Idigital Classroom
By Joy Alatta
Idigital ClassroomMar 16, 2021
Basic Principles of Information Security
Information is the lifeline of an organization. Think about what blood does to a human being. That is actually how the data and information that flow through our network is importance for our organization. Data and information are essential in our private lives as we monitor our homes using remote cameras. We want to know where our kids are, what they are doing, or where they are hanging out. We want to know where our vehicles are parked and the things happening around them. So, the information we are tracking must be secure because it can be compromised if it is not secure. And if it is compromised, it would not serve the purpose for which we need the data or information.
Identifying the IT Infrastructure for IT Security
As you can see in today's world, so many devices are now classified as a computer. In the past, people think that the computer is the big bulky device you see on tables in many offices and organizations. You are right. Those devices are still considered computers. However, many other devices are now behaving and acting the same way those computers act. There are several devices that make up the Information Technology infrastructure for a business or an organization, even for individuals. In today's world, people store their files and their digital assets in the cloud, and some use data centers. Some companies manage data in the cloud. IT infrastructure could be your computers, your tablet, your PC, or even your smartphone. Then there are the servers which are used as storage facilities. You think about the various devices you use for communication as computing infrastructure. Also, information technology is what we used to carry out or perform job tasks...More
Use Defensive Cybersecurity to Mitigate Cyber attack
It is essential to understand what could go wrong in a system and to use mitigation action to protect the system from potential threats. In recent weeks you may have heard of an incident that explained why there is a need to take a defensive approach to protect your digital assets and infrastructures. The incident is that of Kaseya. Wired.com reported that the Kaseya was warned by the Dutch Institute for Vulnerability Disclosure that there was a potential vulnerability in its system. In this case, Kaseya did not ignore the warning, but Kaseya did not move first to patch up the exposure...More
The Human Factor in a Ransomware Attack Part-2
Kaspersky Lab conducted a study to determine what role employees play in a business's fight against cybercrime. The study used over 5,000 businesses around the globe and found out that (52%) of the businesses surveyed believed they are at risk from within and that their employees either intentionally put the businesses at risk or are put the businesses at risk through carelessness or lack of knowledge.
The question that comes to mind after reading that report is why employees are responsible for so many security breaches? Is it fair or proper to say that employees are lazy? Or that they do they just not care what risk they expose their employer?
What do you think of the result of that report?
The Human Factor in a Ransomware Attack Part-1
Ransomware is a type of malware that creeps into a network, scans the network to identify targets, and then uses encryption to seize all or some parts of the network. Thus, the victim's information is held at a ransom. After encrypting the files, the attacker becomes the only one with the decrypting key. In a network that experienced a ransomware attack, the system owner will not be able to have access to the files, databases, or applications. The attacker then resumes operation by demanding ransom.
Ransomware works by spreading across a network with the aim of paralyzing the network. In a ransomware attack, the attacker uses asymmetric encryption. Asymmetric encryption is a type of cryptography that uses a pair of keys to encrypt and decrypt a file. The pair of keys are a private and a public key, and the attacker uniquely generates both keys. The private key will be required to decrypt the files, and it may be nearly impossible to decrypt the files without the private key. Imagine a situation where someone creeps into your house, changes the locks on the doors, and sends you a message to pay some ransom before you get a key to unlock your home. Often, the attacker will contact the victim on how to pay a ransom to receive the private key with which to decrypt the files or seized assets.
Gathering Penetration Testing Intelligence from Network and Application Platform Configuration
Network configuration refers to the process of setting a network's controls, flow, and operation to support the network infrastructure of an organization or for an individual owner.
Components of a computing network include Internet/network protocols, software or application, firewall, routers, and others that perform related tasks. Most network configurations are designed to meet communication objectives. For example, the router is configured with the correct IP addresses and route settings to enable network connection and communication. Software is configured to monitor network-based activities and to detect intrusions to the network.
Network configuration can be manual or automated, but the primary importance is maintaining a network and making changes when required. Other aspects of network configuration include the ability to launch and relaunch devices, track and report data. An automated network manager can make the task of configuration management easier to perform...More
Security Implication Of Web Frameworks
Web application frameworks provide a structure for building and developing applications through the provision of predefined classes, modules, and functions. The predefined classes and modules help to manage system hardware, software and to manage the streamlining of the application development process. The framework in this discussion includes application frameworks such as Angular.js or Django and content management system frameworks such as WordPress.
Most web application frameworks use the model view control design pattern abbreviated as MVC pattern to provide structure to application development. The MVC pattern helps to ensure separate concerns for data, user interface, and input control...More
HOW TO USE COMMENTS AND METADATA INFORMATION TO GATHER INTELLIGENCE FOR PENETRATION TESTING
The head section of web pages contains troves of information that can be used to ensure that the site is efficiently crawled or positioned for search engine optimization. There is information about the name of the author, the description of the page, and the language used on the web page.
Some sites have information about the Twitter account, the URL address where the images are hosted, about other relevant URL addresses that are connected to the website.
I have viewed some source files that contained information about the forms and the input section of the form. For sites that use Google Analytics, you will see information about the Google Analytics account. Other types of information you may find by investigating the source file may include the name and type of third-party framework. All these types of information that I mentioned can provide a lead for a malicious hacker. If your web page reveals some of the types of information I mentioned here, you may need to take remediated action to ensure that no vulnerable information is exposed...More
How to Use Robots.txt File to Gather Intelligence for Penetration Testing
In the head section of web documents, there is meta-information used to describe the page, including helping search engines categorize the page. The meta-information that is of utmost importance to the discussion is the meta information for robots that refers to the robots.txt file.
The roborts.txt is a file that website owners use to inform web crawlers about their website, including information on what page to crawl and what page to ignore. According to Google, a good objective for a robots.txt file is to limit the number of requests made by robots to a website and reduce the server load. The importance of the robots.txt file to a pen tester is that the file is capable of providing information that can be used to identify vulnerabilities in the webserver. When such vulnerabilities are identified, the website owner can use the information to repair or patch up the vulnerability...More
Gathering Information for Penetration Testing Using Search Engines Discovery and OWASP ZAP
Using a search engine discovery is another great option for gathering intelligence about a penetration testing target. A search engine query can be direct or indirect. The direct method is where the search engine can be sued to dig into the indexes and contents from caches. The indirect method is where sensitive information such as the design and configuration of the website could be assessed by searching about the target in forums or social media sites.
To proceed with trying to understand how to find out of there is a sensitive design and configuration vulnerability in an application or a website, try to use some of the search engines such as Chrome, Baidu, Bing, Duck Duck Go, and Punkspider.
I advise that you try many search engines so that you can compare the information from each of them. The number of search engines that you decide to try will be determined by the amount of time that you have for the project...More
Penetration Testing Information Gathering For Web Server Fingerprinting
One of the available options is to gather information about the server is to understand the server configuration. This is referred to as web server fingerprinting. With the web server fingerprinting, the pentester tries to identify the type and version of the web server that a target application or website is using.
The information gathered from this type of test can be used to determine the type of potential vulnerability available in the target. Servers that are running outdated software are likely to be more prone to attack because an old version of the software may not have up-to-date security patches.
Knowing the server configuration will help the tester to search for any known vulnerability that may ultimately affect the security of a web application...More
Approaches to Penetration Testing
The need to discuss testing is borne out of the desire to ensure the safe and secure use of the software. Almost everyone that has access to the internet uses some software or the other. The pandemic era has even made the use of computer software more prevalent than any other time since the origin of the internet.
Some people might say that they are not security professionals and may not be showing interest in software security discussions. My response to such thoughts is that they need to develop and maintain secure software and applications through testing is not only the responsibility of security professionals...More
Tool Selection for Penetration Testing
There are several types of tools for penetration testing. The number of available tools is so many that it will be practically impossible to learn all of them. Using the wrong set of tools can be a problem because the pen tester would have wasted so much time trying to gather the wrong information. As a beginner, it may take some guidance to be able to select the right tool. A poorly planned and executed penetration tool is as bad as not acting to protect your systems.
There is no room for complacency in the cyber world. As the level of threats increases in the cyber world, so does the need to understand the most effective and efficient way to combat the threats. The type of tool you select for a Pentest may depend on your utmost objective...More
Planning for Penetration Testing
The decision to conduct penetration testing is an indication of the importance of risk management in any organization. It is a good professional practice to document security policies that outlines how penetration testing should be conducted and how it relates to different types of systems, such as servers, wen applications, laptops, desktops, tablets, smartphones, and numerous others.
Penetration testing is also referred to as ethical hacking. Though both refer to the same concept, there is a difference between the two. Penetration testing is performed on a specific information system or as a specific objective while ethical hacking has a more broad objective, which includes all other hacking methods, and other activities to combat and mitigate cyber-attack. You can consider penetration testing as a subset of ethical hacking techniques. It suffices to say that an ethical hacker needs to have a more comprehensive knowledge of the hacking methodologies than a penetration tester.
Penetration Testing as a Cybersecurity Survival Technique
Many organizations spend their IT budgets on the wrong technology infrastructure. Would you consider knowing where to spend your IT budget? Even when an organization makes the right expenditure on the right IT infrastructure, would it not be competitive to protect those infrastructures? What would your customers do if they have the slightest reason to believe that their personal information is not secure with your enterprise systems? I do not know of any organization that looks good immediately after a cyberattack.
I mentioned in the last episode on security challenges in eLearning systems that some organizations have a mandatory requirement to maintain a penetration testing procedure. The fact that your organization did not have a mandatory compliance requirement to conduct penetration testing does not mean that it is safe for your organization not to use penetration testing to verify its security defense. Penetration testing will enable an organization to learn and understand any vulnerability or potential vulnerability in their computing systems...More
Security Challenges In eLearning Systems
As eLearning is emerging as a good alternative for learning in situations where learners and instructors cannot meet in a physical location, the need to ensure confidentiality, integrity, and availability of eLearning systems are growing just as the demand for eLearning is growing.
Elearning depends on the internet and its availability and suffers the same potential threat as other online activities. However, the impact of a breach can differ from the use and the type of system. A breach in an eLearning system can have a far-reaching effect. Imagine a situation where a learner is locked out of an eLearning system on an examination day or a day for the submission of a critical assignment. Also, try to imagine where examination scores are compromised before the exam result is published. The security of eLearning systems is vital to user trust and acceptability...More
Challenges of Social Engineering
Social engineering has been described from many perspectives, but it is not a new concept. Social engineering refers to a deceptive activity that is used to trick a victim or a person into taking certain actions that may be beneficial to the attacker and detrimental to the victim.
Social engineering has been used all the ages in human history. All throughout history, there have been cases of human hacking where a person has been deceived into taking an action that is for another person’s benefit.
You may ask, what is the connection between social engineering and human vulnerability? Human behavior such as a human impulse or sudden desire to take action irrespective of whether the action could have a detrimental effect on the actor is fueling social engineering...More
ONLINE SECURITY AND PRIVACY FOR ELEARNERS AND REMOTE WORKERS
Using the Internet can be very interesting, exciting, especially for new users. There are many exciting things to do online. The excitement of using the Internet can be marred by malicious hackers and other groups that want to collect personal information about online users. Though some organizations use some of the information they collect about on web users for personalization and recommendation of services, some others collect your information to sell it on the dark web. They collect information about your browsing habit and your scrape your entire digital footprint...More
Responsibilities of Web Users in a Digital Society
Competency with the use of technology is essential, but it is also essential to understand how to behave in a digital society.
The explosive use of the internet and social media has created enormous opportunities for users to express themselves in unprecedented ways. Though all the innovative ideas of sharing content are exciting, there are associated risks in terms of Privacy and abuse...More
Challenges and Benefits of Elearning and Remote Work
The COVID-19 pandemic has created an unprecedented challenge that forced learners and several other institutions to move to the virtual world. Many learners woke up one day and realized that the physical classroom has suddenly moved online due to Covd19. Challenges of sudden migration to remote work and remote learning are not only felt by the learners and employees. Some organizations complain about how to coordinate users in an online community setting and some others complained about how to reach out to users in diverse continents on time zones.
0q91BYnTvOAjT1iqP16R