Skip to main content

Information Security Overview in securetecho

Information Security Overview in securetecho

information security
  • Source code leaks accelerated malware release cycles                                                 Attackers create new variants of malware variants
     Contains new characteristics, signatures, evasive capabilities, etc.                      Anti-virus/anti-malware cannot d


    etect
  • Old school malware techniques made a comeback                                                      Anti-virus applications、IDS、firewall and cyber-crime techniques                    Forcing an attacker to use artificial and time consuming old malware infection and propagation techniques to evade advanced detection
  • Growth of 64-bit malware increased
  • Malware researcher evasion became more popular
  • Mobile SMS-forwarding malware are becoming ubiquitous
  • Account takeover moved to the victim's device
  • Attacks on corporate and personal data in the cloud increased
  • Exploit kits continued to be a primary threat for Windows
    Ex. window xp
  • Attackers increasingly lure executives and compromise organizations via professional social networks.
  • Java remains highly exploitable and highly exploited - with expanded repercussions.
  • Attackers are more interested in cloud data than your network.
  • The sheer volume of advanced malware is decreasing.
  • Redkit, Neutrino, and other exploit kits struggled for power in the wake of the Blackhole Author Arrest.
  • Mistakes are made in "offensive" security due to misattribution of an attack's source.
  • Cybercriminals are targeting the weakest links in the "data-exchange chain".
  • Major data-destruction attacks are increasing.

Essential Terminology

  • Hack Value: It is notion among hackers that something is worth doing or is interesting.
    information security
  • Vulnerability: Existence of a weaknessdesign, or implementation error that can lead to an unexpected event compromising the security of the system.
  • Exploit: A breach of IT system security through vulnerabilities.
  • Payload: Payload is the part of an exploit code that performs the intended malicious action, such as destroying, creating backdoors, and hijacking computer.
  • Zero-Day Attack: An attack that exploits computer application vulnerabilities before the software developer releases a patch for the vulnerability.
  • Daisy Chaining: It involves gaining access to one network and/or computer and then using the same information to gain access to multiple networks and computers that contain desirable information.
  • DoxingPublishing personally identifiable information about an individual collected from publicly available databases and social media.
  • Bot: A "bot" is a software application that can be controlled remotely to execute or automate predefined tasks.

Elements of Information Security

  • Information security is a state of well-being of information and infrastructure in which the possibility of thefttampering, and disruption of information and services is kept low or tolerable.
  • Confidentiality: Assurance that the information is accessible only to those authorized to have access
    information security
  • Integrity: The trustworthiness of data or resources in terms of preventing improper and unauthorized changes
  • Availability: Assurance that the systems responsible for delivering, storing, and processing information are accessible when required by the authorized users
  • Authenticity: Authenticity refers to the characteristic of a communication, document or any data that ensures the quality of being genuine
  • Non-RepudiationGuarantee that the sender of a message cannot later deny having sent the message and that the recipient cannot deny having received the message.

The SecurityFunctionality and Usability  Triangle

  • Level of security in any system can be defined by the strength of three components:
    • Functionality (Features)
    • Security (Restrictions)
    • Usablity (GUI)

Comments

Post a Comment

Popular posts from this blog

10 Best Ways to Track a Location by Mobile Number || Securetecho

Tracking a mobile phone's location through its contact number that might seem impossible at first, but it doesn’t have to be. It’s quite simple, there are two alternates to do so: 1)Using a mobile phone lookup service 2)Using a spy software In this paragraph, you will learn how to use it, and what to expect, and we will give you a list of the top 10 spy software in the market today. Numlooker - an excellent software for contact number tracking WhoCallMe - scan the deep web and conduct comprehensive social sites searches USPhoneSearch - includes all the basic features you need when tracking a contact number. USPhoneLookup - an excellent service that help you in finding out who is calling within minutes TheNumberLookup - allows you to instantly identify the caller and get access to all the available information about him. WhatIsThisNumber - the most standard and convenient reverse phone lookup service Spokeo - experience the expert service of phone lookup CocoSpy - access a phone mon...
Post a Comment
Read more

secure wifi/wireless networks in securetecho

How to Secure Your Wireless (Wi-Fi)Network in securetecho: Visit Timeshares Wireless Networking: Wireless Networking (Wi-Fi) has made so easy concept for anyone to use Internet on your computer, mobile phones, tablets and handholders other wireless devices anywhere in the house without the cables wires.With traditional wired networks, it is extremely difficult for anyone to steal your bandwidth/speed of the signals but the big problem with wireless signals is that others can access the Internet using your broadband connection even while they are in a neighbor or sitting outside your home. How to Secure Your Wireless Network: It is a great news that now it is easy to secure our wireless network, which will both prevent from others of stealing your internet access and will also prevent from attackers of taking control of your computers through the use of your wifi network. Here a simple few methods,with that you should to secure your wireless network: Step 1....
Post a Comment
Read more

Best Places to Visit in Ludhiana – Top Attractions for Every Traveler

Introduction 1. Punjab Agricultural University (PAU) Nestled in the heart of Ludhiana, Punjab Agricultural University (PAU) is a renowned educational institution with sprawling green lawns and beautiful gardens. The campus is a peaceful retreat and perfect for a relaxing walk. Don’t forget to visit the Rural Museum located within PAU, showcasing Punjab’s rural heritage and agricultural history. Keywords: Punjab Agricultural University, Ludhiana attractions, educational institutions in Ludhiana. 2. Gurudwara Shri Alamgir Sahib One of the most significant religious sites in Ludhiana is Gurudwara Shri Alamgir Sahib . Known for its historical importance, this Gurudwara offers a peaceful and spiritual experience. It's a must-visit for anyone seeking tranquility and insight into the Sikh heritage. Keywords: Gurudwara Shri Alamgir Sahib, religious places in Ludhiana, Sikh heritage. 3. Rural Museum The Rural Museum at PAU is a unique destination where you can explore the traditional r...
Post a Comment
Read more