Welcome to Dancho Danchev's Section

Dancho Danchev is an independent security consultant that has extensive experience with security practices such as -- penetration testing, malware, risk management, and strategic security consultancy.

He is also an event marketer for the DallasCon security event, a consultant at WindowSecurity.com, as well as a member of the Bulgarian Association for Security, ISECA.

Besides his active contributions to the scene, Dancho is also involved in business development, marketing research, and PR activities for numerous organizations, both security, and new media ones.

Dancho is currently maintaining a blog on information security, is working on a ROSI model research initiative, as well as on his Web 2.0 contribution.

He has had professional involvement, or made personal contributions to the Bulgarian Philatelic Association, an anti-trojans vendor, Frame4 Security Systems, and HiComm Magazine, among the many other part-time, or freelance projects he's been working on during the years.

Dancho can be contacted at dancho DOT danchev AT hush DOT com.

Dancho Danchev's Latest Contributions

Phishing Metamorphosis in 2007 - Trend and Developments: Date - Dec 12, 2007; Section - Articles / Content Security (Email & FTP); An account of various trends and developments that phishers embraced during 2007, and what are the driving factors behind the huge percentage increases in phishing emails during the year.
Popular Spammers Strategies and Tactics: Date - Nov 14, 2007; Section - Articles / Content Security (Email & FTP); An assessement of several different recent spam campaigns, demonstrating the key concepts spammers use, and providing concise strategic advice on how to undermine their current model.
Malware - future trends: Date - Jan 31, 2006; Section - Network Security Library / Network Security; Malware has truly evolved during the last couple of years. Its potential for financial and network based abuse was quickly realized, and thus, tactics changed, consolidation between different parties occurred, and the malware scene became overly monetized, with its services available on demand.
Passwords - Common Attacks and Possible Solutions: Date - Jan 07, 2005; Section - Articles / Authentication, Access Control & Encryption; Making sure authorized users have access to either sensitive company information or their personal e-mail can be a dauntning task, given the fact that an average user has to remember at least 4/5 passwords, a couple of which have to be changed on a monthly basis. The majority of users are frustrated when choosing or remembering a password, and are highly unaware of the consequences of their actions while handling accounting data. This article will provide you with an overview of how important, yet fragile, passwords security really is; you will be acquainted with different techniques for creating and maintaining passwords, and possible alternative methods for authentication, namely Passphrases, Biometrics and Public Key Infrastructure(PKI).
SecurityTalk with K Rudolph, CISSP: Date - May 03, 2004; Section - Articles / Misc Network Security; The SecurityTalks is an initiative aimed at providing the scene with the worlds' leading security experts' thoughts on various information security issues, in a way much different than the usual, small and concise interviews you are used to seeing.
Malware - It's Getting Worse: Date - Mar 18, 2004; Section - Articles / Viruses, trojans and other malware; The recent MyDoom Worm successfully infected enough victims in order to shut down SCO's web site, followed by new variants that targeted Microsoft's web site. This paper isn't intended to discuss the motives of the author, instead it will help you understand how worms enter your network, how you can block them before they even reach your internal network, and how to act in case they get in.
Reducing "Human Factor" Mistakes: Date - Jul 23, 2003; Section - Articles / Misc Network Security; Nowadays companies and organizations face the problem where massive attempts at illegal intrusions hit their network on a daily basis. In spite of the latest technological improvements in security, it's still the network users who are often unknowingly inviting security breaches through carelesnes and a lack of awareness. This paper will try to summarize various mistakes done by system administrators, company executives and of course the end users, and will also provide you with useful strategies that will definitely help you reduce or completely eliminate the mistakes.
Building and Implementing a Successful Information Security Policy: Date - Jun 25, 2003; Section - Network Security Library / Policy & Standards; Most recognize the necessity of having a security policy, but designing and successfully implementing one throughout your organization can be quite an intimidating task. To take the pain out of this process we are providing you with one of the most comprehensive guides on the design and implementation of an effective security policy for your company. To make this guide available to the entire community we have opened web distribution rights, allowing you to freely host this guide on your website and share it with colleagues.
Building and Implementing a Successful Information Security Policy: Date - Jun 19, 2003; Section - Articles / Misc Network Security; Most recognize the necessity of having a security policy, but designing and successfully implementing one throughout your organization can be quite an intimidating task. To take the pain out of this process we are providing you with one of the most comprehensive guides on the design and implementation of an effective security policy for your company. To make this guide available to the entire community we have opened web distribution rights, allowing you to freely host this guide on your website and share it with colleagues.
The Complete Windows Trojans Paper: Date - Jan 24, 2003; Section - Network Security Library / Trojans; The Complete Trojans Text is a paper about Windows Trojans, how they work, their variations and, of course, strategies to minimise the risk of infection.