therefore it is possible to feed these gathered […]

National Cyber Security Exercise 2019 is over or is it?

Week 21 was the actual exercise week for the national cyber security exercise. The immense planning and implementation work led by the Secretary General of the Security Committee, Vesa Valtonen, culminated in the exercise week where the organisations of state administration practiced in a technical-operational cyber exercise survival in wide-ranging and multidimensional cyber incidents. Now […]

Optimising and securing Dockerfiles

In an earlier post, Analysing malicious PDF documents using Dockerized tools, we covered the use of some PDF analysis tools we have Dockerized in the CinCan project. A Docker image can often be made quite easily, but there are things you should take in account to make it a good one. In this post we take a […]

Disobey – The Nordic Security Event

Disobey, the annual Nordic security event was held on 11th-12th of January 2019 at Kaapelitehdas, Helsinki. The group of JYVSECTEC staff members participated to the event with an aim to hear the latest news from the field, meet their colleagues, increase their knowledge and of course, to have fun! Group had also a desire to […]

Analysing malicious PDF documents using Dockerized tools

One of the goals of the CinCan project is to provide tools that automate the repetitive tasks of malware analysis using practices familiar from continuous integration to enable rapid creation, augmentation, correlation and sharing of analysis and threat intelligence. Using Docker containers, we have portable tools, which can be conveniently configured for use in designated […]

From trainee to employee

Practical training is an important part of studies and has a special part in education. Training period gives an excellent opportunity to get familiar with working life during the studies.  It also gives you a better chance to find employment opportunities that match your field of studies after graduation. In this blog post I will […]

User Tracking in Internet

User tracking has gained interest after it has become a major source of revenue for advertisers. Tracking methods have evolved , however the users have also become more aware of how they are being tracked and what to do to evade tracking. More tools are available for personal tracking protection and they are becoming increasingly […]

RGCE organizational environments

JYVSECTEC’s cyber range RGCE has been in development since 2011 aiming to provide a realistic exercise environment for organizations of different sizes and industry sectors. In recent years, the development has focused on building multiple business sector specific organization environments, which mimic technical and business functions of real organizations. These environments also have realistic dependencies with each […]

Experiences of the ECSO WG4 (SME group) meeting

I am representing JAMK University of Applied Sciences in the ECSO Working Group 4 (WG4), which deals with SME issues. I participated the first WG4 meeting on December 2016. The main task for the WG4 is to support SMEs, coordination with countries (in particular East EU) and regions. Institute of Information Technology and JYVSECTEC from […]

JYVSECTEC success story

Construction phase 2010 – 2014 First negotiations about co-operation in research and development program around network and computer security were launched with Finnish industry in December 2010. Those negotiations led to the funding proposal of the JYVSECTEC –program focused to the development environments and to the systems of command, control and surveillance centers. JYVSECTEC –program […]