-
Metaverse security is a thing because security is still a thing…
With all this talk about the metaverse and Web3.0, it’s easy (always too easy it seems) for security to become an afterthought, instead of a before-thought, or even a during-thought. So, please. Let’s discuss METAVERSE SECURITY. Even if you still have no idea what the metaverse is or what the “Web 3.0/Web3” is, you must understand that being online on the Internet exposes you much like you are exposed the very moment you leave your house. Once you leave the domain and sanctuary of one’s home, we are exposed and take measures to mitigate risks and privacy. We wear clothing to protect us, yes, and also to shield our most…
-
What is a password manager and why do you need one…
I was speaking to a contact who is studying the cybersecurity industry and does not use a password manager. Interestingly enough, it’s actually a debate I’ve seen crop up a few times in cybersecurity circles. A password manager is an application to help your store and manage all the various usernames, passwords, URLs, what have you…that all come as a byproduct of the digital terrain that we are increasing surround by. I used to think “But MY password is unique! It’s not “password” or any of the typically mocked but often used, much maligned, stereotypical passwords. Oh, no. Mine was different and unique. And there are people who do this…
-
Security Engineering Analysis Framework Notes…
Good security engineering requires 4 things: Policy: what you’re supposed to achieve Mechanism–the ciphers, access controls, hardware tamper-resistance, and other machinery that you assemble in order to implement the policy. Assurance–the amount of reliance you can place on each particular mechanism. Incentive–the motive that the people guarding & maintaining the system have to do their job properly.
-
Security + Course Notes
Threats, Attacks & Vulnerabilities Malware Malicious software; Broad term; there are many kinds of malware. Viruses Cyrpto-malware Ransomware Worms Trojan Horse Rootkits Keyloggers Adware/Spyware Botnets How do you get malware? These all work together. A worm takes advantage of a vulnerability. Or, installs malware that includes a remote-access backdoor. Bot may be installed later. Your computer must run a program. Email link–Don’t Click Links! Web page pop-ups Drive-by download Worm Your computer is vulnerable Operating System–keep updated! OS & applications. Viruses & Worms Viruses–malware that can reproduce itself; it doesn’t need you to click anything; it needs you to execute a program; Just simply running a program can spread a…
You May Also Like
Physical Networking—NETWORKING ESSENTIALS—CompTIA A+ (220-1001) A-PLUS Certification Prep Course Notes
Modern Ethernet–The Physical Network–NETWORKING, SECURITY, & MORE ESSENTIALS—CompTIA Network+ (N10-007) NETWORK-PLUS Certification Prep Course Notes
Some Quick Notes On Python Syntax…
-
Current Events Breakdown: To unlock a terrorist’s iPhone, the FBI turned to an obscure company in Australia; a technique called an “Exploit Chain” was used.
So there’s quite a juicy, drama-filled story in the Washington Post that could be a Hollywood plot line about Apple, the FBI, a terrorist’s iPhone, and HACKERS!!! Azimuth Security, a publicity-shy company that says it sells its cyber wares only to democratic governments, secretly crafted the solution the FBI used to gain access to the device, according to several people familiar with the matter. The iPhone was used by one of two shooters whose December 2015 attack left more than a dozen people dead. So, yeah Azimuth is a hacking firm for the better good you can say. Azimuth is a poster child for “white hat” hacking, experts say, which…
-
Post-Quantum Cryptography: The Race Is On
Quantum computers and quantum cryptography have become hot industry buzzwords that are popping up more in the press. With that, the question becomes what happens to the security of our data covered by today’s pre-quantum cryptography technology? This Forbes article helps highlight solutions on the way in the race to post-quantum cryptography: The good news is that solutions are on the way. Recognizing the urgency of the task and the time needed to formulate, choose, standardize and deploy new systems, the U.S. National Institute of Standards and Technology (NIST) launched a Post-Quantum Cryptography (PQC) standardization process in 2016. In July 2020, NIST announced seven third-round candidates, covering both public-key encryption (PKE) and digital…
You May Also Like
Some Quick Notes On Python Syntax…
Network Monitoring–Advanced IP Networking–NETWORKING, SECURITY, & MORE ESSENTIALS—CompTIA Network+ (N10-007) NETWORK-PLUS Certification Prep Course Notes
Cabling & Topology–The Physical Network–NETWORKING, SECURITY, & MORE ESSENTIALS—CompTIA Network+ (N10-007) NETWORK-PLUS Certification Prep Course Notes
