• Search for:
    29Sep, 2022
    WHAT ARE THE DIFFERENT TYPES OF IT SECURITY?

    Since the beginning of the 21st century, the concept of Information Technology (IT) has shifted significantly. To the average person, IT no longer means possessing the capability to simply search the web using keywords, neither does it focus only on clunky desktop computers. With technology’s evolution, IT has expanded to include numerous subsets — from programming to engineering to security to analytics and beyond.

    The “information” aspect includes far more than obtaining sensitive data or protecting it. Systems now possess the capabilities for complex queries, extrapolating data, predicting future events, and even advising officials. This access and wealth of knowledge inevitably led to the expansion of the IT security field. Are you familiar with the basics of cybersecurity? Read on to learn about the different types of IT security and how you can protect your business.

    IT Security versus Cybersecurity

    Although closely related, IT security differs slightly from cybersecurity. IT is broader in nature and focuses on protecting all of an entity’s data — whether that data be in electronic or a more physical form.

    For example, IT security would encompass securing keypads that allow access to a room full of data files.

    Cybersecurity tends to focus on criminal activity facilitated specifically through the Internet. In many cases, such criminal activity affects an entities electronic data and daily operations.

    Despite the slight differences, IT security and cybersecurity roles and frameworks often overlap. If a business has both an IT and cybersecurity department, the precautions of one department will likely parallel those of the other. Regardless, it’s worth understanding the general differences and similarities before considering the various categories of IT security.

    In general, IT security includes databases, software, applications, servers, and devices. In order to ensure protection, IT security also includes the concept of information assurance. Information assurance refers to the acronym CIA – confidentiality, integrity, and availability.Assess your IT Security

    What Are the Types of IT Security?

    Depending on which experts you ask, there may be three or six or even more different types of IT security. Each security expert has their own categorizations. Furthermore, as networks continue to expand with the cloud and other new technologies, more types of IT security will emerge.

    However, for the most part, there are three broad types of IT security: Network, End-Point, and Internet security (the cybersecurity subcategory). The other various types of IT security can usually fall under the umbrella of these three types.

    1. Network security 

    At its simplest, network security refers to the interaction between various devices on a network. This includes the hardware and the software. Network security, according to SANS Institute, strives to protect the underlying networking infrastructure from unauthorized access, misuse, malfunction, modification, destruction, or improper disclosure, thereby creating a secure platform for computers, users, and programs to perform their permitted critical functions within a secure environment. One of the major goals is to prevent unauthorized personnel or device access.

    For thorough network security, start with configuration. Make sure that from the get go all device configuration incorporates reasonable preventative measures. Next, put in place a detection system. For example, detection software analyzing logins could check for irregularities. Finally, set up response protocol for if and when a breach occurs. This will ensure smooth communication and hopefully minimize the damages of the network insecurity.

    Some common methods of network protection include two-factor authentication, application whitelisting, and end-to-end encryption. Additionally, using a security framework, such as NIST’s cybersecurity framework, will help ensure best practices are utilized across industries. Whether the framework is more cybersecurity or IT based is a marginal concern, the key is to have some set of guidelines to follow when setting up or improving security operations.

    2. End-Point Security

    Another key to IT security focuses on the devices involved. It is crucial to verify that only authenticated devices access the system or data. In other words, endpoint security targets security threats from a device-level viewpoint (e.g., laptops, cell phones, tablets). Each new connection on an entity’s network widens then the threat intelligence field.

    End-point protection software may include privileged user control, application controls, data controls, intrusion detection, and encryption. Encryption ensures the integrity of data being transferred, while application security controls protect against dangerous downloads on the user’s end. Furthermore, security departments typically install such software not only on the device in question, but also on the company’s server. When a security update occurs, the central server pushes the update to all end-point devices, thus ensuring a certain level of security uniformity. Likewise, having a central sign-in page allows enterprises to monitor who logs on and tracks any suspicious behavior.

    3. Internet Security

    Internet security, as noted above, tends to fall under the name of cybersecurity. It deals largely with the transit of information. For example, imagine you send an email, and while that message is in transit, a third party sweeps in and takes it before the message is delivered to its intended recipient (i.e., man-in-the-middle attack). Such hijackings are just one of many examples of crimes regarding the Internet. In such a case encryption serves as one method of defense, making any stolen information significantly less valuable to the perpetrator.

    In particular, Secure Sockets Layer (SSL) and Transport Layer Security (TSL) are forms of encryption and authentication commonly used by business for their online platforms. They create public and private keys when interactions with customers take place, ensuring the integrity of the data during transactions. Sites using such encryption methods will usually have https in the address bar along with a small lock icon. Other common security measures for the Internet include firewalls, tokens, anti-malware/spyware, and password managers.

    Beyond network, end-point and Internet security, the introduction and expansion of the cloud and the extensive application market also warrants attention. Cloud security parallels on premise security procedures in that the goals are generally the same – to protect stored date and data in transfer. The main difference lies in the expansion of the security “border.”

    With the widened perimeter to protect, Redhat suggests a layered approach, taking the time to build in security defense in layers (e.g., encryption, multi-factor identification) at every level of the cloud (i.e., hosted resources delivered to a user via software). If not building an internal/company cloud, cloud providers also offer different security tools and protective measures. In either case, cloud management plays a key role in securing Internet infrastructures.

    Checklists for IT Security

    Understanding the different sectors of IT security helps significantly when trying to organize a strong defense against intruders. However, like most defense strategies, the plan will vary depending on the resources available.

    Consequently, below are two separate checklists – one for small businesses and one for larger entities. Many of the smaller business recommendations apply to larger firms as well. Even if the checklist seems overwhelming at first, the goal is to take tangible steps to further bolster security. Such checklists help overcome the information overload of simply reading about best practices and current security concerns.

    For Small Businesses:

    Although small and large companies both struggle with internal breaches, smaller companies tend to have more vulnerabilities to such kinds of attacks. For example, an employee unwittingly downloads a malicious link for a supposed free vacation on a company computer. It’s easy to make such mistakes when you don’t know what you are looking for. However, because smaller companies often lack the resources to quickly combat and rebound after the attack, they must put in more effort to combat internal security risks. So what can small to medium companies do?

    1. Educate employees 

    Make sure to create an IT security plan and disseminate it to all employees. For example, education awareness training policies should include password guidelines, external download procedures, and general security practices. It’s crucial to know why your team needs cyber security education.

    Likewise, draft a policy directed at vendors or contractors. Even though it expands the security policy boundary, including vendors and contractors is vital, as consumers will likely still blame a small company for a breach even if the vendor was actually to blame. Having a clear third-party cyber risk assessment policy will assist entities facing repercussions in the aftermath of a security breach.

    Additionally, small businesses should outline clear physical security measures to protect customer information, such as locking filing cabinets and keeping private information well out of reach of any wandering eyes and restricting physical access to cardholder data.

    2. Data Redundancy 

    First, analyze how information is stored. Is critical information stored in only one location? If yes, consider how this information would be affected in the event of a ransomware attack.

    Ransomware could cripple a business if data is only stored in one central location. Storing essential data backups (i.e., what is needed for minimum daily operations) in secure off-site location will ensure operations do not completely halt if a hacker or malicious code compromises a system. Furthermore, such backups should be updated on a regular basis. However, if storing data off-site, it is again important to verify such off-site servers and equipment is secure (e.g., utilizing encryption).

    3. Hardware and Internet Security 

    Make sure company computers update whenever new security patches become available. Password management requirements should also be outlined in the company security policy. For example, encourage employees to use passphrases or complex passwords and to change them from time to time.

    If passwords are difficult to remember, consider using a password manager. ConsumerAdvocate.org published a list of top password managers for 2019. Also, install anti-virus software and establish a procedure for downloading/installing new software. For the Internet, monitor internet connection points and consider using a virtual private network (VPN). Lastly, invest in Internet intrusion software.

    4. Upkeep 

    Put in place an audit system to test your cyber incident response plan, review current security status, and evaluate if any areas need improvement. Auditing every six months is a general good practice for small entities.

    For Larger Entities:

    Larger entities tend to deal with more extensive or sophisticated attacks. Such attacks center on the field of cybersecurity. A 2017 Clutch large business survey found that phishing proved the most common type of attack followed by Trojans.

    General concepts apply to large businesses as well – inform employees, monitor compliance, and enforce security policies. However there are some scenarios unique to larger enterprises.

    1. Remote work policies 

    Larger companies increasingly offer the option for employees to work at home. Not only is this option cheaper for them, as it reduces overhead costs, but it also appeals to both young and old workers (e.g., less time in traffic appeals to older generations and less traffic is better for the environmental which appeals to younger generations). However, remote work expands the threat environment and makes it more difficult for IT departments to control.

    There are a few steps every company can take to improve the safety of remote work.

    First, educate employees on the difference between suspicious emails and password protection. Likewise, emphasize the importance of utilizing a work computer only for work; the more programs (not work related) downloaded onto the computer, the more vulnerable the machine becomes.

    Second, provide a VPN for remote workers to help mitigate Wi-Fi breaches of your WiFi security having been krack’d and install the ability to remotely wipe the computer in the event the device falls into the wrong hands.

    Lastly, take advantage of cloud computing. Using the cloud offers another layer of security as cloud service providers, like Amazon and Google, have significant resources to allocate for securing their cloud platforms.  

    2. Investing in new technology

    Bigger companies have a greater number of employees to monitor and often locations to secure. Consequently, they will have to invest in more extensive defense mechanisms. Using automated security tools will reduce the manpower needed for constant monitoring. For example, the Open Web Application Security Project (OWASP) provides a list of viable web application security scanners. Other useful tools include penetration(e.g., AttackIQ FireDrill) and intrusion testing (e.g., Bricata) software.

    Needless to say, there is a plethora of advanced cybersecurity software available to help companies protect their assets, but companies must first understand the validity of investing in such tools.

    Resource : https://blog.rsisecurity.com/what-are-the-different-types-of-it-security/#:~:text=What%20Are%20the%20Types%20of%20IT%20Security%3F%201,system%20or%20data.%20…%203%203.%20Internet%20Security

    29Sep, 2022
    Information Security Javatpoint

    What is the Information Security Javatpoint?

    Javatpoint is a Java-based web application that enables users. Also, it is to access Java tutorials, API documentation, code samples, code golf, and programming contests.

    Javatpoint can be accessed by typing http://javatpoint.com in your browser or through the Java SE Downloads page. If you are using Linux or Mac OS X you will have to download the Java Runtime Environment at first. 

    Javatpoint provides you with the best-in-class features and experience. This website provides detailed information about Java technology. You can also access tutorials, API documentation, code samples, code golf, and programming contests here. 

    Javatpoint is the official website of Oracle Corporation. Also, Javatpoint provides tutorials that help you to learn about Java technology. You can also access API documentation, code samples, code golf, and programming contests here. 

    The Javatpoint site is accessible from any computer via the Internet. However, if you are behind a corporate firewall or proxy server, you may need to enter a special URL to access Javatpoint. 

    Goals and Visions

    Javatpoint is the official website of Oracle Corporation. Also, Javatpoint provides tutorials that help you to learn about Java technology. You can also access API documentation, code samples, code golf, and programming contests here. 

    Javatpoint provides you with the best-in-class features and experience. This website provides detailed information about Java technology. 

    You can also access tutorials, API documentation, code samples, code golf, and programming contests here. Also, the Javatpoint site is accessible from any computer via the Internet. 

    However, if you are behind a corporate firewall or proxy server, you may need to enter a special URL to access Javatpoint. 

    Features and Benefits

    Javatpoint is maintained by a team of Java experts. Also, this website contains detailed information about Java technology. 

    You can also access tutorials, API documentation, code samples, code golf, and programming contests here. Also, the Javatpoint site is accessible from any computer via the Internet

    However, if you are behind a corporate firewall or proxy server, you may need to enter a special URL to access Javatpoint. 

    Javatpoint provides you with the best-in-class features and experience. This website provides detailed information about Java technology. You can also access tutorials, API documentation, code samples, code golf, and programming contests here.

    Information Security Javatpoint: Challenges

    If you want to use Javatpoint, you need to open your browser, type the URL in your address bar, and press enter. Also, if you want to use Javatpoint, then you need to open your browser and type http://javatpoint.com in your address bar.

    However, in some situations, you need to enter a special URL to access Javatpoint. You will get this special URL when you try to access Javatpoint from behind a corporate firewall or proxy server. 

    Accessing Javatpoint via Corporate Firewall or Proxy Server

    There are many corporate firewalls or proxy servers that can cause problems when you try to access Javatpoint from the Internet. 

    If your company has a firewall or proxy server, you need to enter a special URL to access Javatpoint from the Internet. Otherwise, you will get a blocked page. 

    Conclusion

    Javatpoint is a Java-based web application that enables users. Also, it is to access Java tutorials, API documentation, code samples, code golf, and programming contests.

    Javatpoint can be accessed by typing http://javatpoint.com in your browser or through the Java SE Downloads page. If you are using Linux or Mac OS X you will have to download the Java Runtime Environment at first. 

    Resource : https://www.information-security-today.com/information-security-javatpoint/

    28Sep, 2022
    GIFShell, a New Tool to Abuse Microsoft Teams GIFs

    A new attack technique, GIFShell, has surfaced that allows an attacker to abuse Microsoft Teams. The attackers can use this technique in phishing attacks and execute commands using GIFs.

    How GIFShell works?

    The new attack has been discovered by a security researcher who found various flaws in Microsoft Teams and chained them together for various attack scenarios, including data exfiltration, command execution, security bypasses, and phishing.

    • The main component is GIFShell which allows the creation of a reverse shell. 
    • This delivers malicious commands using Base64 encoded GIFs in Teams and steals output via GIFs from Microsoft’s own servers.

    Since the data exfiltration is performed by leveraging Microsoft’s own servers, it is challenging to identify the traffic and differentiate it from the legitimate Team traffic.

    Scanning via reverse shell

    To create the reverse shell, the attacker has to convince a user to install a malicious stager that executes commands and uploads command output through a GIF URL to a Microsoft Teams web hook.

    • To begin, the attacker fools a targeted user into loading a malware executable stager on their systems that will regularly scan the Microsoft Teams logs at a specific location.
    • All messages received on Teams are stored in these logs and are readable by all Windows user groups, thus, accessible by malicious files or malware on the system.
    • Once the stager is placed, the attacker creates its own Teams tenant and contacts other Teams users outside of the organization, as external communication is allowed by default in Teams.

    Malicious code execution

    To initiate an attack, the attacker uses the GIFShell Python script to send a message to a Team user with a specially crafted GIF.

    • This GIF image is a legitimate image file, modified to include commands to run on the target system.
    • This message within the GIF gets stored in the Team’s log files and is scanned by the malicious stager monitor, which executes the commands on the device.
    • The GIFShell PoC takes the output of the executed commands and converts it toBase64 text. The stager leverages this text to create a GIF file and keeps that as a Microsoft Teams Survey Card.
    • The attacker creates a URL request for a GIF, which is the same name as the GIF file created by the stager.
    • Upon receiving this request, Microsoft attempts to retrieve the GIF file, and eventually delivers the GIF (created by stager) carrying the sensitive information.

    Closing lines

    The GIFShell attack has been successfully demonstrated by the researcher by displaying a possible scenario of exploitation. After being contacted by the researcher, Microsoft claims to have left a door open to resolving these issues and stated that these vulnerabilities may be fixed in future versions.

    https://cyware.com/news/gifshell-a-new-tool-to-abuse-microsoft-teams-gifs-65cebdad

    28Sep, 2022
    Technical Analysis

    What is Technical Analysis

    Technical Analysisis a method of analyzing securities such as stock, commodities, etc. in order to forecast the direction of pricing by studying past data such as the price and volume. It focuses on how stick prices are moving and how powerful these moves are. Technical analysis is based solely on the data generated by the market and by the actions of people in the market. Data are never revised later. Analysts do not make any guesses on the value of the data. It is based on the premise that people will act in similar ways when faced with similar conditions.

    But to be more pragmatic, it is a tool used to make investment decisions. It helps assess risk and reward. And it can assist investors in allocating their resources among stocks, sectors, and asset classes.

    Factors upon which Technical Analysis is dependent upon

    The above picture depicts the factors upon which Technical Analysis is dependent upon.

    What Technical Analysis is not?

    Technical analysis is not predicting the future of an endorsement or criticism of any company. There is an element of prediction and judgment as it attempts to find the probability of future action of a company’s stock but not the company itself that is under scrutiny.

    Also, this analysis does not give an absolute prediction about the price movement but helps the investors and traders anticipate what could likely happen and accordingly take an investment decision.

    What is a chart?

    Technical analysis has been a bit of a mistake as it’s not that technical. Though there are complex mathematical tied to it but at its core, it is the method of determining if a stock or market as a whole is going up or going down. What we need to do in order to identify these trends is simply looking at a chart. Now let’s understand charts and how they help in Technical Analysis.

    A chart is a tool both investors and traders use to help them determine whether to buy or sell the stock-bond commodity or currency. As mentioned bar charts summarize all the trading for any given time period such as a day or a week when all those summaries are plotted together trends emerge and patterns form – all revealing where a stock is right now and how it got there. After all, knowing a stock is trading at a price of 50 is not of much help but knowing it was at 45 last month and 40 the month before gives us a good idea that it has been a bullish trend.

    Charts are where perception meets reality. For instance, a stock may look cheap according to an analyst’s calculations based on projected future earnings, but if there were no demand for the stock it is simply not going to go up.

    Some analysts look at a chart and simply draw an arrow on the actual data plot if the arrow is pointing up they know the trend is up and vice versa.

    On the charts, we look at what is happening right now and how it came to be. From there we make an educated guess about the future, but the goal is not to predict where prices will be in a year. The real goal is to determine what we do about it right now. If we decide to buy based on a chart, we will already know what has to happen to prove us wrong and that helps us limit losses.

    Understanding Each Part Of Chart

    • Price

    Price action tells us what the supply and demand equilibrium is at any given point in time..

    • Volume

    Volume is very useful In determining whether a stock is cooling back in correction or changing direction. And another important use is is in the identification of both the final panic and initial surges as investor moods change from one extreme to another.

    • Momentum

    Momentum indicators quantify what the naked eye can tell us about the price action. Momentum In the market causes trends to stay in effect until halted by outside factors.

    • Structure

    The way price action is used on charts in twofold; either the stock in question is moving or is not. The former creates a trend either higher or lower the latter creates resting zones and further shapes of these resting zones give us clues as to when the next trend will be up or down. It is the structure of these ups downs and flats that is analyzed.

    • Sentiment

    The sentiment is the summation of all market expectations. It ranges from fear and hopelessness to indifference to greed and complacency. At the bottom of a bear market, the expectations of the participants are almost unanimous for a lower prices and more financial losses.

    What are the support and resistance?

    Support

    At some price level, a falling stock price will stabilize. Enough investors will perceive it to be good value and demand shares; while others will perceive the price to be too low for them to want to sell any more of their holdings.

    Resistance

    If a stock is trending higher it will eventually encounter price levels at which it finds resistance to its advance. Resistance is also another name for support because at those levels investors collectively decide that value has been reached and they sell their shares.

    Why use Technical Analysis?

    The next logical question that comes to one’s mind is what does technical analysis do? The answer to this is that it has the ability to recognize when a stock has reached support or resistance level or a shift in perception takes place can help investors take investment decisions i.e. to use:

    • Buy low, sell high approach or
    • Buy high, sell higher approach, or
    • Whether to buy the stock or not

    The ability to apply these aspects of the chart will reveal the market to investors when it is safe to buy a stock or not. Technical analysis is the only investment decision discipline that tells you when you are wrong to minimize losses.

    Note: Become a Technical Analyst
    Practice effective risk analysis and management. Practice effective risk analysis and management. Design and deliver creative solutions to your clients’ investment needs.

    Goals of Technical Analysis

    • Seeing where the stock is currently trading and figuring out how it got there

    This can be done by using charting tools such as the

    • Stock trends
    • Support levels
    • Resistance levels

    We also try to find out a pattern or a trend to help.

    • Determining the power of a trend

    This can be determined by looking at important technical concepts such as trading volume and momentum.

    • Making comparisons of the stock to the market, peer companies, and itself

    For this we look at the relative performances and moving averages (average prices over a defined period of time, usually 50-200 days)

    Criteria for Investment using technical analysis tools

    In looking for a stock, the following are the key technical analysis tools that should be met, not necessarily all bot most.

    • Trends and trendlines

    Trends can be classified in three ways: Up, Down or Range bound. In an uptrend, a stock rallies often with intermediate periods of consolidation or movement against the trend. In a downtrend, a stock declines often with intermediate periods of consolidation or movement against the trend. In  range-bound, there is no apparent direction to the price movement on the stock chart and there will be little or no rate of price change.

    These trends can be measured using trendlines. All we want is stocks that are in rising trends.

    • Support and Resistance

    This basically tells us what price levels are likely to bring put buyers or the sellers. Here we want to see that if the current price has either just moved through resistance or one that is far from the next resistance level.

    • Moving Averages

    They help in determining if the trend is turning, also it shows if the existing trend is progressing in an orderly manner or no. here we are looking at prices to be above-selected averages but not too far above them.

    • Relative Performance

    This divides the price of a stock by a relative market index or industry group. Here the theory is to find out if the ratio is going up the stock is outperforming the market and is thus a strong candidate for further gains and vice versa. Here we are looking for stocks whose relative performances are increasing.

    • Volume

    The number of shares traded and when (either when prices rise or when they fall). We basically analyze if buying is spreading to other investors and for urgency for all to buy when prices start to rise.

    • Momentum

    We want to know if the days when the stock rises outnumber those when it falls. If losing days are more and frequent then we can say the trend is weakening.

    • Sentiment

    It is to find out if everybody is thinking the same thing? Is it time to go the other way? Here we want to know what everyone is thinking about the same thing.

     A career in Technical Analysis

    Any person who enjoys working with numbers and is keen about statistics and capital markets may enjoy being a technical analyst.

    Technical Analyst Job Description

    Technical analysts study the trends and patterns of the stocks to make predictions about its future performance. They find out this sophisticated information to find out the best time and price at which to sell stocks. These professionals are often employed by finance and investment agencies, financial institutions, and brokerage houses.

    Technical Analyst Pre-requisites

    A bachelor’s degree in commerce major, like economics or finance, is required for a career in technical analysis. Some firms may require employees to have Master of Business Administration or master’s degrees in finance.

    Skills

    •  Critical-thinking
    • Analytical skills
    • Communication skills
    • Good in math’s and statistics
    • Experience working with computer spreadsheets
    • Knowledge of computer software programs

    Resource: https://www.educba.com/what-is-technical-analysis/

    27Sep, 2022
    4 ways passwordless improves security

    Passwords have not only become increasingly inconvenient for users, but they also create serious security concerns. Despite their vulnerability, passwords are still widely used and are even a top cause of breaches. Verizon reported that roughly 70% of network intrusions in 2021 resulted from compromised credentials. 

    As the stakes get higher, IT leaders are advocating for a passwordless future to become a reality.  A recent study revealed how reliance on passwords can’t sustain in the current business environment, including employees entering a password 12 times a day. In fact, 25% estimate they have input a password 20 times or more. Most troublingly, 94% of IT leaders are concerned about passwords, including 50% who worry they are too weak for security purposes.

    At the same time, IT departments are experiencing a 30% rise in password-related incidents. And their employees are suffering from lost productivity, wasting minutes or even hours a week entering and re-entering passwords. With new and advanced security options available, IT leaders recognize that the best password security might be one with no password at all.

    The solution most IT leaders favor is passwordless authentication, which is a more effective security mechanism to ensure only the right people have access to the right things and for the right reasons. The journey to passwordless is not short, but there’s a clear roadmap to reach that goal.

    1. Centralized authentication 

    Enterprises should start with the basics — centralized authentication based on username, password, and multi-factor authentication (MFA) to provide a single sign-on experience. It provides the framework needed for passwordless authentication. Multi-factor authentication requires users to verify their identities using two or more authentication factors, while two-factor authentication (2FA) requires just two factors.

    Passwords are often used as the first authentication factor, but that is not a requirement for MFA or 2FA. Authentication factors include:

    Knowledge = Something You Know (password, PIN, etc.)

    Possession = Something You Have (smartphone, key fob, etc.)

    Inheritance = Something You Are (fingerprints, retinal scans, etc.)

     As we phase out the password, three stronger authentication factors remain for MFA and 2FA. Minimizing reliance on passwords not only makes the network more secure, but it reduces calls to IT help centers for password resets.

    2. Risk-based MFA 

    Progress continues by phasing out passwords and adopting risk services and biometric authentication. Risk-based MFA, also known as adaptive MFA, dynamically assesses the risk of a given interaction based on various factors and adjusts the authentication process accordingly. 

    By looking at the context and behavior of the login attempt, bad actors using compromised credentials can be stopped before they gain access to an enterprise. Effective risk-based MFA also has intelligence based on machine learning so that the system will learn and therefore recognize normal behavior for a specific user and, conversely, flag abnormal behavior, which can trigger additional authentication requirements or, in extreme cases, block the access attempt.

    For example, if a user is logging in from a suspicious IP address and trying to gain access to sensitive information, additional authentication methods can be required before access is granted. Failure to provide the additional proof will cause access to be denied.

    By evaluating whether adequate security requirements have been met for each transaction and stepping up authentication when they haven’t, an additional layer of security protects data without introducing unnecessary friction into the process.

    Many companies use this step as a way to get to partial passwordless. There may be a password set for a user, but with proper risk-based MFA configuration, they can access resources using other authentication factors, and the password does not need to be entered.

    3. FIDO login

    The next step is to adopt standards-based authentication with Fast Identity Online (FIDO) and public key cryptography. Numerous organizations have joined together to form the FIDO Alliance to develop alternatives to passwords. FIDO is a set of open, standardized authentication protocols that use standard public key cryptography techniques to secure user authentication. 

    All communications are encrypted, and private keys never leave the user’s device, reducing the chances of someone discovering them during transmission. If biometric information is used for verification, it is also stored on users’ devices, making these authentication processes stronger and more secure. Users are able to sign on to a FIDO-enabled product or service using their preferred authentication method (fingerprint scan, entering a PIN, etc.) among the methods the product or service accepts.

    4. Passwordless achieved 

    The last step is to go fully passwordless by removing passwords from everything. Start with the account creation process. Rather than using passwords during account creation, use a fingerprint scan or other authentication methods.

    Identity proofing can also be part of your move to passwordless — at registration, during account recovery, or some other high-risk event triggered by a signal. Identity proofing is a method to provide extra assurance that the person registering is whom they claim to be, such as tying a selfie to a government-issued ID. Having the greater assurance that your users are whom they say they are, makes the transition to passwordless easier.

    Usernames and passwords can become a thing of the past, along with the security issues associated with them. Eliminating passwords eliminates the friction associated with creating, remembering, and resetting passwords. Because more secure authentication methods exist, the tools are currently available to reach your passwordless goal.

    Final Thoughts

    There is no one-size-fits-all approach to making a move to passwordless. Each enterprise must assess its current situation and proceed at its own pace. Finding an in-house champion and a passwordless partner to help can make the journey easier.

    Enterprises could also combine simple passwordless authentication flow with intelligent risk management services for even better security levels to create a great user experience with minimal security concerns. These ideas are just the tip of the iceberg. Much more is planned, and the future is bright for passwordless flows, which will someday be the most common way to authenticate users.

    Resource : https://www.securitymagazine.com/articles/98389-4-ways-passwordless-improves-security

    26Sep, 2022
    Benefits of Information Security

    Information security is more critical now than ever before. With the recent controversies surrounding data leaks that have taken place across the globe, there has never been a more pressing time for businesses to take steps to protect their data. In this article, we’ll explore some benefits of information security and some information about what’s happening in cybersecurity.

    Why you Need to be Concerned With Information Security

    Information security is the process of protecting electronic information from unauthorized access, use, or disclosure. Organizations must be concerned with various threats that could potentially impact their data and systems to maintain an effective information security program.

    Some of the most common threats to electronic information include:

    • Insiders who have access to sensitive data but may not have the proper permissions
    • Hackers who attempt to breach systems and steal sensitive data
    • Spammers who use unsolicited messages to spread malware or viruses
    • Extortionists who threaten companies with exposure of confidential information to extract payments

    The benefits of having an effective information security program are numerous. Some of the most significant include:

    • Reduced risk of data theft and loss
    • Enhanced protection against malware and viruses
    • Reduced reliance on third-party vendors and systems
    • Improved efficiency and productivity due to reduced vulnerability to cyber attacks

    The History of Information Security

    Information security has been around for centuries, with the first computer networks dating back to the 1950s. Information security is essential because it protects data and information confidentiality, integrity, and availability. Information security is also necessary to maintain an efficient business operation.

    There are many benefits of maintaining an effective information security program:

    1. It can protect your company’s assets from theft or damage.
    2. An effective information security program can help protect your company’s customers’ data from unauthorized access.
    3. A well-functioning information security program can help ensure that your employees are productive and safe while working with confidential data.
    4. An effective information security program can keep your company out of legal trouble.
    5. A well-functioned information security program can promote trust and faith in your company among customers and other businesses.

    The Five Risks

    Facing the risks of cybercrime is a daily reality for many businesses. Here are five key risks to consider when it comes to information security: 

    1. Data loss. Cybercriminals can steal or corrupt your data, seriously harming your business. Protect your data by using robust security measures and keeping up with regular updates.
    2. Business disruption. A cyberattack can cause significant damage to your business, including lost revenue and customer trust. Make sure you have robust security measures to prevent such an event from happening and quickly respond to any disruptions that occur.
    3. Legal liability. You could be held liable if someone suffers damages due to a cyberattack. Ensure your business is fully protected from legal liability by implementing sound information security practices.
    4. Risks to personnel. A cyberattack can also put your employees at risk, including those who handle sensitive data or operate systems on behalf of the business. Please ensure you have robust security measures in place to protect them from attack and that they are up-to-date on the latest safety precautions.
    5. Reputation damage. A cyberattack can tarnish your reputation, mainly if it targets your brand. A public cyberattack can substantially impact your brand and the importance of your company, products, or services.

    Benefits of Information Security

    Information security can help protect your organization’s data, technology, and assets from unauthorized access or theft. Here are some of the benefits of implementing good information security practices:

    1. Protects data: Data security protects confidential information such as customer records, business secrets, and trade secrets. It can also protect data needed to run your business, such as financial information and employee data.
    2. Protects technology: Good information security practices protect your organization’s computer systems and networks from unauthorized access, use, or disclosure. In addition, they can help prevent cyberattacks in which malicious actors attempt to damage or destroy systems or steal sensitive information.
    3. Protects assets: Security measures can help protect physical assets such as buildings and equipment from being damaged or destroyed by theft or vandalism. They can also help reduce the risk of fraud and other crimes by protecting valuable intellectual property (IP) and trade secrets.
    4. Reduces costs: Implementing good information security practices can often reduce the costs associated with incidents that result in data loss, system downtime, or fraud losses. In addition, it can help avoid costly lawsuits arising from incidents that do not involve data loss but do involve reputation damage and other costs.
    5. Enables compliance: Security can help organizations meet legal, regulatory, and contractual obligations. This is generally true of information security programs in any industry. Still, it is vital for financial institutions—such as banks, credit unions, and brokerages—that have a legal obligation to protect customer data and adhere to privacy laws.
    6. Improves efficiency: Information security improves operational efficiency by reducing the time spent responding to incidents, onboarding new employees, or accommodating system downtime by minimizing disruption.
    7. Increases employee productivity: Good information security practices enable organizations to work more efficiently and effectively by reducing wasted time and effort from system disruptions or malicious attacks.

    Cyber Security Career

    There are many reasons to pursue a career in information security, and cyber security is undoubtedly one of the most exciting and profitable options.

    Cybersecurity professionals work in various capacities, from developing and implementing effective computer systems security measures to providing customer support for online security concerns. The field is increasing, and there are many opportunities for career growth.

    The benefits of pursuing a career in information security include:

    • Competitive salary. Cybersecurity careers offer high salaries, especially if you have experience in a specialized area. The median annual wage for cyber security professionals was $86,030 in 2016, according to the Bureau of Labor Statistics (BLS).
    • Variety of career opportunities. Cybersecurity jobs range from development and management positions in government and industry to technical support roles. You can find the perfect position for your skills and interests by researching specific cybersecurity fields.
    • Good working conditions. Many cybersecurity jobs are highly technological, so you’ll enjoy excellent working conditions. Job stability is also high due to the need for specialized skill sets and the relatively small number of job vacancies.
    • Ability to work remotely. Many cyber security jobs allow you to work remotely, which can help you accommodate your family’s needs.
    • Career opportunities. Your career can take many paths, as cyber security has various areas to explore and grow. Whether you want to work in a governmental office or an industry leader, this field is growing and offers plenty of opportunities for advancement. The next time you look at an IT job advertisement, remember that cybersecurity jobs are nearly as good!

    Conclusion

    Information security is a topic that can be overwhelming for many people. However, there are some benefits to learning about and practicing good information security habits. By understanding the risks and taking steps to protect yourself, you can help ensure that your business remains safe and protected from potential damage. Thanks for reading!

    Resource : https://www.linkedin.com/pulse/benefits-information-security-reverse-lookup-services/

    26Sep, 2022
    ONLINE SAFETY CYBER SECURITY INTERNET PRIVACY

    What is Cyber-Security?

    Cyber-Security refers to the act of protecting and ensuring the safety of computer systems and electronic devices from targeted cyber-attacks, opportunist malware (- viruses, trojans and bugs) or accidental introduction of malware by users. The global scale of cyber-threats continues to rise rapidly. In the modern day and age, access to volumes of data has gained currency, and hence every year, numerous attempts are made to breach data, and/or sensitive, confidential or classified records to expose information for political or economic gains. Effective cyber-security practices as a countermeasure, thus have become important.  There are three types of cyber-threats –

    • Cyber-Crime: wherein single actors or group of actors target systems for financial gains or to cause disruption
    • Cyber-Attack: involves gathering information for political or economic means
    • Cyber-Terrorism: aims to undermine electronic systems with an intent to instill fear or to cause panic

    End-user Protection is an important aspect of cyber security. It is imperative to ensure that users are educated to protect their systems and themselves from cyber-threats. It is found that introduction to malware is (accidentally) often caused by users themselves. It is thus crucial that users are able to detect such malware, update their systems timely, and refrain from using unsecure networks.

    Cyber security issues in India

    India is home to a population which is rooted in diverse socio-economic backgrounds. As per the living standards of people, a wide range of devices are in use – from high-end secured electronic devices to low-cost mobile phones. This makes it difficult for authorities to set uniform legal and technical standards for regulating data-protection. Additionally, digital literacy and awareness among the population is also very low.

    Risks of harm and threats for Children in a Digital age

    Children and young people, globally, in an increasingly digitally connected world, are among the most active users of Internet and web-based services. It is estimated that 1 in 3 children worldwide use the internet, or, one can say that 1 in 3 internet users is a child under 18 years of age. Children tend to surf the web to access educational information and content for entertainment, to develop their digital skills to acquire new opportunities, or to maintain their online/digital identities and social relationships. However, increased access to information at various web-platforms also lead to increased exposure to materials which are neither age-appropriate nor suitable for children for viewing, and/or risks/threats that children face online. Owing to their young age and evolving development capabilities, children and young people are vulnerable to abuse and exploitation at the hands of cyber-predators and perpetrators.

     The COVID-19 pandemic, lockdowns and restrictions on mobility made digitization the need of the hour. Closure of schools and a shift from attending classes in person to technology-based remote learning through virtual/digital education platforms not only dehumanized learning environments and distorted social interactions for children, but also isolated them in navigating the digital space. This new development increased children’s exposure to internet, virtual/digital media, exponentially and brought forth additional stressors related to their safety and protection online, consequently impacting their mental health and well-being. In this changed paradigm, novel child protection concerns have emerged – such as – digital addiction, cyber-bullying, access to/exploitation for pornographic material, prevalence of Child Sexual Abuse Material online (CSAM) etc. Additionally, social media platforms, chat rooms, computer games etc. open a “Pandora’s-box” for children’s safety and security. Often, parents and guardians lack digital-literacy and in most cases are unaware of the ill-effects of such exposure on mental and emotional well-being of children.

    Resource : https://www.childlineindia.org/a/issues/online-safety?gclid=CjwKCAjw-L-ZBhB4EiwA76YzOT89IKxRC2LQJl1NKX3V5J5JIJ-4k1Ic9NXcn0k8IbBWR6l_h87Y9BoCGk4QAvD_BwE

    24Sep, 2022
    SEO poisoning campaign directs search engine visitors from multiple industries to JavaScript malware

    Researchers have discovered a high-effort search engine optimization (SEO) poisoning campaign that seems to be targeting employees from multiple industries and government sectors when they search for specific terms that are relevant to their work. Clicking on the malicious search results, which are artificially pushed higher in ranking, lead visitors to a known JavaScript malware downloader.

    “Our findings suggest the campaign may have foreign intelligence service influence through analysis of the blog post subjects,” researchers from security firm Deep Watch said in a new report. “The threat actors used blog post titles that an individual would search for whose organization may be of interest to a foreign intelligence service, e.g., ‘Confidentiality Agreement for Interpreters.’ The Threat Intel Team discovered that threat actors highly likely created 192 blog posts on one site. “

    How SEO poisoning works

    Deepwatch came across the campaign while investigating an incident at a customer where one of the employees searched for “transition services agreement” on Google and ended up on a website that presented them with what appeared to be a forum thread where one of the users shared a link to a zip archive. The zip archive contained a file called “Accounting for transition services agreement” with a .js (JavaScript) extension that was a variant of Gootloader, a malware downloader known in the past to deliver a remote access Trojan called Gootkit but also various other malware payloads.

    Transition services agreements (TSAs) are commonly used during mergers and acquisitions to facilitate the transition of a part of an organization following a sale. Since they are frequently used, many resources are likely available for them. The fact that the user saw and clicked on this link suggests it was displayed high in ranking.

    When looking at the site hosting the malware delivery page, the researchers realized it was a sports streaming distribution site that based on its content was likely legitimate. However, hidden deep in its structure were over 190 blog posts on various topics that would be of interest for professionals working in different industry sectors. These blog posts can only be reached via Google search results.

    “The suspicious blog posts cover topics ranging from government, and legal to real estate, medical, and education,” the researchers said. “Some blog posts cover topics related to specific legal and business questions or actions for US states such as California, Florida, and New Jersey. Other blog posts cover topics relevant to Australia, Canada, New Zealand, the United Kingdom, the United States, and other countries.”

    Furthermore, the attackers deployed a translation mechanism that automatically translates and generates versions of these blog posts in Portuguese and Hebrew. Some of the topics are highly specific and would lure victims from sectors that would be of interest to foreign intelligence agencies, for example bilateral air service agreements (civil aviation), intellectual property in government contracts (government contractors) or the Shanghai Cooperation Organization (individuals working in mass media, foreign affairs or international relations). The blog posts are not duplicates of other content from the web, which Google would likely catch and penalize in search results but are rather compiled from multiple sources giving the appearance of well-researched original posts.

    “Given the herculean task of researching and creating hundreds of blog posts, one may assume that many individuals are working together,” the researchers said. “However, this task may not be completely unfeasible for a lone individual despite the perceived level of effort needed to do this.”

    How TAC-011 and Gootloader enable SEO poisoning

    Deepwatch attributes this campaign to a group they track as TAC-011 that has been operating for several years and which has likely compromised hundreds of legitimate WordPress websites and may have produced thousands of individual blog posts to inflate their Google search rankings.

    Once a visitor clicks on one of the rogue search results, they’re not taken directly to the blog post but instead an attacker-controlled script collects information about their IP address, operating system and last known visit and then performs a series of check before deciding whether to show them the benign blog post or the malicious overlay that imitates a forum thread. Based on the researchers’ tests, users who received the overlay don’t get it again for at least 24 hours. Visitors using known VPN services or Tor are not directed to the overlay and neither are those using operating systems other than Windows.

    The zip file linked in the fake forum thread is hosted on other compromised websites that likely are controlled from a central command-and-control server. The researchers couldn’t determine what additional payloads Gootloader deployed on victim machines as these are likely selected based on the victim’s organization. The malicious JavaScript file also collects some information about the victim’s machine including the “%USERDNSDOMAIN% variable which could expose the internal corporate domain name of the organization.

    “For example, if a company with a Windows Active Directory environment and a computer logged into the organization’s network were compromised, the adversary would know that they have access to that organization,” the researchers said. “At this point, the threat actor could sell access or drop another post exploitation tool like Cobalt Strike and move laterally in the environment.”

    Mitigating SEO poisoning attacks

    Organizations should train their employees to be aware of these search result poisoning attacks and to never execute files with suspicious extensions. This can be enforced through Group Policy to force the opening of files with potentially dangerous script extensions such as .js, .vbs, .vbe, .jse, .hta and .wsf with a text editor such as Notepad rather than execute them with the Microsoft Windows Based Script Host program, which is the default behavior in Windows.

    Another non-technical guidance offered by Deepwatch is to make sure employees have the agreement templates they need available internally. Over 100 of the blog posts found on that one compromised sports streaming site were about some sort of business-related agreement template. Another 34 were about contracts. Law, purchase, tax, and legal were also common keywords. The fake forum thread technique has been in use since at least March 2021 and it still works, suggesting attackers still view it as viable and returning a high success rate.

    “Having a process where an employee can request specific templates may reduce their need to search for the templates and thus fall victim to these tactics,” the researchers said.

    Resource : https://www.csoonline.com/article/3674791/seo-poisoning-campaign-directs-search-engine-visitors-from-multiple-industries-to-javascript-malwar.html#tk.rss_all?&web_view=true

    20Sep, 2022
    Information Security vs Cyber Security: The Difference

    You’ll often see the terms cyber security and information security used interchangeably. That’s because, in their most basic forms, they refer to the same thing: the confidentiality, integrity and availability of information.

    But there’s a crucial difference between them that affects the way your organization operates. In this blog, we explain what information security and cyber security are, the differences between them and how they fit into your data protection practices.

    What is information security?

    Information is at the heart of any organisation, whether it’s business records, personal data or intellectual property.

    It can be kept in any number of places and can be accessed in many ways. You’re most likely to access data on your work computer or via paper records, but information can be found in many places.

    For example, data can be held on removable disks, laptops, servers, personal devices and physical records.

    It all needs to be kept safe, and the process of doing that is called information security.

    Specifically, organisations are protecting the confidentiality, integrity and availability of information.

    In this context, confidentiality refers to information being viewed by only by authorised parties, integrity to information being accurate, and availability to information being accessible when necessary.

    There are two sub-categories of information security. Organisations must protect physical assets including its premises, as well as anywhere else where sensitive information can be stored physically.

    The second sub-category of information security relates to the protection electronic information. This is cyber security.

    Examples of information security

    Information security covers any process or technology that’s used to protect the confidentiality, integrity and availability of information.

    This can include:

    • Anti-malware technology;
    • Information security policies;
    • Access controls;
    • Staff awareness training;
    • Data protection impact assessments;
    • Key cards to enter the office; and
    • Locks for cabinets containing sensitive information.

    What is cyber security?

    Cyber security is a particular type of information security that focuses on the protection of electronic data.

    It focuses on the measures that are used to prevent unauthorized access to an organization’s networks and systems.

    The term is often used to refer to information security generally because most data breaches involve network or system intrusion.

    Criminals are far more likely to compromise information with cyber attacks – such as malware intrusion or phishing scams – because it can be done online.

    Moreover, organisations typically store much more data online than in physical form, meaning there is more information to target. Additionally, technical vulnerabilities are easier to exploit and there is a much lower risk of being caught.

    As such, cyber security may only be one part of information security, but it is the most important.

    Examples of cyber security

    Cyber security covers any process or technology designed to protect electronic data. This can include;

    • Data encryption;
    • Passwords;
    • VPNs;
    • Spam filters;
    • Multi-factor authentication;
    • Secure code review; and
    • Anti-malware software.

    Where do cyber security and information security overlap?

    Although we distinguish between information security and cyber security in this blog, in practice there will be a significant overlap.

    For a start, any time of cyber security mechanism that’s designed to protect sensitive data can also be categorized as information security.

    Password-protecting a database, for example, protects the information held within but also prevents a cyber attack.

    There are also risks where physical and cyber security must be addressed. Take malicious insiders, for instance. Organizations must implement physical controls to prevent unauthorized personnel from reaching parts of the building where they shouldn’t be.

    This could be records room or a senior employee’s office where files might be left on the desk.

    But the organization must also consider the cyber security risks associated with this threat. Any digital records must be protected appropriately, such as with access controls or data encryption.

    Another overlap between information security and cyber security occurs with digital records that are held on physical devices – such as USB drives or laptops.

    Organisations must implement policies and processes to mitigate the risk of the device being used inappropriately. This could happen, for example, if an employee leaves their laptop unattended in an insecure location or if they used a removable device for personal and professional use.

    These measures should be complemented with cyber security mechanisms designed to protect the information on those devices. Organizations might encrypt sensitive files or implement a technology that enables them to remotely wipe a laptop if it’s lost.

    These are just a few examples. When you assess data protection risks, you will find countless instances where you must consider information security and cyber security.

    Resource : https://www.itgovernance.co.uk/blog/do-you-know-the-difference-between-cyber-security-and-information-security

    14Sep, 2022
    The Top Cyber Security Blogs and Websites of 2022

    If you work in the cybersecurity industry or are interested in pursuing a career in this vitally important field, it’s important to stay up to date on the latest trends and advancements.

    Must-Read Cyber Security Blogs

    1. Daniel Miessler
    @DanielMiessler
    An experienced cybersecurity expert, consultant and writer, Miessler takes a personal approach on his blog — greeting visitors with the words: “My name is Daniel Miessler… I explore the interesting and beautiful at the intersection of security, technology, and humans.” His offerings include curated newsletters, essays, podcasts and high-quality writing.

    2. Graham Cluley
    @gcluley
    A longtime industry expert who held senior roles with Sophos and McAfee before deciding to begin “working for myself” in 2013, one could say Graham Cluley is totally clued in to the cybersecurity scene — running a blog with an open, accessible style while continuing his work as a conference speaker, media pundit, podcaster and consultant.

    3. IT Security Guru
    @IT_SecGuru
    IT Security is a daily news digest of breaking news in the IT security industry. They offer articles, videos, webinars, analysis, case studies and even have a section devoted to the latest cybersecurity scams where they spotlight recent hacks.

    4. Security Weekly
    @securityweekly
    Featuring the work of industry veteran Paul Asadoorian, the blog features webcasts and a number IT Security video programs that you can listen to or watch on a number of channels including iTunes, YouTube, Google Play and many more.

    5. The Hacker News
    @TheHackersNews
    The Hacker News features the latest cybersecurity news and in-depth coverage of “current and future trends in Infosec and how they are shaping the cyber world.” Key areas of focus include data breaches, cyber attacks, vulnerabilities and malware. It claims 8 million monthly readers that include “leading security researchers, geeks, techies, business grads, CISOs, along with thousands of security professionals.”

    6. Infosecurity Magazine
    @InfosecurityMag
    Infosecurity Magazine has been delivering cutting-edge cybersecurity content to readers for the past decade, with both a print and online edition. In addition to its many articles, Infosecurity Magazine also offers regular (free) webinars, whitepapers and virtual conferences.

    7. CSO Online
    @CSOonline
    CSO provides news, analysis and research on a broad range of security and risk management topics. As its name suggests, it is geared toward enterprise security decision-makers and CSOs (chief security officers) as well as anyone interested in information security, identity and access management, loss prevention and more. It focuses on delivering “the critical information [needed] to stay ahead of evolving threats and defend against criminal cyber attacks.”

    8. The State of Security – Tripwire
    @TripwireInc.
    The State of Security offers news and opinions on the state of the industry, written by regular contributors as well as guest authors from throughout the cybersecurity industry. It is a past winner of “Best Corporate Blog” and “Most Entertaining Security Blog.” Here are its Top 10 posts from 2018.

    9. Troy Hunt
    @troyhunt
    A cybersecurity thought leader who travels the world speaking and training technology professionals, Troy Hunt is Microsoft Regional Director and Most Valued Professional (MVP) specializing in online security and cloud development. He also writes a blog with lengthy, comprehensive and thought-provoking posts.

    10. The Last Watchdog
    @byronacohido
    The Last Watchdog is written by Byron Acohido, a Pulitzer Prize-winning journalist, teacher and respected cybersecurity and privacy expert. His blog is video heavy and includes many interview-style posts as well as guest blog posts.

    11. Schneier on Security
    @schneierblog
    Bruce Schneier has been writing about security on his blog, Schneier on Security, since 2004. Dubbed a “security guru” by The Economist, he is a special advisor to IBM Security and the CTO at IBM Resilient, a Harvard fellow and the author of 13 books. Bruce Schneier knows security — and his blog proves it. This is definitely one to bookmark if you are interested in the security industry.

    12. The Akamai Blog
    @Akamai
    Akamai, a content delivery network services company, publishes The Akamai Blog — a compilation of news and perspectives from a host of technology and security professionals. Akamai describes itself as a “forum to discuss, share and reflect on the trends that are driving today’s businesses online.”

    13. Krebs on Security
    @briankrebs
    A former Washington Post reporter, Brian Krebs authors this in-depth blog covering security news and investigation. He is author of “Spam Nation” and has been profiled in The New York Times, Business Week and Poynter.org.

    14. Naked Security
    @NakedSecurity
    Published by Sophos, the Naked Security blog has won multiple awards for best corporate blog and best IT security blog among numerous others. The blog features multiple stories a day and covers every angle of computer security.

    15. TaoSecurity
    @taosecurity
    Written by Richard Bejtlich, TaoSecurity covers “digital security, strategic thought and military history” and specializes in Chinese online criminals. Bejtlich has authored multiple books on security. He is the Principal Security Strategist at Corelight Inc. and former Chief Security Strategist at FireEye.

    16. Dark Reading
    @DarkReading
    If you work in cybersecurity or have any interest in the field, you have likely visited the Dark Reading website. As one of the most popular websites among cybersecurity professionals, Dark Reading offers insight across a variety of topics from analytics and application security to mobile and cloud security, IoT and more. According to Dark Reading, “This is where enterprise security staffers and decision-makers come to learn about new cyber threats, vulnerabilities and technology trends.”

    17. PC World
    @pcworld
    PC World is a well-known online computer and technology magazine that offers news, reviews and how-tos, along with plenty of videos on topics that include not just PC-related issues but business and cybersecurity as well.

    18. Wired
    @WIRED
    Wired is another wildly popular website that covers an array of topics from business and culture to design, gear, science, security and transportation. Wired is popular not just with those in the cybersecurity world, but with anyone interested in how technology is affecting culture today. One of the site’s most interesting stories of 2018 was “The Untold Story of NotPetya, the Most Devastating Cyberattack In History.”

    19. CIO
    @CIOonline
    CIO is an online magazine geared toward those in technology and security leadership roles. Its Editorial focus includes content geared to helping C-suite executives confront the cybersecurity challenges faced by their organizations.

    20. CNET
    @CNET
    CNET is the go-to site for technology reviews, “how-to” tech content and the latest in tech news. They also have a shopping section on their site where they list the best deals on everything from TVs to laptops to web hosting. They also cover cybersecurity issues such as data breaches and defenses, and government efforts to establish a U.S. cyber doctrine.

    21. We Live Security
    @ESET
    WeLiveSecurity.com is an award-winning blog published by IT security firm ESET that features security news and insights from its researchers and security experts from around the world. Winner of the 2018 Best Corporate Security Blog award from InfoSecurity Magazine’s European Security Blogger Awards, it is a source trusted by journalists and industry experts for breaking cyber news. It also serves a as forum where some of ESET’s most high-profile cybersecurity discoveries have been published.

    22. Signal Magazine
    @signalmag
    Signal Magazine is truly one for the cyber security professional. It is the official publication of the AFCEA, a professional association focused on serving government and military since 1946. Signal produces a print and online magazine, a blog, newsletters, webinars, eBooks and more. Content is primarily focused around cyber, defense, homeland security, intelligence and technology — basically everything and anything security related.

    23. ThreatPost
    @threatpost
    ThreatPost is an independent news site that covers security from every angle. In addition to digital articles (here is its cybersecurity forecast for 2019), they are constantly publishing videos and podcasts as well.

    24. Computerworld
    @Computerworld
    Computerworld, which was established as a print magazine in 1967 and “went digital” in 2014, is now a global publication branded in 47 countries and a go-to for anyone in the tech world. The online magazine covers cloud computing, emerging technologies cybersecurity and much more.

    Resource : https://onlinedegrees.sandiego.edu/top-cyber-security-blogs-websites/