Computer and Information Security
--Originally published at lazynesstothemax
So. Wireless Security is very important, you get me. Everything is wireless and we cannot everything if everything is not secure. You feel me. So…. how can we wireless secure? You may ask me.. then…
CHECK OUT THIS POST YOU DAMN FOOL AND GET EDUCATED!
https://rodolfopadro.wordpress.com/2016/11/24/wireless-security-for-newbies/
I collabed with Rodolfo Padró and created that beauty above.
--Originally published at lazynesstothemax
A very important part of our education in Information Security for us up and coming security experts is to learn about security countermeasures. A countermeasure is an action, process, device or system that can prevent or mitigate the effects of threats to our systems.
Countermeasures can take form of hardware, software or procedures. In these sense lets just list some possible countermeasures one can take against those meany mean threats out there in the world:
In the software department we can see countermeasure as:
In the hardware department, apart from preventing the IP address of all users visible in the internet, we can also do:
And finally procedures we can take countermeasures as.
There are also many particular scenarios that need special treatment, some of them are:
There are also many things that we may have missed, but for that we need to keep studying and researching the ever
--Originally published at lazynesstothemax
Network security is one of the application of everything we’ve learned so far. So … CHECK MY FRIENDS RODO POST!!!!! #panickingOfExcitement
Check his take on network security here: https://rodolfopadro.wordpress.com/2016/11/24/making-network-security-great-again/
--Originally published at lazynesstothemax
There are many risks in our imperfect Cyber Security world. The fact that technology only moves forwards and hackers innovate in the ways that they operate is good enough for us to know that our systems, our networks will never be absolutely safe. We need to innovate in our ways of protecting our systems too, but that will obviously take sometime. For the meantime we need to also prepare in case of an attack or a security leak. We need to be on a watch 24/7 for the integrity of our systems to be safe. That’s why we will talk about risk assessment and how can we prepare for the worst.
Risk assessment is the determination of quantitative or qualitative estimate of risk that is found in a well-defined situation recognized as a threat. In order to assess quantitatively a risk we are required to do calculations of two main components of said risk: the magnitude of the potential loss and the probability that the loss will occur. An acceptable risk is the risk that is well understood and tolerated. This risk may be allowed to exist because the cost or difficulty of implementing an effective countermeasure for that vulnerability exceeds the expectation of loss.
There are different ways to approach risk assessments and to prepare for these risk to happen. This is a list of steps that one usually takes to confront a risk:
--Originally published at lazynesstothemax
Hey Guys! I worked with Rodolfo Padró for our Information Security course on Ethical Hacking. Check out his blog on that subject on https://rodolfopadro.wordpress.com/2016/11/24/now-lets-talk-about-the-other-kind-of-hackers/
--Originally published at lazynesstothemax
In the world of Information Security, the ways the people with malicious intent operate constantly change as they come with new ways to attack and try to steal information from others. This requires IT experts to update their knowledge and methods to new ones that are able to keep up with the criminals out there lurking and seeking an opportunity to attack.
When it comes for a company to evaluate possible candidates to a Computational Security positions, certificates are an easy way to see if someone is capable of doing the job right. Companies need to protect their information and their system as best as possible and only the best candidate with the best certificates on his/her belt will be offered the position in order to get the job.
There are many certificates out there available and they are provided by universities, organizations like Cisco or Microsoft or by the government. In this post we are going to look at the best five security certifications in 2016 according to tom’sIT PRO website:
--Originally published at lazynesstothemax
Cyber security is a very important aspect in our systems, networks and data. When you want to become a security professional you will have the tools and knowledge to protect your systems but you will also be able to do harm to it and to other systems. Studying cyber computer is looking at the world as a criminal and then to learn how to defend yourself from these attacks. Therefore is it a delicate topic when you wonder if all hackers are security professionals or all security professionals are hackers. In the end, it is all about the person. Someone with good values and ethics will use his/her knowledge to do a good job and not harm anyone in the process.
All this said, Ethics is a very important part in the cyber security world. Companies go throw very rigorous processes in order to select a professional to work with sensible data. They will have very high standards in order to entrust their data to someone that will be able to access it and to “protect” it.
Ethics is something that we learn from an early stage of our lives. We cannot just go to a one day course to acquire good ethics. Our ethics are defined by our education provided by our parents and by our friends when we were young and still forming our character and acquiring values from society. So in conclusion, everyone has their own ethics, their own definition of what is good and what is bad. It is very hard to learn about the ethics of a person but very important if we are going to give that person access to data that cannot fall in the wrong hands.
When we are in the world of cyber computing, without considering our specific values and ethics,
--Originally published at lazynesstothemax
All cyber security programs or protocols follow three rules and have to address at least one of them. These are:
Security professionals, when creating a procedure, must consider them in order to successfully protect the computer, network or system they are working on.
As time goes on, hackers get more knowledge and tools that help them get access and alter data from the systems they attack. This may leave corrupted data or changed programs on their trail. This affects the functionality of the system as well as the safety and profitability of it. For that reason, Cyber integrity is very important, and a security professional has to have the tools and programs necessary to check if the programs weren’t altered or modified from a desired state to a non functional or not secure state.
There are different ways to attend this matter and to mentions some of them, there is the inventory management, policy enforcement, backup and recovery, analytics and reporting.
Inventory management refers to have a monitored way of checking all files and programs and checking the creators, editors and dates that the file changed. This way you can have a closer look to the meta data of the files and know if there were unwanted changes or if files are missing.
Policy enforcement can refer to keeping good standards that apply to all files in order to know if the file follows said standards and can be considered as a good file and not an altered one by an unknown author.
It is good to always have backups of the state of the system, and if a node fails in the integrity standard then to restored it with a desired previous state.
It is always good and useful to have analytic tools that
--Originally published at lazynesstothemax
Cyber Security in short is the protection of computers, networks, programs and data that may be manipulated without authorization or with the intention of changing the access, destroying the integrity of the object or stealing information.
Nowadays internet security is becoming essential and not having a good and secure framework may tear down whatever system you may have and put your information at the risk of being destroyed or stolen by someone out there, maybe from the same city or from the other side of the planet.
For more information I did a more elaborate blog about this topic with a group of friends. You can find this post here.
--Originally published at lazynesstothemax
Malware comes from Malicious Software.This is a concept very common when we talk about Cyber Security. Malware is a program or a piece of code meant to do something bad to our system. Malware is made to harm the integrity of our system or to make it malfunction. When we talk about Malware there are many types of it, and there are as follow:
