fbpx

Author: PJ Jozefczyk

  • HomeArticles posted by PJ Jozefczyk
CVSS v4.0
FIRST Unveils CVSS 4.0 – A New Era for Vulnerability Scoring
November 2, 2023 Cyber Security PJ Jozefczyk

The world of cybersecurity is taking a significant step forward with the Forum of Incident Response and Security Teams (FIRST) officially announcing the launch of CVSS v4.0. This marks a substantial evolution from the previous CVSS v3.0, introduced back in June 2015. With an aim to provide the highest fidelity of vulnerability assessment for both industry and the public, CVSS 4.0 brings to the table several enhancements. These include a set of supplemental metrics such as Safety, Automatable, Recovery, Value Density, Vulnerability Response Effort, and Provider Urgency, designed to provide a more granular and accurate vulnerability assessment. Furthermore, FIRST introduces a new nomenclature to enumerate CVSS scores, emphasizing the fact that CVSS is more than just the Base score. This shift reinforces the importance of considering Environmental and Threat Metrics in the vulnerability assessment process. To explore the intricacies of CVSS 4.0 and understand how it can revolutionize your organization’s approach to vulnerability management, delve into our detailed article. Read More

How it feels to be an IT guy
image November 14, 2019 IT Blog PJ Jozefczyk

How it feels to be an IT guy. It’s always the same…

What is Cyber Security
October 25, 2019 Cyber Security PJ Jozefczyk

Cyber Security is a process or we can say the practice of protecting your online activity and electronic devices from unwanted access and attacks. In other words, the process of securing your computer, mobile phone, website server, CCTVs, or any other electronic device from attacks is cyber security. People often call Cyber Security as Information security as it is all about hiding and protecting sensitive information. Cyber security is not only used in the online world but also used in many other places. For instance, it is used in mobile computing, business, website or application security, and many other places.

Types of Cyber Security
October 25, 2019 Cyber Security PJ Jozefczyk

To make things simple, Cyber Security has various categories. Each of these categories has a specific context. Below given are the main categories in which Cyber Security can be classified.   Network Security Network security is all about securing your computer network from unwanted access. Whether it is a single computer network or a hub connecting various computer networks, all of these are counted as same. Hence, securing these platforms is considered as Network Security.   Application Security Application Security is the process of securing any type of online website, application, or software from a threat. It is mostly taken into consideration from the first design phase. Later on, in the development phase, the developer enhances security methods.   Infrastructure Security The entire infrastructure on which the society relies on needs to be secure. This includes but is not limited to Electronic grid, traffic lights, hospitals, water purification, etc. If there is an attack on any of these, the entire society will suffer in one way or the other. Therefore, securing these infrastructures is the most crucial part. Hence, there is a complete monitoring team set along with all the cybersecurity measures to prevent attacks.   Cloud Security We all use the cloud in one way or the other. All the data is stored in the cloud storage or in your email storage must be protected. Cloud security consists of not only securing the end-user but the entire network from attacks and threats. Cloud holds many sensitive data which should not go in the wrong hands. The process of securing information is also known as Information security, which brings us to the next type.   Information Security Basically, Information Security means securing any sensitive information. Information can be anything starting from contact names to all different kinds of sensitive information such as username, passwords, photos, videos, or any other files. Here, the goal is to prevent unknown access and also keep the integrity of the files.

Virus, Spywares, and End-user Education
October 25, 2019 Cyber Security PJ Jozefczyk

There are many types of computer viruses that might harm your system. Most of the virus will only cause a system to slow down or will create unnecessary files in the system. However, Spywares are not one of them. Spywares are used by the attackers in order to spy and keep an eye on a system. If spyware enters a system, it will send all the logs and data to the attacker. For instance, if someone installs spyware on your system, it will automatically send your files, important data, sensitive information to the attackers. Moreover, some of the advanced Spywares can also let attacker use your computer remotely. Meaning, the attacker will be able to control your computer from their location. Therefore, you should follow all the security measures and make sure in order to keep your system safe and secure. We will more about it later in this section.

Types of Attacks
October 25, 2019 Cyber Security PJ Jozefczyk

There are different types of attacks used by attackers to compromise a system. Below given are the most common kind of threats or attacks.   Malware The first one is a simple malware attack. Some of the malicious software or even malicious code can harm a computer. Some of the malware are called viruses, trojans, etc. These will slow down your computer making it difficult for the user to access the website. There are Spywares that will compromise your system. A keylogger will store and send all the keystrokes to the attackers including sensitive information such as passwords and credit card pin.     Phishing Attacks Phishing is a practice where a fake page exactly similar to the original one is created. The fake link is then sent to the user. When the user enters the information on that particular web-page, the information directly goes to the attacker. This kind of attack is done by SMS, Phone calls, or email. Here, the user’s consent is necessary. Therefore, by using one or the other way, the attacker will send the link of the fake page to the user in order to get the information.     Social Engineering Social Engineering is where the attacker will manipulate the user and convince them to give their information. For instance, an attacker will call the user claiming that they are from a particular bank and for security reasons, they will need your password. A naive user will provide the username and password over here. Using this, the attacker will steal the information.     Other threats and attacks These are the most common attacks. There are many more attacks which are mostly for the websites and the application. To name a few, the attacks include DDoS attack, Cross-Site scripting XSS, SQL Injection, etc. This does not occur directly on the individual but on the website or an application. Therefore, when implementing application security, it is necessary to make sure that the application has protection from all these.

Cyber Security for Home Users
November 1, 2019 Cyber Security PJ Jozefczyk

As these many attacks are going on, it is necessary to keep yourself secured. As an end-user, there are certain things that you can keep in mind for your protection and cyber-security. The best way you can be safe from these attackers is by installing an antivirus or anti-spyware software on your system. There are many antivirus tools out there that provide you complete protection from all the users. You can easily install it and get 24/7 protection. Mostly these antiviruses will keep you safe from all the viruses that will slow down your computer, Spywares, and key-loggers that will steal your information and will also keep away all the other malware that will affect your computer. Choose the best antivirus out there in the market. As some of the viruses or malware are hidden directly on your system’s MBR (Master Boot Record). The antivirus you choose to go with must-have capabilities to remove all the malicious code directly from there. It should also offer web protection for your online activities. Moreover, along with system security, it is necessary to keep an eye on online activity. You can simply check the URL of the website before entering the details. If it is a financial website or you are making a transaction, make sure there is HTTPS written on the URL Bar. You can also see if there is a green lock button that appears on the URL bar. This means that the transaction you are doing is safe. If you take all the security measures properly, you can be completely secured.

 
Return to shop