Infosec

2 Algorithms of Cryptography we learned/exercised today -RSA Algorithm -Diffie Hellmans Algorithm We had a difficulty simulationg the RSA Algorithm but eventually we found a solution, was challenging but worth it.

The main focus of Security was on Prevention, however since there are many ways to exploit a certain system a formula has been made for Protection. Protection = Prevention + (Detection + Response) Prevention - Access Controls, Firewalls, Encryption Detection - Audit logs, Intrusion Detection System, Honeypots Response - Backups, Incident Response Team, Computer forensics (Detection + Response) - alert when prevention fails to provide ways to address the problem This formula is also known for "Operation Model of Computer Security" since every security technique and technology falls to either one of these three elements in the equation. Three ways an organization handles Protection is by first ignoring security issues which leaves everything by default; merely just because it's easier to set things up - leaving the organization very vulnerable. Secondly they handle it by providing "Host Security" - security for each devices like installing anti-virus...

FalseGuide is a malware recently discovered in Google Play store. Often it is in a form of a game guide; when you install the app it will ask for device admin permission and with this it can manipulate certain data in your android device. FalseGuide works through connecting to Firebase Cloud Messaging service, this where all the malware codes are stored. Hence, the effects of FalseGuide to the android device actually depends on the motive of the developer of this malware. Due to the nature of FalseGuide it perfectly blends with other application who uses cloud services for their application to function. FalseGuide is a powerful malware that infected 2 million android users in a span of five months. Thankfully Check Point which are cyber-security researchers discovered FalseGuide and completely removed any applications associated with this. However, those who already got infected with this malware are still has an active infection of this FalseGuide.

Presentation Tomorrow about False Guide Malware... will post the False Guide research tomorrow. meanwhile check this website  FalseGuide

Functionality-Usability-Security Model simply shows that you can't focus on all the three of them at once in a software or system. If you focus on either of the security, functionality and usability one will always have to suffer, an example of this is the ATM machines where the functionalities are limited and its not very user friendly since the focus is(should be) on Security. A fact that we IT's must consider is that the more advanced the technology is the more exploitable it becomes. A perfect balance in the FUS model might be just a theory. However, the way I see it nothing is ever really secured, there is always a loophole in the system. It's just up to you on how many layers of security you want the attackers to go through before reaching the information he needs.  Exploits are made to test the integrity of the system, however, when given in the wrong hands results may be deadly. People nowadays use these smart-phones, smart-watch, smart-tv...etc which all...

These are the 6 layers in the Security Architecture Physical (Hardware) Operation (System) Network  Host Application (Software) Data (Bits of Information) "Nothing is really secured. Security simply means setting up a defense against the 'most probable' attack. Since there are of infinite ways to penetrate all kinds of security" - Justin Pineda