Vaibhav Shukla

The main problem I felt that why the auditing of logs for data being transferred is done in 2 years.This process should have been done more frequently.If this auditing was done in 6 months there was chances of tracking the person more fast.Its hard to figure out whether the data was not or will not be used for any malpractice.

Yeah and I firmly believe that snowden leaks were like the turning point in face of IT Security.A lot of countries and organizations changed their strategies to secure their information systems .Storing data locally will have a more control on the flow of data .National Security is absolutely important and countries can make laws pertaining to it

Lost thumb drives bedevil U.S. banking agency

A U.S. banking regulator says an employee downloaded a large amount of data from its computer system a week before he retired and is now unable to locate the thumb drives he stored it on.
The Office of the Comptroller of the Currency, which is a part of the Department of the Treasury, said the loss…[Read more]

Yeah even I had a initial feeling that what can be the sensitive information w.r.t the blood donors as they can have just information of blood donation history and name of donor.
But I felt this is a serious breach when the secret private questions like ” engaged in “at-risk” sexual behavior” and blood type is revealed in public.
Blood don…[Read more]

It is very important to know the difference between the identity and access management as we have to clarify the basic question ” When the user identity is established can he access the service? ”
Answer is No . Authentication is not equal to Authorization .After authentication there needs to be an access control decision. The decision is based…[Read more]

The article clearly throws light on how this vulnerability is a serious threat and way to fix it by patching our operating systems.But there are million of devices which cannot be patched which remains a serious concern.
Many gadgets using linux doesnt support patching and can be security rsik

I really like the RSA SecurID Breach .Usually people tell its gullible people tricked into social engineering but there are also employees working in security company getting tricked .It is expected from employees of such company to be aware of such social engineering tricks.This also reveals how can the zero day attacks could be a lot dangerous

The article is great and I feel the hash collision can also be created if we convert the hex code into the binary code.
The main vulnerability exploited in MD5 collision is the length extension because of this length-extension behavior, we can append any suffix to both messages and know that the longer messages will also collide.

Inorder to determine network capacity is adequate or inadequate we need to have a network capacity planning which includes finding out

1) Traffic Characteristics-Type and amount of traffic
• Traffic volumes and rates
• Prime versus non-prime traffic rates
• Traffic volumes by technology

2) Present Operational Capacity
• WAN percent…[Read more]

Millions of Indian debit cards ‘compromised’ in security breach

On Wednesday, India’s largest bank, State Bank of India, said it had blocked close to 600 thousands debit cards following a malware-related security breach in a non-SBI ATM network. Several other banks, such as Axis Bank, HDFC Bank and ICICI Bank, too have admitted being hit by s…[Read more]

A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by bombarding it with traffic from multiple sources
Spear-phishing attack is carefully crafted and customized to look as if it comes from a trusted sender on a connected subject. Spear-phishing scams often take advantage of a variety of methods to…[Read more]

I think its a very bad approach by a government agency in maintaining its IT infrastructure.
The IT systems were like full of vulnerabilities and the officials were waiting for such data breach event to take place in-order to put everything on track .
The common items mentioned in it are like some of the key in maintaining IT security in an…[Read more]

Yeah but I still feel recognizing the cyber security hacks as national security challenge is very important.
This actually proves that information security is gaining importance in coming times that it even needs to be a part of political strategy for the competitors and I think in coming time this could be a very important factor to be seen in…[Read more]

Quantum computing in simple words is something that allows a particle to be both a zero and a one at the same time. Quantum cryptology depends on physics, not mathematics.
Quantum cryptography uses photons to transmit a key. Once the key is transmitted, coding and encoding using the normal secret-key method can take place.
But question comes…[Read more]

How is NSA breaking so much crypto?

The Snowden documents shows that NSA has built extensive infrastructure to intercept and decrypt VPN traffic and suggest that the agency can decrypt at least some HTTPS and SSH connections on demand.
However, the documents do not explain how these breakthroughs work.If a client and server are speaking…[Read more]

BCP is a plan that allows a business to plan in advance what it needs to do to ensure that its key products and services continue to be delivered in case of a disaster,.A business continuity plan enables critical services or products to be continually delivered to clients. Instead of focusing on resuming to a complete strength after a disaster, a…[Read more]