The beginner’s guide to ransomware

20012126873_e376a09029_k

Ransomware is nothing new, but has made the headlines quite a few times since last year, as it has become a mounting threat and is dealing damage to individuals and companies alike. If you’ve heard of the scary stories of computer viruses locking out files and extorting money out of users without leaving a trace, then you already know what ransomware is.

Whether you’re afraid of being the next victim of ransomware or not, it pays to know more about how it works, where it comes from, and some basic measures that can help you protect yourself against it. Continue reading

Advertisements

Why do we need to separate concerns in IoT development?

Working Programmer. Programmer Showing Code Issue on the Screen.

Internet of Things is fast evolving and is slated to become one of the largest markets and one of the most expansive industries in the next few years. In a conceivable future, every single aspect of our daily lives will be monitored and control by the billions of devices that will be connected to the internet.

But there are some caveats to using the full potential of this nascent technology and making the best use of the utilities that it offers. The implications of not addressing IoT development issues are more far-reaching than data security and privacy issues. Many industrial resources, including infrastructures such as power grids, and critical devices that regulate and control health, such as drug infusion pumps, are dependent on IoT technology.

The bottom-line is that IoT is becoming so integrated into our lives that it should be taken much more seriously. Yet the concerns are so many that if we do not tackle them separately, we are bound to be met with dead ends, pitfalls and outright disasters. Continue reading

The inevitable outcomes of the Apple FBI debate

Source: Reuters

Source: Reuters

While Apple and FBI are exchanging statements and court orders over data stored in iPhone belonging to one of the shooters in the San Bernardino rampage, everyone is intent on what will be the outcome of the latest round of crypto-debate. The feds are blaming Apple of undermining national security, making false claims and arguments on legal rights, and creating diversions in order to preserve its economic interests; Apple (and other tech leaders) are accusing FBI of intentionally wanting to set a precedent by forcing Apple to create the software that can unlock the phone; and meanwhile, other cases, namely that of the WhatsApp messaging app, are waiting for the outcome of this case to determine their fate. Continue reading

The cybersecurity talent shortage crisis

13334048894_db638d5080_k

Cyber-threats and data breaches are growing in number and severity, botnets are enlisting new conscripts at a chaotic pace, cryptoransomware attacks are raking in millions for malicious hackers… and we are hard-pressed and ill-prepared to face the challenges that lie ahead. The widening gap of cybersecurity talent is at the heart of this crisis. There’s currently a 1 million shortage of skilled workers in the cybersecurity sector. According to (ISC)2, that number will rise to 1.5 million by 2020 – Cisco’s Annual Security Report says we’ll reach the 1.5 million threshold by 2019. A study led by ISACA shows that most organizations are having trouble find cybersecurity talent to fill their IT security vacancies. Continue reading

A beginner’s guide to cross-site scripting (XSS) attack prevention

14017157970_443c9b91c2_k

As I’ve mentioned in a previous post, web applications are one of the most attractive targets for hackers because they can be easily reached, have virtually-countless attack vectors, and there are too many ways for naïve developers to goof and inadvertently introduce vulnerabilities in their source code.

In this post, I’ll familiarize you with cross-site scripting (XSS), one of the oldest and most common types of attacks that can be staged against websites, and steps you can take to protect your site against it. Continue reading

IoT security: key takeaways from Gartner’s forecast

14939374947_924aa826c2_h

Internet of Things (IoT) is the hot new phenomenon that is fast altering our lives and businesses with its seemingly unlimited possibilities and use cases. Improved utility, analytics, energy saving and plain simple comfort are just some of the benefits that IoT is introducing. But as I’ve mentioned time and time again, the security considerations and pitfalls of IoT are something that need to be taken more seriously, lest this new uncharted territory, which is destined to expand over 20 billion devices by 2020, spins out of control.

In a recent analysis, research firm Gartner has identified and introduced the key IoT technologies that will be prevalent in the next two years. This is important since it determines what manufacturers and consumers will be focused on, and thus we need to identify and understand the security implications. Continue reading