Skip to main content

Information Security Overview

 


Information Security ensures the confidentiality, integrity and availability. In any organization without security policies and appropriate security rules are at peak point of risk and the confidential information and data related to that organization are not secure in the absence of these security policies. Organization along with well-defined security policies and procedures helps in protecting the assets of the organization from unauthorized access and disclosures. 

    In the modern world, with the latest technologies and by using lot of different type of gadgets, millions of people interacting with each other every minute. These sixty second can be vulnerable and costly to the private and public organizations due to the presence of various types of old and modern threats all over the internet. So public internet is the most common and rapid option for spreading threats all over the world. Different type of Malicious Codes and Scripts, Viruses, Spams, and Malware are always waiting for you. That is why the Security risk to a network or system can never eliminate. It is always a great challenge to implement a security policy is effective and beneficial to the organization instead of the application of an unnecessary security implementation which can waste the resources and create a loophole for threats. Our Security objectives are surrounding these three basic concepts:

    1. Data Breach

    2. Google Play Hack

    3. The Home Depot Data Breach.

Data Breach

eBay Data Breach


    eBay announced its massive data breach in Year 2014, which contained sensitive data. The origin of eBay data breach for hackers is by compromising a small number of employees credentials via phishing in b/w February and march, 2014 In this attack, 145 million customers were estimated having data lose in this attack. According to eBay, the data breach compromised the following information including : Customer's Name, Encrypted Passwords, Email Address, Contact Number, DOB and Postal Address. So these sensitive information must be stored in an encrypted form that uses strong encryption. eBay claims that no information relating to Security numbers like credit cards information and other financial related info are claimed to be kept in a separate and encrypted format. 

Google Play Hack


    "Ibrahim Balic", a Turkish Hacker hacked Google Play twice. He conceded the responsibility of the Google Play attack. He acclaimed that "It was not his first attempt, even he was behind the Apple's Developers site attack. He tested vulnerabilities in Google's Developer Console and found a flaw in the Android Operating System, which he tested twice to make sure about it causing crash again and again.

Using the result of his vulnerability testing, he developed and android application to exploit the vulnerability. When the developer's console crashed, users were unable to download applications and developers were unable to upload their applicaions.

The Home Depot Data Breach


Nowadays, theft of information and data from payment card as Debit Card or Credit Card is common. In 2014, Home Depot's Point of Sale System were compromised. A released statement from Home Depot on the 8th of Sept, 2014 claimed breach of their systems.

    The attackers gained the access to third-party vendors login credentials and accessed the POS network. Zero-Day Vulnerability exploited in Windows which created a loophole to enter the corporate network of Home Dept to make a path from the third-party environment to Home Depot's Network. After accessing the network, Memory Scrapping Malware was released then attacked the point of Sale terminals. Memory Scraping Malware is highly capable; it grabbed millions of payment cards information. It has taken several remediation actions against the attack, using EMV Chip-&-Pin payment cards has a security chip embedded into it to ensure duplicity with magstripe. 

Labels:

Comments

Post a Comment

Popular posts from this blog

What is Hacking

"Hacking" word is really becoming popular day by day. As technology is growing this thing is also growing...'     In the common way people understand from hacking is ; Access someone data, stolen the information from someone devices, mobile or computer & one more aspect is : Crash someone system with his viruses, jam someone network & other this type of activity.     A security hacker is someone who explores method or way for breaching defenses and exploiting the weakness in a computer system or network . You can also say that Hacking refers to activities to compromise digital device, such as computer and smartphone and lot of other gadgets. Now a day there are lot of way to access some of data, as bind the virus in any multimedia file, social engineering and  by creating clone website.      According to Wikipedia Hacker Culture is an idea derived from a community of enthusiast programmer and system designers in the 1960s around the M...
Post a Comment
Read more

Hacker Vs Ethical Hacker

 The word "Hacker" is usually used with negative connotations. But a Hacker is simply someone who has good knowledge & technological expertise to understand and if needed tamper with software or other electronic system in general way. Sometime you can say that most hackers may have ability to break into computer system with malicious intention, with same skills they intend to use for the benefit of their parent companies or the common people.           When we are considering the current trend about Hackers. Then we can say that If any one access or temper another data without the owner's permission are known as Hacking. Which is also said to be "Black Hat Hacker". If the hacker access or temper another data with owner's permission that one is known as Ethical Hacker or "White Hat Hacker". These are the real meaning of Hackers in modern age.. Its not over here, just imagine when a Hacker get permit to access someone's data, what he can do ....
Post a Comment
Read more

Why Linux is important for Hacker or Pen Tester ?

Why Linux is Important for Hacker or Pen Tester ? Linux is an open-source operating system that has become a popular choice among ethical hackers and penetration testers. It has many features and benefits that make it an ideal platform for these activities. In this blog, we will explore why Linux plays a vital role in ethical hacking and penetration testing. Open Source : Linux is an open-source operating system, which means that its source code is available to anyone who wants to use it. This makes it easy for ethical hackers to modify and customize the operating system to suit their needs. It also means that Linux is constantly evolving, with new features and updates being added by the community on a regular basis. Command Line Interface : Linux is known for its command-line interface, which allows users to interact with the system using text commands rather than a graphical user interface. This can be very useful for ethical hackers who need to automate tasks or per...
Post a Comment
Read more