Tag Archives: Cyber security posts

Must read: The 7 Most Dangerous Technology Trends.

Abstract

1.  AI Cloning 

With the support of artificial intelligence (AI), all that’s needed to create a clone of someone’s voice is just a snippet of audio. Similarly, AI can take several photos or videos of a person and then create an entirely new—cloned—video that appears to be an original.

2.  Drone Swarms 

The British, Chinese, and United States armed forces are testing how interconnected, cooperative drones could be used in military operations.

3.  Spying Smart Home Devices 

For smart home devices to respond to queries and be as useful as possible, they need to be listening and tracking information about you and your regular habits.

4.  Facial Recognition 

There are some incredibly useful applications for facial recognition, but it can just as easily be used for sinister purposes. China stands accused of using facial recognition technology for surveillance and racial profiling.

5.  Ransomware, AI and Bot-enabled Blackmailing and Hacking 

When high-powered technology falls into the wrong hands, it can be very effective to achieve criminal, immoral, and malicious activities. Ransomware, where malware is used to prevent access to a computer system until a ransom is paid, is on the rise according to the Cybersecurity and Infrastructure Security Agency (CISA).

6.  Smart Dust 

Microelectromechanical systems (MEMS), the size of a grain of salt, have sensors, communication mechanisms, autonomous power supplies, and cameras in them. Also called motes, this smart dust has a plethora of positive uses in healthcare, security, and more, but would be frightening to control if used for evil pursuits.

7.  Fake News Bots 

GROVER is one AI system capable of writing a fake news article from nothing more than a headline. AI systems such as GROVER create articles more believable than those written by humans. OpenAI, a nonprofit company backed by Elon Musk, created “deepfakes for text” that produces news stories and works of fiction so good, the organization initially decided not to release the research publicly to prevent dangerous misuse of the technology.

Reference

https://www.forbes.com/sites/bernardmarr/2019/09/23/the-7-most-dangerous-technology-trends-in-2020-everyone-should-know-about/#166c16177780

CyberSecurity: Hackers complaint about other hackers sites

There is a competition going on between hackers & how one beat another. Google has notice this that there are many request coming to block one site & remove from searches.

The cyber-gangs are claiming pirate games sites are using digital rights management (DRM) breaking tools which allow them to circumvent technologies designed for restricting the use of proprietary hardware and copyrighted works.

Digital rights management (DRM) is a systematic approach to copyright protection for digital media. The purpose of DRM is to prevent unauthorized redistribution of digital media and restrict the ways consumers can copy content they’ve purchased.

Normally when Google gets a copyrights complaint it will delist the site but still allow the site’s owner to contest the removal through a process defined in Section 512 of the DMCA, but when Google receives complaints about the DRM-breaking tools they remove the accused site and offer no appeal process.

What Is a DMCA Notice? And Can it Help Me?

Since the internet began, people have uploaded over a billion gigabytes of digital content. That includes music, movies, games, and much more. What protects content creators when someone violates copyright laws and posts their work online without their consent? In the United States, it is the DMCA. Provisions of the DMCA protect content creators and owners from copyright violators by providing a process anyone can use to have legally protected work removed from a website.

CyberSecurity: Finished Threat Intelligence (Security Intelligence) book

Just finished another very good book on cybersecurity: Threat Intelligence. Threat intelligence is a component of security intelligence and it is way how you use tools, knowledge, risk (External or internal), security threads on your overall business.

This books answers many questions & gives a big perspective on many problems currently faces by organizations. And, Why there is no security remedy on time. Information in this book is very good organized. It starts with simple knowledge chapters to the security operations to the dark web.

My Favourite parts are:

  • About Security Threats & Risk Analysis.
  • About the security operation center. And how resources are under stress to deal with thousands of operation alerts. And most of them are false positive (i.e not valid alerts).
  • About Dark web & organized crime. And How organized crime hires hackers, execute projects etc. Little info but got some sense out of it.

Things to learn from Threat Intelligence book

  • How Threat Intelligence can help in dealing with every aspect of security?
  • How SOC (Security operation center) mitigate the risk & identify problems? And SOC can easily handle so many false positive alerts?
  • How to get to know treads, current vulnerabilities & risk analysis of fixing critical vulnerabilities?
  • How to know if threat criminals are already breached the sensitive information? In most of the cases, Organizations get to know after months or so about data breached. Book details out how national vulnerability database does not provide vulnerability info on time & how thread Intelligence tools can help you on that.
  • Some information about the dark web, deep web & organized crime. Little detail about how organized crimes are done?

Final Thought:

Every security professional should read about threat intelligence & understand the overall process. it is a must-read book.

NOTE: I can share the downloaded version but I think it would be unfair to the people who have done all the hard & good work on this books. So here is the reference & you can help yourself.

Reference

CyberSecurity: Click Here to Kill Everyone – By Bruce Schneier

This article is the most detailed one & have a full summary of cybersecurity stuff. As per Bruce Schneier, With the Internet of Things, we’re building a world-size robot. How are we going to control it? 

Abstract

Last year, on October 21, your digital video recorder — or at least a DVR like yours — knocked Twitter off the internet. Someone used your DVR, along with millions of insecure webcams, routers, and other connected devices, to launch an attack that started a chain reaction, resulting in Twitter, Reddit, Netflix, and many sites going off the internet.

The internet is no longer a web that we connect to. Instead, it’s a computerized, networked, and interconnected world that we live in. This is the future, and what we’re calling the Internet of Things.

Take a concrete example: modern cars, those computers on wheels. The steering wheel no longer turns the axles, nor does the accelerator pedal change the speed. Every move you make in a car is processed by a computer, which does the actual controlling. A central computer controls the dashboard. There’s another in the radio. The engine has 20 or so computers. These are all networked, and increasingly autonomous.

Security is an arms race between attacker and defender. Technology perturbs that arms race by changing the balance between attacker and defender. Understanding how this arms race has unfolded on the internet is essential to understanding why the world-size robot we’re building is so insecure, and how we might secure it. To that end, I have five truisms, born from what we’ve already learned about computer and internet security. They will soon affect the security arms race everywhere.

Truism No. 1: On the internet, the attack is easier than defense.

Truism No. 2: Most software is poorly written and insecure.

Truism No. 3: Connecting everything to each other via the internet will expose new vulnerabilities.

Truism No. 4: Everybody has to stop the best attackers in the world.

Truism No. 5: Laws inhibit security research.

To read full article.. Check below link.

https://nymag.com/intelligencer/2017/01/the-internet-of-things-dangerous-future-bruce-schneier.html