When first discovered in 2010, the Stuxnet computer worm posed a baffling puzzle. Beyond its unusually high level of sophistication loomed a more troubling mystery: its purpose. Ralph Langner and team helped crack the code that revealed this digital warhead’s final target — and its covert origins. In a fascinating look inside cyber-forensics, he explains… Continue reading Ralph Langner: Cracking Stuxnet, a 21st-century cyber weapon
Intrusion Prevention System To Detect BotNet
The second half of the year 2010 saw stuxnet all over the news. Stuxnet, a cyber worm, is believed to be the world’s first publicly identified known cyber weapon. Such worms are designed to destroy the control system in a factory, refinery or even a nuclear power plant. Computers are infected with such worm through… Continue reading Intrusion Prevention System To Detect BotNet
Face Recognition Systems For Facility Access
Identity card issued by the employer is the typical mechanism to identify an employee. However, verifying each and every card presented by personnel requires a dedicated person or an automated system. Credentials, such as an identity card, are more effectively verified using an automated system. However, most of the verification systems are incapable of verifying… Continue reading Face Recognition Systems For Facility Access
He will be an Engineer!!!
Secure Mobile Device For Enterprise
With the introduction of cool mobile devices available for the corporate world, executives feel their existing blackberry out of fashion. For a while, blackberry devices ruled the corporate world for mobile communications. They are efficient and highly secure. Blackberry security is still considered the gold standard for enterprise mobile communications. However, with generation Y taking… Continue reading Secure Mobile Device For Enterprise
Fraud Using Facebook
Ever found your bank statements on Facebook? How about your health records and business plans? That’s what happened to a friend-of-friend of mine. My friend found her friend’s family pictures, health records, business plans and bank statements on Facebook. The friend-of-friend engaged me to help her out from this as she had no clue how… Continue reading Fraud Using Facebook
Risk Based Authentication
The technique that uses both contextual and historical user information along with data supplied during an internet transaction to assess the probability of whether a user interaction is authentic or not is called risk based authentication. Traditional username and password along with information such as who the user is, from where the user is logging… Continue reading Risk Based Authentication
Biometrics Authentication
Passwords and personal identification numbers (PIN) are information that we need to remember since the day we started interacting with digital systems. Do we know the count of passwords we need to remember? Do we know if we forgot a password already? Some of these passwords also known as passphrase are long to remember that… Continue reading Biometrics Authentication
Disk Overwrite or Wipeout Best Practice
An online search shows majority of tools available for wiping out data on a disk points to a practice of 7 wipes. They believe that it is a US DoD requirement. Some of them support the Gutmann method of 35 wipes. However, I could not find any documentation on US government website that indicates seven… Continue reading Disk Overwrite or Wipeout Best Practice
Authentication – Level of Assurance
Authentication is the process of confirming an entity’s identity based on reliable credentials. The process and the technology involved in authentication varies with various level of assurance required from the entity. Authentication Level of Assurance can be defined as the authentication strength required for a relying party to be assured that an entity is indeed… Continue reading Authentication – Level of Assurance