Posts Tagged IT

Cybersecurity Terminology That Everyone Should Know

The following is a list of the top 50 cyber security terms that everyone should be familiar with: –

  1. Adware: Application or software displaying unsolicited advertisements on your devices.
  2. APT (Advanced Persistent Threat): Unauthorized user attacks and gains access to network or systems without being detected.
  3. Anti-Virus Software: Application program used to prevent, detect, mitigate and remediate malware.
  4. Authentication: A process ensuring, confirming, and verifying a user’s identity credentials.
  5. Back door: Secret method to bypass security and gain access to a restricted part of a network/system.
  6. Backup: To make copies of data stored on devices so as to reduce the potential impact of data loss.
  7. Baiting: Online baiting is facilitated by trapping any victim with fake incentives and profits/gains.
  8. Blackhat Hacker: Infringes laws and breaches computer security unethically for malicious purposes.
  9. Botnet: A group of internet-connected systems, including computers, servers, IoT, and mobile devices which are infected and controlled by a common malicious software operated by any blackhat hacker.
  10. Brute Force Attack: Repetitive successive attempts of various credential combinations.
  11. Bug: Error, fault, or flaw in an algorithm or a program resulting in unintended execution/behavior.
  12. Clickjacking: UI redressing attack creating invisible HTML page element overlaying the legitimate page.
  13. Cookie: Websites recognize users and devices keeping track of their preferences via stored cookies.
  14. Critical Update: A resolution software to address and resolve a high severity issue.
  15. Cyber Warfare: Cyber-attacks perpetrated by one digital entity against one/multiple other digital entities.
  16. Data Breach: A high-severity and a high-impact confirmed incident where a system or network data has been stolen without the consent and knowledge or authorization of the system’s or network’s owner.
  17. DDoS (Distributed Denial Of Service): A cyberattack aiming to disrupt an ongoing service by flooding it with malicious traffic from multiple sources or botnets affecting the availability of that service online.
  18. Deepfake: Videos that have human faces either swapped or morphed, leveraging AI algorithms.
  19. Exploit: Malicious code or script used to target vulnerabilities in systems and networks.
  20. Honeypots: Decoy networks or systems operationalized to lure potential attackers.
  21. Incident Response Policy: A plan stating the company’s response to any cyber security incident.
  22. Keystroke Logger: Software covertly logging the keyboard and mouse keys pressed/clicked in devices.
  23. Malware: Malicious software developed to cause damage to any target device or network.
  24. Malvertising: Using online advertisements and allied print management services to deliver malware.
  25. MFA (Multi-Factor Authentication): A security process where a user provides multiple authentication factors to identify themselves.
  26. Packet Sniffer: Software designed to monitor and record network traffic.
  27. Patch: A code applied after the software program has been installed to rectify an issue in that program.
  28. Penetration testing: Pentesting is the science of testing not only networks and systems but also websites and software to find vulnerabilities that an attacker could exploit.
  29. Phishing: Method to try and gather PII (Personally Identifiable Information) using deceptive emails.
  30. Pre-texting: Act of creating fictional narratives manipulating victims into disclosing sensitive information.
  31. Ransomware: Malicious software deployed to block access to devices until a sum of money is paid.
  32. Rootkit: A type of malware developed to stay hidden and persistent inside the hardware of devices.
  33. Security Awareness Training: Program aimed to improve end-user security awareness of employees.
  34. SOC (Security Operations Centre): Monitors digital activities to prevent, detect, mitigate and respond to any potential threats, risks, and vulnerabilities.
  35. Smishing: A type of phishing involving text messages to lure victims.
  36. Social Engineering: The art and science of manipulating people to disclose confidential information.
  37. Spear Phishing: Email-spoofing attack targetting a specific organization or individual to obtain PII data.
  38. Spyware: A type of software installing itself on devices to secretly monitor and report victims’ activities.
  39. Tailgating: Someone lacking proper authentication follows a legitimate employee into a restricted area.
  40. Trojan: Malicious software disguised as legitimate software to gain access to systems of target users.
  41. 2FA: A security process where a user provides two authentication factors to identify themselves.
  42. Virus: Malicious program on devices performing malicious activities without user’s knowledge & consent.
  43. Virtual Private Network (VPN): A software allowing users to stay anonymous while using internet services by masking/hiding their real location and encrypting communications traffic.
  44. Vulnerability: A vulnerability refers to a flaw in a system that can leave it open to attack.
  45. Vishing: A form of phishing to scam victims over the phone to gather PII data used for identity theft.
  46. Whaling: A type of phishing targeted at specific high-profile company leadership and management.
  47. Whitehat Hacker: Perform ethical hacking on behalf of legitimate entities and organizations.
  48. Worm: Computer program replicating itself to spread to other devices in the network.
  49. Zero-Day: A recently discovered vulnerability that hackers are using to breach into networks & systems.

Contact Centex Technologies at (254) 213 – 4740. for IT and Cybersecurity Solutions for businesses.

, , , , ,

No Comments

Technology In Cybersecurity

Cybercriminals are using multiple techniques to infiltrate targeted networks. Some of the most common methods used by cybercriminals are:

  • Man-in-the-Middle attacks – To eavesdrop on data conversations across different networks
  • Spying software – To track fingerprint movements on touch screens
  • Memory scraping malware on point-of-sale systems
  • Bespoke attacks that steal specific data

In order to manage these scenarios, firewalls, anti-virus measures and tool-based security approaches are no longer sufficient.

New age cybercrime problems require new age solutions. Some technologies that can help organizations in formulating an effective cybersecurity strategy are:

Context-Aware Behavioral Analytics

  • Problem: Over-whelming number of meaningless security alerts.
  • Solution: Sophisticated context-aware behavioral analytics helps in monitoring and identifying suspicious behavior. Examples of behavioral analytics approach include Bioprinting, Mobile Location Tracking, Behavioral Profiles, Third-Party Big Data, and External Threat Intelligence. The trick is to use data from all these techniques to arrive at informative decision.

Next Generation Breach Detection

  • Problem: Cyber criminals are using “zero day” exploits that allow them to establish a strong base and mine data in networks and systems for a long time (for example, target’s stolen credit card details can be used over a long duration).
  • Solution: A combination of technologies such as Machine Learning and Behavioral Analytics can be used to detect breaches and trace them to the source.

The next generation breach detection focuses on what will happen once the criminal is inside the system. Breach detection operates by identifying strange changes in big data to determine the presence of a criminal inside the network.

Virtual Dispersive Networking (VDN)

  • Problem: MiM attacks are cracking traditional encryption techniques to target intermediate nodes.
  • Solution: Employ Virtual Dispersive Networking to split a message into different parts, encrypt each part separately, and then route these encrypted parts over servers, computers and mobile phones. This helps in randomizing the paths the message will take while taking into account network issues such as congestion. This makes it easier to avoid cyber criminals lurking around to eavesdrop on transmitted data.

Smart Grid Technologies

  • Problem: Smart meters & field devices have increased the vulnerability of critical infrastructure.
  • Solution: Employing a range of new security measures and standards can help in tackling this problem. For example, some tools and strategies that can be implemented to protect energy sector include Padlock, Watchdog, SIEGate, NetApt, etc.

We, at Centex Technologies, assist our clients in formulating effective cybersecurity strategies. To know more about latest in cybersecurity technology, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Why Organizations Need Intent-Based Networking?

Intent-based networking or IBN applies deep intelligence and intended state insights to networking. These insights replace the need to manually configure the network. In general terms, the administrators can send a request with desired outcomes or intent to the network instead of coding individual tasks manually. The network’s software understands the intent and decides on the steps that need to be taken based on AI and Machine Learning.

IBN has some advantages over traditional and software-based networking which makes it an ideal choice for organizations. Following are some reasons why organizations need IBN:

Reduction In Manual Tasks: In the case of traditional networking, the administrator has to manually reconfigure every task with changing business needs. However, in the case of IBN, the administrator feeds the business needs to the network and the network analyzes these needs, verifies if a change in configuration will solve the need, suggests configuration options, and makes the required changes.

Faster Troubleshooting And Resolution: An intent-based networking system keeps on monitoring itself regularly. This helps in identifying any issues as soon as they arise. Also, IBN has the capability to repair itself without any human intervention using Machine Learning to find suitable solutions.

Reduced Risk Of Non-Compliance: Since the intent-based network is constantly monitoring and repairing itself, it ensures that the system is always in compliance with any policies set by the administrator.

Better Security: Looking for security threats is a part of regular monitoring conducted by an intent-based network. It monitors encrypted traffic as well to be aware of any possible threat. This results in immediate identification and containment of any security breaches to ensure data and network security of the organization.

Optimized Analytics: Understanding network performance is essential for making efficient decisions and predicting network outcomes for minimal risk. IBN regularly collects data about itself which can be used to deduce important information about network performance.

Rapid Implementation Of Business Goals Into Network Configurations: The main advantage of using intent-based networking is that it readily modifies the network configuration as per high-level business goals. The administrator can easily choose from vetted configuration options suggested by IBN saving the time needed for manual planning, testing, and configuration. Faster implementation of business goals into network configuration results in higher ROI.

For more information on Intent-Based Networking and why organizations need IBN, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Risks Associated With Cryptocurrencies

PDF Version: Risks-Associated-With-Cryptocurrencies

, , , , ,

No Comments

Advancements In Biometrics

Biometrics and secure digital solutions are evolving continuously with the increasing need for surveillance and security. Availability of greater computer processing power and sophisticated software algorithms have contributed towards the improvement of existing methods. These advancements have transformed the conventional ways of user identification and verification. The paradigms of next-generation biometrics have evolved in every aspect, from fingerprint scanning to voice recognition.

Major vendors are investing significantly in bringing advancements in biometric solutions. Technologies that are transforming our conventions are:

  • Phone ID and Voice ID: Combining phone ID and voice ID will not require the customers to enter personal ID or security numbers for completion of authentication. The unique enrollment process involves repetition of a short phrase to create a unique voice print. This proceeds with the need for customers to call from their registered phone numbers. This advanced technology comes with the ability to detect if user’s voice is being played on a recorder. The technology is a unique combination that offers the highest standards of security and also prevent fraud.
  • Facial Recognition For Airport Security: Advanced facial recognition play a vital part in ensuring safety and security. Thus, it has found an important application in airport security. There is an upcoming facial recognition technology at the airports that will ensure security in its highest standards. The security scanners, through which the passengers pass, will be equipped with an advanced biometric security system. With implementation of this technology, the passengers will not be required to print their boarding pass. This will facilitate paperless and self-boarding process.
  • Fingerprint Biometrics For Voter Verification Systems: Fingerprint biometric technologies are being implied to voter verification systems. These are developed to conduct elections in a peaceful and fair manner. This technology assists the authorities to verify and identify voters through fingerprints. It will reduce the chances of fraud, streamline the verification process and offer convenience to the citizens by reducing waiting times. This system will avoid the chances of multiple votes with different identities. Also, this will help in maintaining quality and confidentiality of data.
  • Cybersecurity With Biometrics: Improved biometric technologies provide new kind of digital identity data, ways to collect it and opportunities for its use. It greatly reduces the risk of unknown individuals attacking confidential data in different fields. Hence, biometrics will become an increasingly valuable tool for verifying identities in a deeply interconnected national security environment.

For more information on advancements in biometric industry, call Centex Technologies at (254) 213 – 4740.

, , ,

No Comments