View Post

Yet More Theft of Information Assets

In Cybersecurity by Ian0 Comments

This entry is part 2 of 2 in the series Digital Forensics

It doesn’t seem that long ago that I received an official letter in the mail from the United States Office of Personnel Management (OPM) detailing that sensitive information about me had been compromised. I had been following the news and knew about the breach, so the letter didn’t come as a huge shock. It did make me think about the …

Share
View Post

Important Cybercrime Laws

In Cybersecurity by Ian0 Comments

This entry is part 1 of 2 in the series Digital Forensics

There are a number of cybercrime laws that are extremely important in the field of digital forensics and cybersecurity as a whole. Two of the most important laws include the Computer Fraud and Abuse Act (CFAA) of 1984 and the Electronic Communications Privacy Act (ECPA) of 1986. The original intent of CFAA was to address computer related crimes and more …

Share
View Post

DNS Rebinding and Intrusion Detection with Contextual Signatures

In Cybersecurity by Ian0 Comments

This entry is part 10 of 10 in the series Intrusion Detection

This article summarizes and analyzes discussion from two different articles on the subjects of DNS Rebinding and the use of contextual signatures with Intrusion Detection Systems. DNS Rebinding is type of attack that was first documented in the mid 1990s. Since then it has become more prevalent through vulnerabilities inherent the way information is transmitted to and from a typical web …

Share
View Post

Mitigating DoS or Distributed DoS (DDoS) attacks

In Cybersecurity by Ian0 Comments

This entry is part 9 of 10 in the series Intrusion Detection

Denial of Service (Dos) and Distributed Denial of Service (DDoS) attacks have continued to prove to be one of the most challenging threats in modern times. While DoS has been around for some time, the methods used and practices of distributed botnets and automated scripts have continued to grow in sophistication. This paper survey’s three peer reviewed papers in the …

Share
View Post

Common Bluetooth Vulnerabilities to be Aware of

In Cybersecurity by Ian0 Comments

This entry is part 8 of 10 in the series Intrusion Detection

Bluetooth connectivity has grown immensely in popularity with mobile devices in the last number of years. The convenience factor of being able to have a hands-free experience with a mobile phone while driving or out and about has fueled this growth. Unfortunately, like all conveniences there are typically downsides. In the case of Bluetooth, there have been a number of …

Share
View Post

Mobile Considerations in Network Security Architecture

In Cybersecurity by Ian0 Comments

This entry is part 7 of 10 in the series Intrusion Detection

The use of mobile devices including policies and employee restrictions should be considered in any modern network security architecture. Mobile devices are used commonly both at home and at work with some organizations managing BYOD (Bring your Own Device) policies. It is therefore important to consider the implications of this and to ensure any BYOD device is properly locked down, …

Share
View Post

What are Covert Channels?

In Cybersecurity by Ian0 Comments

This entry is part 6 of 10 in the series Intrusion Detection

A covert storage channel occurs when illegitimate hidden information or data is sent secretly via a legitimate communication channel. The process occurs through the manipulation of communications medium in an unconventional way in order to transmit data that is unseen in everyday operations. Thyer (2008). An example of a covert storage channel involves the hiding of data in ICMP error …

Share
View Post

Modern Application Frameworks, Legacy Browsers and Security Implications

In Cybersecurity, Web Development by Ian0 Comments

This entry is part 5 of 10 in the series Intrusion Detection

I was recently sent an article titled ‘How it feels to learn JavaScript in 2016’. Aguinaga, J. (2016).  It is a somewhat amusing take on the current state of JavaScript frameworks and libraries available to web developers and how this environment is changing so quickly. All quirks aside, modern application frameworks provide us with much interactivity and web functionality we …

Share
View Post

Two Common Router Security Threats

In Cybersecurity by Ian0 Comments

This entry is part 4 of 10 in the series Intrusion Detection

Syn Flood or Denial of Service Attack Syn Flood attacks, often referred to as Denial of Service Attacks are caused through exploitation of the TCP protocol. The attacker sends a large number of TCP/SYN packets using a forged address. Because of this, the destination server is unable to successfully establish a proper connection due to the source being unreachable. Lawrence …

Share
View Post

What are Rogue Access Points?

In Cybersecurity by Ian0 Comments

This entry is part 3 of 10 in the series Intrusion Detection

WiFi is commonly used both within organizations and in the general public. In recent years attackers have discovered ways to lure victims by using rogue access points. These are essentially wireless access points that have been installed in a network without authorization. In some cases these may have been installed by employees of an organization for convenience reasons, however this …

Share