Vaibhav Shukla

In the presentation, we see that there are two actions when not passing traffic… We can reject or deny. What is the difference between these? When might you use one or the other?

Both the “deny” and “reject” settings will block the traffic but there exists a small difference between rejecting and denying the traffic . When a packet is r…[Read more]

I think when compared with the market share the windows is the clear winner because of its user-friendliness and accessibility to first-time users .The reason for its market shares also drive more software and apps to be compatible with windows in comparison to linux. In the organization which I have worked before I had seen that most of the…[Read more]

Its perfect example of week application security.I still have doubt when the app is stealing the Oauth token by taking away username and password which means that the values were not encrypted when they are being sent and it was like a man in middle attack

As mentioned the ransom malware HDD Cryptor was used I think this will be first very large scale disruption caused by this malware as this malware was more focused on personal PC where they easily trick people to pay bit coin .HDDCryptor, also identified as Mamba rewrites a computer’s MBR (Master Boot Record) boot sectors and locks users out of…[Read more]

I even came across this article and it tells that the this malicious malware converts the file on your PC to .locky extension .This then encrypts all file and ask for bitcoins for payments for decrypting them.
The best way to keep away from locky is to enable macros in documents received by mail.
The application microsoft office if used for…[Read more]

TCP and UDP both are transport layer protocols.Main difference between two is TCP is connection oriented and UDP is connectionless.The User Datagram Protocol (UDP) provides a best-effort datagram service to an end system (IP host). UDP provides no guarantee for delivery and no protection from duplication, but the simplicity of UDP reduces…[Read more]

I have mixed feelings for considering the banning of security tools on network for IT group with disciplinary ramifications.
The security team in an IT company which owns this trustworthiness should be only allowed to own and run such tools and that also with appropriate permissions.
When you grant permission to carry out a penetration testing…[Read more]

Interesting post and I think Facebook is one of the pioneer company taking security of its users account to a different level by implementing such out of box ideas.Many different ways adopted by facebook like making its text chat as encrypted are some of its step which make FB secure.Recently facebook has also launched the payment system where…[Read more]

To provide a greater reliability in the use of bio-metrics I think the unimodal identification system should be replaced by multimodal authentication system.If the fingerprint scanning fails due to some reason the device should be able to perform another biometric authentication like iris scan or voice scan

Yeah even I liked the fact about it being Mobile friendly-With this the user authentication logins are possible for a tablet or laptop even when disconnected from the corporate network. Additionally, GoVerifyID Enterprise offers a consistent user authentication experience across all login environments

Kerckchoffs law states that a cryptographic system should be secure even if everything about the system, except the key, is public knowledge.In simple words the gold standard for any secret keeping system is that all its details should be able to be made public without compromising the security of the system. The security relies on the system…[Read more]

I wasnt aware that even google was banned in china as I know about facebook but Yes rightly mentioned banning sites like google could be causing more of harm than benefits.It restricts a lot of information.
Eventually there is no benefit if the users are able to access them through VPN .

Really a different news I just read last week that russia will be banning linkedin as it wants it datacenter to be located in russia rather than USA
.But this seems strange that companies have to find elsewhere to house their data to avoid censorship of the internet.

The country sponsored cyber attacks are some of the worst threat in the area of cyber security.The amount of money spend will always be very large and there will be large infrastructure working for it .The Assange wiki-leaks revealed that US is spying on many countries . Russia has also made many such attempts of hacking like the one of US…[Read more]

An IT security professional must be concerned with pandemic as pandemics like influenza will be widespread, affecting multiple areas of the United States and other countries at the same time. A pandemic will also be an extended event, with multiple waves of outbreaks in the same geographic area; each outbreak could last from 6 to 8 weeks. Waves…[Read more]

There are a lot of security risks of letting employee store sensitive data in thier personal devices ,what happens if a device is lost, stolen or infected with malware? A company has less control over the devices it doesn’t own, making it easier for sensitive data to be compromised. Company-issued devices usually come with an acceptable-use…[Read more]