Mengqi He

  • In a recent Computop report, a survey of over 1,900 consumers in the US and UK indicated that 71% of consumers would check that SSL certificates of ecommerce sites they shopped, and 61% would check the liability […]

  • Mengqi He posted a new activity comment 6 months, 2 weeks ago

    Both block and stream ciphers are symmetric cryptographic algorithms. The principle difference between stream ciphers and block ciphers is that stream ciphers work on streams of text, one bit or one byte at a time, while block ciphers work on blocks of text. The basic idea of a stream cipher is to divide text into small blocks, one bit or one byte…[Read more]

  • Mengqi He posted a new activity comment 6 months, 2 weeks ago

    Encryption is based on two principles: confusion and diffusion. Confusion means that the process drastically changes data from the input to the output. It refers to making the relationship between the key and the ciphertext as complex and as involved as possible. The principle of confusion can be (and must be) used to create difficulties for the…[Read more]

  • Mengqi He posted a new activity comment 6 months, 2 weeks ago

    Symmetric Encryption – Encryption methodologies that require the same secret key to encipher and decipher the message are using what is called private key encryption or symmetric encryption. Symmetric encryption methods are comparatively fast with few computational requirements. It uses mathematical operations that can be programmed into extremely…[Read more]

  • Mengqi He posted a new activity comment 6 months, 2 weeks ago

    BYOD is an increasing trend toward employee-owned devices within a business. BYOD increases productivity and flexibility through allowing employees to work using their familiar devices outside of workplace, and also lowers company’s acquisition costs. However, it also brings security issues such as data breach. For healthcare organizations, BYOD p…[Read more]

  • A recent research found gaping security holes in several SuperPAC public websites that may expose personal information of donors and other sensitive data. These vulnerabilities range from weak or nonsexist […]

  • Mengqi He posted a new activity comment 6 months, 2 weeks ago

    “How Businesses, Employees Can Navigate the Security Hiring Process”

    One of the greatest challenges for the cybersecurity of organizations are hiring the right talent to fight various threats. At Black Hat Europe 2016, experts discussed how organizations can manage the skills gap through best hiring practices and education. According to a sur…[Read more]

  • Mengqi He posted a new activity comment 6 months, 3 weeks ago

    As a IT security professional, I would be concerned with the threat from a pandemic, and I would put it in company’s continuity plan. A pandemic would be an economic disaster. It would have impacts on stakeholders, employees, partners, consumers, suppliers and communities, and thus disrupt company’s business operation and even the entire sup…[Read more]

  • Mengqi He posted a new activity comment 6 months, 3 weeks ago

    Desktop applications are installed on a personal or work computer desktop, while web-based applications can be accessed through the Internet. Desktop applications are more reliable because it does not rely on internet connection, and you can access an application as long as you have access the computer it installed, but it is very inconvenient…[Read more]

  • Mengqi He posted a new activity comment 6 months, 3 weeks ago

    Securing coding is the practice of developing computer software in a way that guards against the accidental introduction of security vulnerabilities. Secure coding practices, including security training and reviews, should be incorporated into each phase of the software development life cycle. Sample secure coding practices are:
    -Validate input.…[Read more]

  • Mengqi He posted a new activity comment 6 months, 3 weeks ago

    “This is why Apple’s MacBook Pro Touch Bar will take biometric security mainstream”

    Apple recently introduced its new MacPro with a touch bar at the top of the keyboard replacing the function keys. The touch bar enables touch ID and fingerprint authentication. Apples finally applied biometrics security to Macbook, and Macbook finally caught up…[Read more]

  • Microsoft has launched a new security program for its Azure cloud platform to help improve customer’s security when they are dealing with the IoT. It is a response to customer requests fro increased security a […]

  • Mengqi He posted a new activity comment 6 months, 4 weeks ago

    It’s very important for business to understand the difference between identity management and access management. Identity and access management (IAM) is the core of segregation of duties in IT governance. Identity management ensure that it is the “right person” accessing the data, while access management ensures that the identified right perso…[Read more]

  • Mengqi He posted a new activity comment 6 months, 4 weeks ago

    It is a common misconception that identity management and access management are the same thing. We usually put these two terms together when we discuss IT governance and segregation of duties, and there is also a term called identity and access management (IAM) which is a security discipline that “enables the right individuals to access the r…[Read more]

  • Mengqi He posted a new activity comment 7 months ago

    “’Root’ & The New Age of IoT-Based DDoS Attacks”

    Last Friday, a massive DDoS attack crippled a large number of domain name system (DNS) through infected cameras and DVRs. This is a warning to organizations that vulnerable IoT devices such as webcams, routers, printers and DVRs would easily become the security targets of attackers. In the att…[Read more]

  • Recently, researchers have demonstrated that how attackers can cause fatal equipment failures by destroying the integrity of 3D-printed parts. In a proof-of-concept experiment, they sabotaged the 3D printed […]

    • Wow very interesting article Mengqi. This is concerning as 3d printers are becoming mainstream. Good point on the fact that IT experts as well as industry experts would need to work together in order for this type of attack to be successful. I can see how these attacks can be launched by state sponsored actors with a political agenda, as the resources necessary would easily be available. These attacks could also possibly happen if rogue industry experts start selling their skills, like the tools available on the darkweb. Not sure how this could be defended. There would obviously need to be some form of authentication that compares the printed design against the blueprint, which should be locked up somewhere safe.

  • Mengqi He posted a new activity comment 7 months ago

    If the organization is only able to filter and selectively block either incoming or outbound network traffic, I would recommend to filter incoming traffic. Blocking inbound traffic is usually for preventing attackers from compromising the system and network, while blocking outbound traffic is usually of benefit in limiting what attackers can do…[Read more]

  • Mengqi He posted a new activity comment 7 months, 1 week ago

    I think spear phishing is a bigger threat compare to spam phishing. Phishing attacks attempt to obtain personal and financial information by masquerading as reputable entity or person and sending emails or instant messages with malicious website links to victims. Spam phishing is a form of phishing that attackers send out massive numbers of junk…[Read more]

  • People expect public Wi-Fi at nearly all the places we go and expect to be connected all the time. Wi-FI users regularly connect to Wi-Fi in their homes, but they require mobility. According to the survey of […]

    • I am super paranoid about connect to any open Wifi network. It is so easy to hijack an open wifi or just have a fake one setup. It is just not worth the risk to connect to an open network. One thing to keep in mind, even you if decide to connect on open wifi and you might not even check your email or social media, you are still connecting using those accounts since they are working in the background. They will still be vulnerable to theft.

    • This article should be a wake-up call for people who often use public Wi-Fi. These statistic numbers are shocking. The way I see this is similar to the driving and texting problem. People in large numbers are aware of local laws against it, but are willing to take the risk regardless. Therefore, better solutions need to be implemented. A quick solution to this would be for State Officials to enact laws requiring top notch security and encryption for all public places providing Wi-Fi.

    • It wasn’t until I was in this program that I didn’t realize or thought that public hot spots were not safe. I have a totally different outlook on what networks I connect to when I am out. It seems like that organizations need to strengthen their security and strengthen type of encryption that is used for Wi-Fi.

  • Mengqi He posted a new activity comment 7 months, 1 week ago

    “Why Businesses Shrug Off Natural Disaster Threats and How They Can Stay Vigilant”

    People sometimes cannot help being optimistic when look myopically at the future, forgetting the feeling when disaster came in the past. Painful memories tend to be short-lived. This is human nature that people tend to deny the future threats that are det…[Read more]

  • Load More
Skip to toolbar