How to verify whether a website is legitimate or not?:

lunes, 27 de noviembre de 2017

Over 20520 internet domains seized for selling counterfeits

Over 20520 Internet domains kind of:

(Disclaimer: the below FAKE websites are still active, do browse them under your own risk. This is just information to show some examples of the kind of domains being seized)


have been seized for selling counterfeits. Its one of the biggest hit against online piracy. This massive operation was a joint investigation by Europol´s Intellectual Property Crime Coordinated Coalition (IPC3), the US National Intellectual Property Rights Coordination Centre and law enforcement authorities from 27 EU Member States and third parties facilitated by INTERPOL.

Europol and the European Union Intellectual Property Office (EUIPO), the last with headquarters in Alicante (Spain) continued to join efforts in 2017 by successfully supporting many high-priority investigations related to online crimes, providing training related to online investigations, and organizing  a conference on Innovative strategies for Effective Enforcement in Antwerp, Belgium, on 19-20 September 2017.

I was invited by Europol to the mentioned conference and had the honour to host a workshop to show how OSINT tools such as can help to gather intelligence about counterfeit-related websites.

Europol is doing a great work by dismantling not only cybercrime groups but also migrant smuggling networks, child abuse photographers and many more organized crime groups.

miércoles, 8 de noviembre de 2017

CISSP: Decertification notice

CISSP is despite its detractors the undisputed king of InfoSec certifications. 6 years ago I wrote a blog post about "how to get ready fast for the CISSP exam". In order to get this certification you need to invest a good amount of time, to have experience in the field and money". The same does apply to maintain it once you have it.

Some days ago I did receive a mail from ISC2 as the below:

Subject: (ISC)? Decertification Notice 
02 Nov 2017

Member ID:

Expiration Date:
31 Jul 2017
Termination Date:
01 Nov 2017
Dear Jose Casbas, 
The purpose of this notice is to provide information regarding the status of your (ISC)2 certification.
According to our records, your CISSP credential was terminated effective 01 Nov 2017 because of Unpaid Annual Maintenance Fees.

Because the CISSP is a federally-registered certification mark, you may no longer use the CISSP designation in any form. For example, you may not use CISSP after your name, on printed materials and you may not display the certificate itself, wear the CISSP lapel pin or imply in any way that you are presently certified. Continued use of the CISSP designation is unauthorized and an infringement of the CISSP mark.

To be certified again, you must sit for, and pass the examination again. However, in order to do so, you must pay any outstanding AMF and late fees before registering for the exam. You may also be subjected to a $35USD reinstatement fee upon successfully passing an exam and requesting reinstatement of your credential.

If you have any comments or questions, do not reply to this email. Please email [email protected].

(ISC)2 Member Services

The process to do the payment and submit the CPEs regularly is a bit painful. If you don´t take care of it you will receive a notification like the above. Personally I found it quite rude, and the fact that you need to sit for, and pass the examination again to be certified got me puzzled.

I decided to look in Twitter and I found some dudes proud to receive such notification and even some felt liberated. Personally I thought is a pity to lost something you have dedicated effort and it has proven value on your career, hence I decided to send an email to the mentioned address asking for a soft solution. And I got it.

Advice: After receiving such notification, you have two weeks buffer to call them directly and to redeem your fees through the phone. There is no need to sit and pass the examination again.