- Details
- Written by: Meena
- Category: Cybersecurity PRISM
What is ICS?
ICS is actually a class of some digital devices....
There are number of digital devices which are used in modern 'INDUSTRIAL' processes.
Whether it is your Critical Infrastructure at nation-level (e.g., Power Grid, Water Treatment, Dams, Railways, etc) or your own manufacturing unit or many other large applications, they are using the following types of devices:
- Details
- Written by: Meena
- Category: Cybersecurity PRISM
If you ask me, What is Hacking...
I would say that it is possibly an act of 'compromising' networks and digital devices though UNAUTHORIZED access to a computer system or an user account. But it does not necessarily need to be malicious only.
The general impression of the word is that it is illegal activity and results in data theft by cyber criminals, as they misuse devices, e.g., computers, smartphones, tablets and networks to cause damage to organisations, or to corrupt systems, gather users information, steal data and documents, or to disrupt data-related activities. This makes people imagine that there is a lone rouge programmer who is highly skilled in coding and modifying computer hardware/software.
However, this view is too narrow. Because it does not let them think of the true technical nature of hacking as a SKILL. There is a very high degree of skills involved into it, as hackers are capable of launching highly sophisticated attacks using various stealthy methods which are designed to go completely unnoticed by network security software and IT professionals. Hacking by it very nature, is a multibillion-dollar industry with extremely sophisticated and successful techniques.
Sometimes, there are politically motivated hackers—or hacktivists too, who aim to raise public attention by leaking sensitive information, such as Anonymous, LulzSec, and WikiLeaks.
Here are 2-strange facts about illegal hacking (Source: Fortinet):
- Details
- Written by: Meena
- Category: Cybersecurity PRISM
Just suppose you join a new company and they provide you a username and password (plus, MFA) to access their dashboard. When you enter your login credentials, you are presented with a dashboard. What you see at your dashboard is an assortment of so many applications which you can use, e.g., Salesforce, Gmail, Box, Expensify, Jira, AWS, etc.
You would know by your own experience that each of those applications should require you to enter separate user login credentials. But here in your dashboard, when you click on any application, you access it directly and the corresponding interface opens right in front of your eyes, without asking you to enter any login username or password of sorts of things.
You would be wondering, "What's the hack?"
Nothing. It's SAML in action...
-
What is SAML?
- Details
- Written by: Meena
- Category: Cybersecurity PRISM
Very much like our world where some people strive for peace and others who strive for chaos around, our cyber world 'Internet' is also a grave battle-field. So many parties, nation-states, and people are constantly engaged in cyber-warfare against each other.
The ever-persistent cyber-warfare, forced Information Security guys to hunt for some ideas and they picked one idea from 'Military' terminology, i.e., DMZ (Demilitarized Zone). The demilitarized zone is an area that sits between two areas controlled by opposing forces or nations.
In military terms, a DMZ is a place in which two competing factions agree to put conflicts aside to do meaningful work. For example, a land strip like this, separates the Korean Peninsula, keeping North and South factions at bay.
-
What is DMZ Network?
- Details
- Written by: Meena
- Category: Cybersecurity PRISM
A firewall is a device which has the capability of protecting company's computers, servers, systems and the critical assets from all sorts of threats.
It can be a single device or a combination of systems that is capable of supervising the FLOW of traffic between distinctive parts of your network. A good firewall is capable of protecting your systems and network from external threats, but also from the internal threats. Of course, you need protection at each level of the hierarchy of your networking systems.
A firewall is a device or a combination of systems that supervises the flow of traffic between distinctive parts of the network. A firewall is used to guard the network against nasty people and prohibit their actions at predefined boundary levels.
- Details
- Written by: Meena
- Category: Cybersecurity PRISM
Let us assume that you are using an anonymity or privacy service...
It is extremely important for you that all the traffic that is originating from your computer/laptop is routed through the anonymity network (VPN). You would usually take this aspect granted...
What if your traffic is leaking outside of the secure anonymity network (VPN)?
If it is happening, then any adversary who is monitoring your traffic will be able to log all of your online activity. And, it is a nightmare!
-
What is DNS Leak?
- Details
- Written by: Meena
- Category: Cybersecurity PRISM
What is AAA?
Here AAA stands for Authentication, Authorization, and Accounting.
AAA is a security framework that controls access to computer resources, enforces policies, and audits usage. The combined processes of AAA framework play a major role in your network management and cybersecurity, by screening users and keeping track of their activity while they are connected to your network.
You whole Identity And Access Management (IAM) is the product of this framework.
Read more: What is AAA Framework? Importance of AAA to Network Access Control.....
- Details
- Written by: Meena
- Category: Cybersecurity PRISM
What is Data Governance?
Most enterprises worldwide have fully acknowledged that their data is a strategic asset of the company to guide strategic decision-making, promote experimentation to learn and improve, and deliver better business results.
According to the Data Governance Institute (DGI), data governance is a system of 'decision rights' and 'accountabilities' for information-related processes which are executed according to agreed-upon models. Data Governance describes-- who can take what actions with what information, and when, under what circumstances, using what methods.
Gartner presents a macro perspective on Data Governance as it encompasses a collection of processes, roles, policies, standards, and metrics that guarantee the efficient and effective use of information, allowing an organization to reach its goals.
- Details
- Written by: Meena
- Category: Cybersecurity PRISM
What is an Attack Vector?
In the context of information security, an attack vector is a specific path, method, or scenario that can be exploited by attackers to break into an IT system, thus compromising its security. The term was derived from the corresponding notion of 'vector' in biology.
Hackers would use a number of vectors to launch their attacks on your IT systems so that they can take advantage of weaknesses of any given IT system. You are very much familiar with so many of attack vectors, e.g., malwares, viruses, malicious email attachments, malicious weblinks, pop-up windows, instant messages, social engineering, unpatched vulnerabilities, etc.
-
Types of Attack VectorsMost attack vectors can be classified in 2-categories:
Read more: What is an Attack Vector? Different Types of Attack Vectors.....
- Details
- Written by: Meena
- Category: Cybersecurity PRISM
Do you remember those times when IT companies used to release their Software or operating systems once in a while?
For example, there were considerable gaps of years between the releases of Windows 97, 98, NT, XP, Vista, Windows 7, 8, etc .
Similar practices were norm-of-the-day in case of all sorts of software/applications from most vendors...
It was so because it provided enough time for the code to go through quality assurance and security testing processes that were performed by separate specialized teams, whether internal or externally contracted. In those days, there were separate teams for 'development' of applications and 'testing' the security of those application, hence a longer software development lifecycle (SDLC).
But in last decade, there has been a considerable rise of public clouds, containers and micro-services model. The evolution of these, offered great opportunities for breaking large BIG applications down into smaller parts that can run independently.
As a result, this ability to break down the applications also had a direct impact on the way software is developed, leading to rolling releases and agile development practices where new features and code are continuously pushed into production at a rapid pace.
There is a growing use of 'automation' in these processes with the help of new technologies and tools. This is allowing software/application development companies to innovate faster and stay ahead of competitors.
By the time, a competitor is able to reengineer and replicate 1 of your new features, your development teams would bring 3-4 new features in the market. You competitor would be engaged forever in a chasing game...
This is nothing but what is called DevOps culture nowadays as seen in modern companies. Today most developers themselves can now provision and scale the infrastructure they need, without waiting for a separate infrastructure team to do it for them. All major cloud providers now offer APIs and configuration tools that allow treating infrastructure configuration as code using deployment templates. There is no need to go into those details here...
What is DevOps?
- Details
- Written by: Meena
- Category: Cybersecurity PRISM
What are IOCs?
These are known as Indicators of Compromise...
IOCs are a little different from Indicators of Attack (IOAs), IOCs focus on examining what happened after an attack has occurred, whereas IOAs focus on identifying the activity associated with the attack while the attack is happening.
IOCs are pieces of actual forensic data or artifacts, or remnant of an intrusion that can identify potentially malicious activity on your networks and systems. These are markers of 'unusual activities' and serve as RED FLAGS that indicate a potential or in-progress attack that could lead to a data breach or systems compromise.
- What is Point-of-Sales (POS) Security?
- What is Deception Technology? Honeypots Vs Deception Technology
- What is COBIT? Why is COBIT 2019 Important for You?
- What is Spam-Filtering? How do Spam-Filters Actually Work?
- What is a Ping Of Death? What can you do to Prevent Ping Of Death?
- What is Data EGRESS? 6-Best Practices to manage the menace of Egress.
- What is Web Application Firewall?
- The Secure VPN. How much safe your VPN is?
- What is a Man-In-The-Middle Attack? How can you Prevent Man-In-The-Middle Attacks?
- What is Reverse Proxy? How is it Different from Forward Proxy?
IT PANORAMAApplication Platform Optimization
|
CYBER WARRIOR'S
|
CERTIFICATIONSCCNA CCNP - Project & Assignment Help |
MANAGEMENT CONSULTANCYLean Six Sigma Certification Training LSS Black Belt Program (On-site) LSS Green Belt Program (On-site)
|
BLOGS |
CONTACT US
© 2013 Luminis Consulting Services P Ltd, IN |