Wednesday 1 February 2017

How Secure Browsing can prevent from Cyber attack



Internet is everywhere and used for everything online starting from browsing at home, checking emails to product search, online banking and what not. Hackers use vulnerabilities to get access to the private data to launch cyber-attack on other users.  Insufficient security mechanism and application vulnerabilities motivate the hackers apart from monetary benefits. From the research conducted on the pattern on cyber-attack it was found that 30% of all attacks are on the Computing services. 14% on retail industry, 9% on Health sector, 8% on media and entertainment and around another 8% on financial service sector. It is believed that there are half a million cyber-attack attempts in the world every minute.

Cyber security is an ever growing threat. Most of these vulnerabilities are spread across Google Chrome, Mozilla Firefox, Adobe flash player, adobe reader and Windows OS. Based on the three pillars of information security – Confidentiality, Integrity and Availability – a website can request you to use cookies that contain malware to spy your data or even remove your data and damage your computer system. Almost two third i.e. 66% of the malwares consist of Trojan Horse and remaining part is the combination of Virus, Worms, adware, spyware etc.

Secure browsing means paying attention to many different controls and Vulnerability in the web browser. Information security vulnerabilities are weaknesses that expose an organization to risk. Understanding your vulnerabilities is the first step to safeguard against internet threats. Usually these vulnerabilities come from Cookies and plug-ins.

Cookies

Cookies contain specific information which is attached on the user’s device when they visit a website. The cookie is either sent from webserver to browser or generated by script on the website like JavaScript. This enables a faster loading of a website at the next visit. It is advised to be cautious of any unwanted third party tracking cookies, which collect data of various site visits. Beware of the danger of using public internet because other users may log into your account via your still valid session cookie if you don’t delete all cookies when closing the browser.  

There are two type of cookies – first party cookie and third party cookie. First party cookies are placed by the site you visit and is frequently used to remember your login information for fast access to your account details. Third party cookies are placed by other sites for affiliate marketing purpose.

Plug-ins

Plug-ins constantly contains security flaws and is therefore frequently updated. Some of the most commonly used plug-ins is Flash Player, Java.

Flash-player is a widely spread freeware which is used for programming and displaying multimedia and interactive contents. Due to its high reach, flash player is a popular target for attackers which results in constantly new security holes.

If a user want to interact with the java content in web pages then it’s necessary to install and enable the java plug-ins in the web browser. JavaScript is a programming language used by websites to run various programs and features. Try to disable JavaScript because applications using Java Script partly interact differently than expected by users. It can also be used to infiltrate malicious code, pop-up software and a whole host of other spammy elements from the internet.

Fake Websites

Fake Websites looks similar to the actual websites including those with login forms. It is not possible for a victim to differentiate between a fake and regular site only by the look and feel of a website which prompt many user to submit their user id & passwords and as a result login credentials are sent to the hackers automatically which can take over your online account. After that you can image what they can do.

Always be alert to ensure that you are on the correct website when entering you online banking and other financial credentials. Financial service sector i.e. Bank employee will never ask you about your online banking user id and password details.

Fortunately there are a lot of easier ways to identify fake websites:

Check the web address (URL) and look for suspicious spellings in the domain name. For example bankofJapan.com might show BonkofJapan.com on Web browser (notice alphabet o instead of a in bank). It is advised to always go to the original website directly instead of clicking the URL link in some other website.  Secondly, never click on the suspicious links.

Financial sector website normally has integrity protection like a site lock or using https for login and payments. Always use the latest version of web browser

As I mentioned earlier there are various vulnerabilities in the compromised websites
Virus: A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels. It is piece of code which is placed in the path of execution of another program. When the user starts the original program, than the virus executes itself. After that it replicates on its own and infect other programs, libraries and the boot sector by replacing executable files with the virus infected files. Since a virus is spread by human action so people will unknowingly continue the spread of a computer virus by sharing infecting files or sending emails with viruses as attachments in the email.
Get Norton Security Software  for 3 devices just $29.99 (Original Price $69.99)


Norton Internet Security
Worms: Computer worms are similar to viruses in that they replicate functional copies of themselves and can cause the same type of damage. A worm does not need a host file to spread. It spreads itself automatically by replicating over the computer network including internet.

Trojan Horse: If does not replicate itself. It pretend to be another program. When user open that file, they do not know that they are executing a malicious program. So in contrast to a work or a virus, the Trojan horse has to be executed by the user actively.

Phishing is part of social engineering where a scammer pretends to be a legitimate person and sends out a message that tries to trick a victim into revealing personal or financial information. Usually in phishing attacker send messages via email or social networking sites. Those messages contain a link that will take the victim to a fake website after clicking on them. Those fake sites look like original and encourage the victim to enter their personal data which is then used by the hackers for hacking.

Web Certificates are used to certify the authenticity of web site that will be surfed. You might have noticed https protocol at the beginning of a web address which means your communication to the web server is encrypted and no one can intercept your message via man-in-middle attack.  If the server has the highest level of authentication than the address bar in the browser will turn green which means its trustable websites because the verification process to confirm the authenticity and ownership is very strict and accurate.

Fake websites usually use expired security certificates or certificate from different website. You can check fields like ‘valid from’ and ‘valid to’ after clicking on Site lock in address bar and view certificate. Subject field will show the source of certificate .i.e. website it belongs to.  

It is recommended to use the latest Anti-Virus software and the browser version which warns you when you navigate to a malicious website. Even if the information is encrypted, make sure to read the organisation's privacy policy first so that you know what is being done with that information you are submitting.

Sunday 29 January 2017

How to Start a YouTube Gaming Channel to get 1 million hits

Starting a YouTube Gaming Channel is a step by step easy process. I will guide you everything about opening a gaming channel. Start with creating a google account for yourself and signing to your YouTube account. 

Think about a vision and goal for your YouTube channel. Create a short plan of activities you need to perform and the money you would like to spend on creating a videos. If you are a starter then you might be on a tight budget and would not like to spend too much in the beginning but if you have decided to be a serious YouTuber and want to earn good money out of it then consider buying good quality products suggested below else you will be left behind in the race of getting maximum hit counts on your YouTube channel.

Creating a new channel on YouTube is pretty simple process. Just login to YouTube with you google ID and add a new channel. Give your channel a nice name and that can reflect your vision and easily attract the viewer community to watch your video. For example there are alot of channels available with the name GamerPro so viewers won't be able to distinguish which one is your if you create a similar name. Try to give it a unique name that can fit the above criteria of vision, goal and audience in mind.

Now coming straight to what equipment's you need to start making professions video that can get you 1 million or more hits.

1) Game Capture tools
a) Elgato Game Capture HD60 recorderElgato Game Capture HD60 - Price $159.94

- Record and stream your Xbox or PlayStation gameplay
- Stunning 1080p quality with 60 fps
- Unlimited capture right to your PC or Mac
- Flashback Recording: record retroactively
- Built-in live streaming to Twitch, YouTube
- Stream Command: add webcam and overlays
- Built-in live commentary feature
- One-click sharing to YouTube, Facebook and Twitter.
- Compatible with Windows OS and Mac

b) Elgato Game Capture HD60 S  Price $169.99
- Stream, record and share your gameplay in 1080p60, superior low latency technology, USB 3.0, for PS4, Xbox One and Wii U.

- Stunning 1080p quality with 60 fps
- State-of-the-art USB 3.0 Type C connection
- Built-in live streaming to Twitch, YouTube & live commentary feature
- Instant Gameview: stream with superior low latency technology
Product includes: Elgato Game Capture HD60, USB, HDMI cable.


c) Roxio Game Capture Standard card  $54.99

Play in HD on your TV.
Capture card supports 480p.
Smaller file sizes for faster sharing.
Video editing software made for gamers.
USB, RCA and Component cables included.
Supports Xbox 360, and PS3.

d) Roxio game capture HD Pro $119.99
Play and capture in 1080 30p/60i.
Video editing software with new effects.
HDMI input and output with USB cable included.
Live stream directly to YouTube and Twitch. New!
Auto-capture up to 1 hr of gameplay & flag your best moments. New!
SmartEncode to reduces video rendering time. New!
Supports Xbox One, Xbox 360, PS4, PS3 & PC Game Capture. Improved!

Recommendation: My recommendation is to go for either Elgato game Capture HD or Roxio game capture HD Pro because both of them gives you Stunning 1080p quality with 60 fps. Please note that Elgato is compatible with both Windows & Mac whereas Roxio is compatible only with Windows OS (no Mac) so if you prefer to use it over Mac then go for Elgato.

2) Microphone
a) Blue Yeti Microphone Price $106.99

Simply plug Yeti into your computer's USB port and you are now ready to record straight away.

Yeti offers driver-free operation, whereas the Yeti Pro requires easy-to-install drivers, available from Blue.
Yeti is compatible with Windows 10, Windows 8 (including 8.1), Windows 7, Windows Vista, Windows XP (Home and Professional), and Mac OS X (10.4.11 or higher). It comes with two-year warranty.

Yeti microphone provides you 4 recording patterns, Zero-latency monitoring, Variable mic gain, mute, and headphone volume controls, Adjustable angle and custom desktop stand.

Yeti has 4 Pattern modes:
i) CARDIOID Mode
Perfect for podcasts, game streaming, vocal performances, voice-overs and instruments. Cardioid mode records sound sources that are directly in front of the microphone, delivering rich, full-bodied sound.
ii) STEREO MODE
Uses both the left and right channels to capture a wide, realistic sound image—ideal for recording acoustic guitar or choir.
iii) Omnidirectional mode
Picks up sound equally from all around the mic. It’s best used in situations when you want to capture the ambience of "being there"—like recording a band's live performance, a multi-person podcast or a conference call.
iv) Bidirectional
Records from both the front and rear of the microphone—good for recording a duet or a two-person interview.

b) Blue Snowball Microphone Price $43.99
Snowball capture studio-quality audio for vocals, music, multimedia production and gaming with one of the world’s most popular USB microphones.

Snowball and Snowball iCE feature industry-leading Blue condenser capsule technology to deliver natural sound directly to your desktop. And the simple USB connection and plug-and-play operation means you don’t need any extra gear—just plug right in and start recording and streaming in amazing quality.

Snowball and Snowball iCE are compatible with Windows 10, Windows 8 (including 8.1), Windows 7, Windows Vista,Windows XP (Home and Professional), and Mac OS X (10.4.11 or higher). It also comes with 2 year warranty.

FEATURES of Snowball
- Unique two-condenser-capsule design for capturing vocals, music, podcasts, gaming and more.
- Polar Patterns: Cardioid or Omnidirectional
- Includes fully adjustable metal mic stand and USB cable
- Plug and play with Mac and PC
- Available in textured white, gloss black and chrome

Recommendation: Both microphones are excellent in audio quality but my personal recommendation is go for Blue Yeti because it provide crystal clear studio quality audio with multiple pattern suitable for best gaming experience, streaming, podcast and recording options. 

3) Headset
a) XO Seven Stealth 420X -Wireless Headset Price $148.88

100% Wireless - Experience crystal clear, interference-free game and chat audio with 100% wireless connectivity to your Xbox One
Superhuman Hearing – Gain competitive advantage by hearing every sound around you, like enemies sneaking up on you, weapon reloads before an ambush, and distant vehicles bringing in reinforcements
Mic Monitoring – Say it, don't shout it thanks to the ability to hear the volume of your own voice inside the headset
Independent Game & Chat Volume Control – Easily find the perfect balance between game audio and chat audio
15-Hour Rechargeable Battery – With up to 15 hours of gaming per charge, you'll always be ready to play


b) ASTRO A40 TR Gaming Headset for Xbox One, PS4, PC  Price 149.99 
Tuned for Gaming with ASTRO Audio: optimized by ASTRO audio engineers and pro gamers
Superior Fit & Finish: premium materials and construction, highly adjustable and lightweight

Mod Kit Ready: go from an open-back to a closed-back noise isolating headset with swappable Mod Kit components (sold separately)

Customizable Speaker Tags: personalize your headset with our magnetic speaker tag system
Swappable Precision Microphone: Highly sensitive omni-directional mic that focuses on your voice and minimizes background noise. It can be positioned on either side of the A40 TR headset.


c) Blue Sadie Premium Headphone Price 399.99
Built-in audiophile amplifier for true high-fidelity sound on any device
50mm drivers custom-tuned for a superior soundstage
Refined personalized fit for superior comfort
Sealed over-ear design for immersive isolation
Racecar-inspired multi-jointed headband design keeps ear cups parallel at all times for superior comfort and sound
Powers on and off automatically when headphones are opened and closed
Rechargeable battery provides up to 12 hours of playtime; Sadie continues to play music even when battery has no charge

d) Logitech G230 Stereo Gaming Headset Price 38.13 
If you are tight in budget then go for Logitech G230 Stereo Gaming Headset with Mic

4) Video Editing Software
a) Sony Movie Studio 13 Platinum Suite Price $61.96
First one is Sony Movie Studio. It's a  complete suite for your digital life. It contains Movie Studio 13 Platinum, ACID Music Studio 10, Sound Forge Audio Studio 10.

Extras: Boris FX Continuum Units, FXHOME Hit Film plug-ins, iZotope Vocal Eraser, NewBlueFX 3D Titling and Video Effects, Studio Devil British Valve Custom Guitar Amp, 50 Sony Sound Series: Production Music Soundtracks

Create video in beautiful 4K (ultra HD) XAVCS or AVCHD, develop original music, and enhance multichannel audio
It can be uploaded directly to Facebook or burned to a DVD or Blu-ray Disc

As a starter in the world of video editing you can safely choose Movie Studio Suite 13. Its highly recommended product at a very affordable price with full of mind boggling features and terrific group of supporting programs and plugins.


b) Sony VEGAS Pro 14 Price 403.90
- Intuitive drag-and-drop workflow for professional video editing
- Support for HEVC, native ProRes and 4K projects
- DVD Architect for disc authoring with menu design & encoding
- Minimum system requirements: Microsoft Windows 7 | 8 | 10; 2 GHz processor; 4 GB RAM internal sound card, min. resolution; 500 MB for program installation
- Internet connection: Required for registering and validating the program, as well as for some program functions. This program requires one-time registration

Again if you tight in budget then you can try some options like iMovie, Windows Movied Maker. If you are interested in learning Imovie video editing then this book is the right fit for you - Imovie '09 Essential Training



5) Photo editing software -

Adobe Creative Cloud Photography plan (Photoshop CC + Lightroom) Price 119.88
It is world's best photography tools, including Adobe Photoshop CC and Lightroom desktop, mobile and web at an amazing price. You might need to use it for making the photo banners, thumb nails etc. Everything you need to organize, edit, enhance and share stunning photos on any device, anywhere including access an extensive library of video tutorials to get you up to speed quickly and master new skills

How much money you can make with YouTube Videos:
With just 10000 views a day at a Estimated CPM rate of between $1.00 USD - $4.00 USD you can earn up to $14400 in a year with just one YouTube video.  In short your one YouTube video can earn between $300 to $1200 per month of passive earning for you. If any of you YouTube video goes viral then sky is the limit for your earnings.

Go and explore your luck. May be the next entrepreneur is hiding someone in you. YouTube viewership will definitely increase multiple time in the years to come with the way digitalization and internet is spreading across the world.

Friday 27 January 2017

How to handle Social Engineering and Phishing attacks


Social Engineering is a form of manipulation through which an unauthorized person tries to gain access to the information or an IT System under false pretense. so what does a social engineers do? They hack the humans.

Social Engineering Resource
Social Engineering occurs primarily on the phone but may also happen online via social network. For example facebook, linkedin, written or face to face situations on business trips or meetings, in public places, at home or other external places.

As an impersonal alternative to social engineering, "Phishing" has increased in the recent years. Usually a fraudsters prey especially on those who have valueable or confidential information and senstive data in the hope to sell it profitably to a competitors.

So what are the main objectives of social engineering:
- Finiancial benefits
- Development and optimization of a competing product or services
- Poaching of customer or suppliers
- Acts of revenge

Social engineering is not an IT phenomenon. There is no technical solution to social engineering like anti-virus. It's rather a social phenomenon where only one defence strategy is working that us human being via social awareness trainings. 

How to recognnise a social engineering attacks?
All involved comminication channels should be consistent. If there is a gap or so called incomatability, you should have doubt in the reason of the strangers. Communicative incomatability always manifests itself as a vague unrest or a gut feeling which is your intuition or sixth sense.

See if all the comminication channels are compatible to each other. These commnuication channels include verbal communication like spoken words, non verbal communication like body language, speech behaviour, voice pitch. Clues for the attempts of social engineering attacks are always present but not easy to identify. You need to use your sixth sense to find those clues.

Phishing
Phishing is based on social engineering and often distributed through email. The best way to mitigate the risk of phishing is to educate users to take caution with suspicious Internet communications and not to trust them until verified. Users require adequate training to recognize suspicious web pages and email.

In 2016 every tenth email worldwide was designed as a banking email which shows that banks were the most favorite targets of phishing emails worldwide. Every fourth phishing email was sent to a finiancial institution. Just in US and UK Spear phishing caused an average cost of $1.6 million per incident in 2016.

By using Phishing, fraudsters try to get information and dta via deceptively tempting emails based on fake senders. Phishing is not only limited to emails but social networks are also used to send phishing messages.

Spear phishing is a special form where the attacker directs at special individuals or companies with the use of personal information like address, used internet services. This require more preparation time for social engineer than a generic phishing mail and the success rate is more in this.

What to do when you suspect a phishing attack?
Do not open attachments from phishing emails
Never click on links
Do not reveal confidential information like user id and password

Providing security awareness training is the best method to mitigate the risk of disclosing
confidential information on social networking sites. It is important to remember that users may access these services through other means such as mobile phones and home computers; therefore, awareness training is most critical.

Usually reputed companies like banks and telecommunication organizations never ask for confidential data via email.

Check the email address and the domain name associated in the email. Look for spelling mistake in the domain name for example john.adam@bonkofjapan.com. Did you just notices that I have changed the domain name to bonkofjapan.com (instead of 'a' I have used 'o' in the spelling of bank) or bankofjapan.org if its not a valid domain name of the bank of Japan. This is a simple method to spoof the sender. This is called fake domain name/URLs.

Another way of phishing attack is that set the new display name (first name and the last name) in the email id whereas this email id is hosted on different domain.
these phishing emails will try to show the sense of urgency with a deadline or a threat (fines) so that you temp to perform the action immediately and fall into their trap.
Another example is when you click on the link, look and feel of a webpage is same but there is a minor change in the spelling  of the domain name to disguise you example: http://bonkofjapan.com (note the spelling of bank its bonk)

Usually phishing emails try to tempt the victim to click on malicious links within the email. Various methods are used:
Hyperlink Masquerading
Fake URLs
Open Redirect automatically redirect user to third party website
URL Shortener (use https://goo.gl/ to redirect you to a fake website)
File Hosting Services (pentend that file is too big for an email attachment and therefore a link to file hosting service for example dropbox, iclouds)

Social Engineering Phishing

Thursday 26 January 2017

Value of ISACA Certifications in Business World: CISA, CISM, CGEIT, CRISC



ISACA offers certifications in systems auditing, security management and IT governance and risk. It's a professional association and previously known as Information Systems Audit and Control Association. ISACA certifications are vendor-neutral and job role specific having tasks and knowledge statements.

Apart from the four mainstream certifications ISACA also offers the Cybersecurity Nexus, a comprehensive set of resources for cybersecurity professionals, and COBIT, a business framework that helps enterprises govern and manage their IT.

ISACA Certification exam information CISA, CISM, CGEIT, CRISC:

Total Questions: 150 (from 2017 onwards all exams have 150 questions)
Maximum Exam Time: 4 hours

Minimum Passing score: 450 out of 800

Exam Format: Computer based testing (CBT) from 2017 onwards. Till Dec 2016 all ISACA exams were paper and pencil exam. You have to choose the best answer from all four options given in the question.

Exam Cost: ISACA Member: US $575 and Non-member: US $760.
Registering for exam as a ISACA member is more cheaper even after paying annual membership fees. Exam discount is also available for early registration.

Exam retake discount: ISACA usually provide discount code to encourage candidates to retake the certifications if they fail in earlier exam attempt.

Exam location: Worldwide testing centers

What do you need on the day of exam: Valid Photo ID card and exam ticket

Exam Reschedule: Exam can be rescheduled at least 72 hours before the scheduled exam date and time with valid justification.

Exam questions: Questions have multiple choices with four options. You have to choose the Best or Most likely answer.

Exam Result: Candidates will receive a preliminary test result after the completion of their exam. Same as in case of any computer based certification exam. Official exam result will come via email within 10 working days of the exam.

Benefit of becoming ISACA certified: It will give a major boost to your career and earning potential. It demonstrates your capability to assess vulnerabilities, IT Risks & Controls, Security threats, IT Governance issues, understand IS Programs and operations within the enterprise.

ISACA Journal - Free download 

Average Salary of ISACA certified: It varies according to the experience and level in the organization. You can see salary statistics from PayScale.com. Salary offering to certified candidates are one of the best in the industry. Average salary starting range is US$60000 and goes to USD 250000 per annum or higher. People with impeccable skill at the senior management level (CISO/Audit Directors) can get in the range of US $300K to $400K per annum. 

Jobs portal search results shows huge demand for ISACA certifications. You can search in any job portal like Indeed, SimplyHired, Monster, efiniancialCareers, jobstreet, TechCareer, Linkedin Jobs, CWjobs etc. Combined jobs for these portals will be somewhere around easily in the range of 50000 to 80000 for each ISACA certification at any point of time.

1. Certified Information Systems Auditor (CISA)

The CISA designation is a globally recognized certification for IS audit control, assurance, and security professionals.

Eligibility: Five (5) or more years of experience in IS audit, control, assurance, or security. Waivers are available for a maximum of three (3) years.

Domain 1— The Process of Auditing Information Systems (21%)
Domain 2— Governance and Management of IT (16%)
Domain 3— Information Systems Acquisition, Development and Implementation (18%)
Domain 4— Information Systems Operations, Maintenance and Service Management (20%)
Domain 5— Protection of Information Assets (25%)

Books and study Resource:
CISA David-L.-Cannon
CISA Review Manual 26th Edition
CISA Review Questions, Answers & Explanations Manual 11th Edition

2. Certified Information Security Manager (CISM)

CISM is a top most credential for IT security professionals responsible for managing, developing and overseeing information security systems and programs in enterprise-level applications and developing best organizational security practices.

Eligibility: Five (5) or more years of experience in information security management. Waivers are available for a maximum of two (2) years

Domain 1— Information Security Governance (24%)
Domain 2— Information Risk Management (30%)
Domain 3— Information Security Program Development and Management (27%)
Domain 4— Information Security Incident Management (19%)

Books and study Resource:
CISM Review Manual
CISM Review Questions, Answers & Explanations Manual
Complete Guide to CISM Certification
CISM Information Security Manager Flashcards - Free download

3. Certified in the Governance of Enterprise IT (CGEIT)
CGEIT recognizes a wide range of professionals for their knowledge and application of enterprise IT governance principles and practices.

Five (5) or more years of experience managing, serving in an advisory or oversight role, and/or otherwise supporting the governance of the IT-related contribution to an enterprise including a minimum of one year of experience relating to the definition, establishment and management of a Framework for the Governance of IT. There are no substitutions or experience waivers.

Domain 1— Framework for the Governance of Enterprise IT (25%)
Domain 2— Strategic Management (20%)
Domain 3— Benefits Realization (16%)
Domain 4— Risk Optimization (24%)
Domain 5— Resource Optimization (15%)

Books and Study Resource:
CGEIT Review Manual 7th Edition
CGEIT Review Questions, Answers & Explanations Manual 4th Edition
Easy Guide: CGEIT Certified in the Governance of Enterprise IT: Questions and Answers

4. Certified in Risk and Information Systems Control (CRISC)
CRISC certification is designed for those experienced in the management of IT risk, and the design, implementation, monitoring and maintenance of IS controls.

Three (3) years of work experience managing IT risk by designing and implementing IS controls, including experience across at least two (2) CRISC domains, of which one must be in Domain 1 or 2, is required for certification. There are no substitutions or experience waivers.

Domain 1— IT Risk Identification (27%)
Domain 2— IT Risk Assessment (28%)
Domain 3— Risk Response and Mitigation (23%)
Domain 4— Risk and Control Monitoring and Reporting (22%)

Books and Study Resource:
CRISC Review Manual 6th Edition
CRISC Review Questions, Answers & Explanations Manual 4th Edition
CRISC Certified in Risk and Information Systems Control All-in-One Exam Guide
CRISC Certified in Risk and Information Systems Control Certification Exam ExamFOCUS Study Notes & Review Questions

Final words...
ISACA certifications exams are very valuable for the career development, promotion, job change, salary hike and enhancing your creditability in the community. Remember these certifications are tough as well as costly so don't take chances in your preparation for exam. It highly recommended to study little extra than what you might have planned earlier to comfortably pass your exam.

It's not a rocket science. Just grab the books and start preparing.
BEST OF LUCK GUYS..  

Tuesday 24 January 2017

Internet security and the tools to safeguard against internet threats

Internet represents an insecure channel for exchanging information leading to a high risk of intrusion or frauds. Way back in 2003 McAfee started selling security suites that contain an eSuite of firewalls, anti-virus and anti-spyware.

Internet Security is a branch of computer security specifically related to the Internet, often involving browser security but also network security on a more general level as it applies to other applications or operating systems on a whole. Its objective is to establish rules and measures to use against attacks over the Internet.

Various type of malicious software's and cyber threats are growing on daily basis leading to increase vulnerability of business information in near future. Hackers can trick computer users to download the files or software that is embedded with malicious contents. These malicious software's comes in various forms like Viruses, Trojan horses, Malware, Adware, Spyware and computer worms. Purpose of such malicious software is to either gather unauthorized sensitive information or disrupt computer operation.

The number of reported US data breaches hit an all time high in 2016, increasing by more then 40% from what was a record high in 2015 according to a report from Identity Theft Resource Center. Identity theft accounted for 64% of all data breaches in first half of 2016 and its has been the number one type of data breach since 2013. 554 million records were lost or stolen in first half of 2016. Malicious outsiders accounted for the most breaches yet again. Best anti identity theft software's available in the market are LifeLock, Identity Force, Identity Guard.

Below Computer Security tools can safeguard you from various attacks on a daily basis:

Anti-Virus prevent, detect and fix malware infected files. Now a days antivirus programs are useful for preventing infections caused by many types of malwares, including worms, Trojan Horses, rootkits, spyware, keyloggers, ransomware and adware. 

Password Manager store your login information for all the websites you use and help you log into them automatically. They encrypt your password database with a master password – the master password is the only one you have to remember. Password manager will release you from the headache of remembering a long list of passwords. If you’re creating a new account, your password manager will offer to generate a secure random password for you, so you don’t have to think about that as well.

Internet Security Suite Guard your digital identity, secure your online communication, safeguard your sensitive financial transactions and stay away from spam and phishing emails with the reliable internet Security product Suite.

Firewall acts as a barrier between a trusted network and and an untrusted network. It can be hardware or software based to block all malicious attempt to hack your system.

Intrusion Detection System (IDS) help to pinpoint the source of the attack so that countermeasures may then be taken. An IDS is not limited to detection of attacks originating externally. IDS cannot detect attacks within encrypted traffic. It is more reactive in nature.

Intrusion Prevention System (IPS) is a preemptive approach to network security used to identify potential threats and respond to them swiftly. intrusion prevention systems monitors network traffic like IDS and on top of that it has the ability to take immediate action, based on a set of rules established in it. It more proactive in nature.

Email Security is now becoming a basic need for everyone because of growing threat of hackers, viruses spam, phishing and identity theft, as well as the need to secure business information.
Email encryption technologies protect individual sensitive emails. Software such as OpenPGP allows to encrypt emails between the sender and recipient, to boost email security. 

Monday 23 January 2017

Protecting data from hackers and malicious programs

In today’s world, the internet and eCommerce are one of the most popular tools that you can use to buy goods and services. The internet have proved to be a very good venue that you can use for communication and with this, you can now purchase goods and services from the companies you can find in the internet today.

It is also a great tool to start your own online business and make transactions. With the fast and cheap communication that the internet provides, you would definitely want to get connected in the internet to make money or make life easier for you.

However, with all the advantages of the internet, there are also disadvantages. Because financial dealings are made in the internet on a daily basis, it is also considered that millions or even trillions of dollars are being exchanged in the internet everyday. This spawned a new group of criminals that would do anything to steal money from you by just using the internet.

These cyber criminals develop programs or software that invades your personal computer through the internet, will start gathering information inside your computer that may include your financial and personal information and send it automatically to the person who developed the software.

The thought of letting a stranger look at your personal and financial information without you knowing about it can definitely make you cringe in fear. With this information, the cyber criminals will be able to steal money from you by committing a very serious crime called identity theft or identity fraud.

They will also use your personal and financial information to pretend to be you and commit cons that may get you into trouble with the law without even knowing about it.

It is a fact that many people have been victimized by identity theft which has resulted in losing a lot of money or facing criminal cases they didn’t even commit. This is why it is very important for you to secure yourself from these crimes not just in the real world, but also in the cyber world or in the internet.

You can stop these crimes from happening to you by simply installing the best kind of internet security software available. Internet security software's are a group of programs that can combat modern day threats in the internet, such as computer viruses, spyware, adware, and hackers. It is a program that will help you protect your computer from being invaded by the malicious software circulating the internet today and gain access to your files that may contain your personal and financial information.

Today, it is considered a necessity to have this kind of software in your computer in order to better protect you and your family from cyber criminals who are looking for a way to steal money from you.

Good internet security software technology should include:
  • Antivirus – This particular program should be included in your internet security software to protect you against viruses that are circulating the internet today. It should also have automatic update features in order to better protect you from the new viruses that keep on popping out in the internet.
  • Anti spyware/adware – Spyware and adware are very dangerous programs that can give the developer access to your files in your computer that may contain financial and personal information. This is why this feature should be included in the internet security software and should also be updateable.
  • Firewall – This particular program will prevent viruses and hackers from entering your computer.
  • Parental control – This program should be included in your internet security software especially if you have kids in order to control their internet activities and prevent them from visiting websites that may contain violence or pornography.

The Kaspersky Internet Security is one of the most used and widely know internet security program technology in the market today. It is a very popular and effective program that is able to effectively detect and prevent malicious programs from entering your computer. With this kind of software, you will be able to protect yourself from identity thieves and malicious programs circulating the internet.

Here are some of the main advantages and key features of the latest Kaspersky Internet Security software that your computer should have:
• Protection from all internet threats
• Firewall for additional protection
• Updatable virus definition
• Effective antivirus software
• Free technical support
• Protection from network attacks and system hijacking
• Programmable spam filtration system
• System rollback
• Popup blocking software

These are the main things that you should look for in an internet security software. With all these features, you will be able to protect yourself and your family from being a victim of serious crimes going around the internet today.