@vaibhav-shukla
Active 7 years, 2 months ago-
Vaibhav Shukla wrote a new post on the site ITACS 5211: Introduction to Ethical Hacking 8 years, 1 month ago
How can the market players play with security vulnerabilities of different firms…Ill share the news
There is always a pact between a cybersecurity researchers and the companies that when a cyberSec. firm finds a […] -
Vaibhav Shukla posted a new activity comment 8 years, 1 month ago
The FGDC guidelines recommends following safeguards in order to address the security concerns before disseminating the geospatial data to public .
1)Change the data
2)Restrict the data
Both the safeguards are posing the risk at the two important security objectives of INTEGRITY and AVAILABILITY.
When the data has been changed to mitigate the…[Read more] -
Vaibhav Shukla posted a new activity comment 8 years, 1 month ago
Regarding the election system hack as you mentioned the threat is more probably the internal threat than the external threat.
There has to be strict monitoring mechanism pertaining to election system admins.
The admin credentials will be limited to certain number of people so there has to be check using a bio-metric system for the admin owners…[Read more] -
Vaibhav Shukla posted a new activity comment 8 years, 1 month ago
http://www.technewsworld.com/story/83860.html
The article reveals how information security is important to the defense sector.The hackers have stolen more than 22000 secret pages pertaining to scorpene class submarine.
Its a submarine which has been acquired as a part of defence purchase by Indian Navy from french defense Contractor DCNS.
The…[Read more] -
Vaibhav Shukla posted a new activity comment 8 years, 1 month ago
Quantitative Data-Data derived from mathematical and statistical figures
Risk Assessment-Process to identify potential risk to a business process.
So as the name suggest quantitative information security analysis is placing mathematical figure in terms of dollar value to the threat or asset involved in information security analysis.An…[Read more]
-
Vaibhav Shukla's profile was updated 8 years, 2 months ago
-
Vaibhav Shukla created the site Vaibhav Shukla 8 years, 2 months ago
-
Vaibhav Shukla posted a new activity comment 8 years, 2 months ago
Hi Guys!
Its Vaibhav Shukla here. I am a full-time student in the ITACS program opting for cyber-security track.
I am an international student from India. I have completed my bachelors degree in engineering with major in electronics and communications.
I have a 2.5 yrs of full-time work-experience in Wipro Technologies as an application…[Read more] -
Vaibhav Shukla's profile was updated 8 years, 2 months ago
Interesting article..It will be interesting to see if this becomes a more common occurrence and if so, how will the SEC respond? As the article says, the idea that something like this would happen has been mentioned in security conferences for several years but this is the first “mainstream” occurrence. Since the findings were found by an outside firm, it would seem no trading laws were broken, which is reiterated by the fact that the SEC is currently choosing to remain silent on the issue. But issues of ethics and safety could require some kind of reactive measures if these types of exploits continue.
Bilaal,
This act becoming a more common practice is the first thing that strikes my mind as a concern. This would not be a good way to commercialize cyber security because it would invite hackers to explore this idea deeper and probably exploit it in a way in their own benefit. For example, they may infiltrate a system, create multiple back doors, then approach the same company later on to falsify new vulnerability findings to make money. Also, who knows how negatively this practice could impact the U.S. economy. Conversely, selling vulnerability findings can encourage the good guys to discover back doors before unethical hackers; however, no one really is certain how this would play out as an unregulated common practice in the economy.
I gotta think the SEC is going to have something to say about this sooner rather then later. Strip away the tech babble and this looks like insider trading to me. Also, seems unethical. When I have been involved in pen testing a third party application, the results were always share with the company that sells the software.
Wade