cybersecurity

Let’s scan the vulnerabilities with perimeter scan

Are you under threats? Worried about your network security? I have another great way to secure your system from threats i.e. Perimeter scan. As the name suggests, it scans your network’s perimeter and any hollow spaces in your network from where any malicious threat can enter. Just take an example of your office. You always check whether you have closed down all the doors and windows and locked them before leaving. Am I right? We all do the same. In the same manner, perimeter scan does the work for us by checking all the corners and holes of the network…

Continue Reading

A guide to “WannaCry Ransomware”

Another name for WannaCry is “Wcry or Wannacrypt”. It is a ransomware worm that spread quickly from one computer to others by using Eternal blue. When it infects a computer network, it reaches the hard drive and encrypts files which become impossible for the user to access. To decrypt the files, a hefty payment is demanded in bitcoin. This ransomware consists of multiple components including an application for encryption and decryption, files with encryption keys, and a copy of Tor. Now, the question arises- Is paying the only option to decrypt the infected files? Well, it depends. If all the…

Continue Reading

Do you know your firewall?

A firewall is a well-known name in cybersecurity. It is a device that sits on a network and protects your system by preventing traffic from getting into your private network. Firewalls are basically of two types: Traditional firewalls Next-generation firewalls Let’s discuss both one by one- Traditional firewalls:- These block traffic based on the kind of traffic it is. To cite an example- traditional firewall can identify web browsing traffic or email traffic but it cannot identify traffic inside the traffic itself. Next-generation firewalls:- It is one step ahead of traditional firewalls. It detects malicious traffic and stops it to…

Continue Reading

Patch management for network security

Vulnerabilities in your system could be quite often. And, solutions to manage such threat are also in abundance but it is difficult to identify as which one is the best for those vulnerabilities. Today, I am going to discuss security management software called Patch management. A patch is a software update that contains computer code placed (or patched) into the code of a software program. Software developers release patches as temporary fixes in between full releases of new software. But, what are the reasons to release patches? First of all, a patch can fix a software bug, fix security vulnerabilities,…

Continue Reading

Everything about ‘IPS/IDS/FIREWALL’

Is IPS anonymous to you? Don’t worry! I am there for your help. IPS stands for “Intrusion Prevention System”. It is a part of network security by which potential threats or attacks can be identified and respond to them promptly. The IPS is also capable of handling the process of deep-packet inspection for patterns and anomalies that may indicate an attack. In addition to this, IPS monitor network traffic and is very quick in responding to malicious traffic while forwarding the needed traffic to the recipient without any delay. You might be thinking how does it work? Well, I have…

Continue Reading

One more threat with voice – ‘Vishing’

Vishing is formed as V+ Phishing = Vishing This V stands for Voice. Vishing is a term that is defined as the type of fraud in which voice is used to commit a crime like data access, identity theft, and hacking. You know that phishing is done through email but vishing is done via telephone. How it is done? Vishing is carried by using caller ID spoofing in which an attacker make a call and it appears as someone is calling from a legitimate phone number in your area code. As, people trust caller ID therefore, no one finds anything…

Continue Reading

Everything about ISAC and ISAO

What do you understand by the abbreviation ISAC? It stands for Information sharing and analysis center. It collects and shares the data of cyber threats to critical infrastructure and also between public and private groups. It came into existence in 1998 in the US with the motive to find US critical infrastructure vulnerabilities and facilitated the sharing of cybersecurity intelligence among various trustworthy firms within the industry and sectors. Apart from this, many ISACs are comprised of large organizations with a different set of priorities and challenges as compared to smaller organizations and entities. ISACs come with membership fees and…

Continue Reading

What to ask the management about cybersecurity policies?

Ways for approaching threat management are continuously changing due to an increase in the number of cyberattacks. Organizations constantly look for various strong measures to protect themselves and their employees from being the victim of these attacks. Can you imagine how much money do criminals earn through cybercrimes? It’s about $1.5 trillion as declared by one of the reports. By looking at the present scenario, many board meetings are being held in different countries to discuss cybersecurity and numerous attacks like a data breach, DDoS attacks, etc. Organizations are under pressure as to how well they are secured and covered…

Continue Reading

Cybersecurity Certifications In 2019s Market

Cybersecurity is becoming part and parcel of every business. If any business wants to survive in this digital world, then it must be protected from cybercriminals. This can only be achieved through cybersecurity. There are various tools and software that protect against theft or hacking. Nowadays, cybersecurity certifications are also in trend which gives the proof of being a professional who protects you from such malicious activities. Let’s have a look at these certifications below: Certified Information Systems Security Professional (CISSP) Some of you might be aware of CISSP which is an advanced-level credential. It is offered by the ISC2…

Continue Reading

A guide on types of VPNs, protocols and ciphers – Part 3

In our last part, we have discussed some of the protocols which can be used by the VPN clients. In this article, we’ll discuss the rest of the protocols and ciphers. Let’s begin with the other set of protocols. Layer 2 Tunnelling Protocol (LT2P) – This protocol helps in connecting you with other servers in your VPN. However, it needs the IPsec suite to encrypt and authenticate the traffic. It can encapsulate the data twice. Furthermore, LT2P/IPsec is a sensible choice for non-critical use given the number of various encryption protocols it can accept and supported by numerous platforms. This…

Continue Reading