Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

8 Cyber Security lessons which we should learn from 2015!

2015 is no more now but it leaves a lot of lessons for everyone. These lessons are related to every field of technology and daily life. But here we will talk about the lessons which we should learn about cyber security. In 2015 a lot of vulnerabilities had been found by researchers and a lot had been fixed by the products and application’s owners. We will discuss about some topics which could be useful in this year for all the cyber security geeks.

1.Trust Apple but not blindly: - As a tradition all the researchers believe that apple is more secure platform for users than Android but in 2015 there were a lot of security problems which apple had face. XCodeGhost Trojan was the biggest problem which apple had face in their official app store. Many researchers gave different proof of concepts due to this Trojan and all these flaws were creating troubles for users in a different way. In the latest report of CVE Details apple’s Mac OS X is on top for having highest number of vulnerabilities in 2015.

2.Pay in cash for room booking :- In 2015, there were a number of small and big hacking attacks which were related to hospitality sector. Hyatt Hotels database hack is the biggest example of it. Mandarin Oriental, Hilton Worldwide, Starwood Hotels and Resorts are some other examples. All the credit cards information of users had been stolen by the hackers.

3.Be Health Conscious and Don’t  get sick:-  According to Trend Micro, in the healthcare industry there was not any serious data breach case from past 10 years. But in 2015, there were a number of cases. Protected Health Information (PHI) of millions of users was disclosed by hackers in 2015. For example 10 million PHI records were exposed by Excellus BCBS (Blue Cross Blue Shield), 11 million PHI records were exposed by Premera BCBS, 11 million by Carefirst BCBS and 80 million from Anthem Healthcare. So be careful about everything.

4. Be careful about your car:- Two Security researchers Charlie Miller and Chris Valasek gave a statement saying that 2015 was the year of car hacking. A number of cases related to car hacking had been faced by people. For a Demonstration both the researchers did a practical by remotely hack a Jeep Cherokee and they bring it to screeching stop. The cruisers of Virginia State police were also compromised. In another case the brakes of cars were killed by sending SMS messages to insurance dongles.

5. Security is a major issue in Government Jobs too:-  21.5 million people’s  SSN (Social Security Numbers), family, health, residency and employment history and financial history were exposed in a Data breach of  U.S. Office of Personnel Management. Finger prints of personnel’s were also included in it.

6. Be careful if you are keeping backups:- In 2015, the problem of Ransomware was everywhere. Use of ransomware was growing in 2015, researchers said. The malwares and Trojans were becoming more sophisticated and some of the malwares were not even understandable for the experts. A number of companies were facing this problem and security agencies were helpless for them in some cases. Even police departments of several countries had been passed through ransomware.

7. Manage your Privileges in a Better way:- 2015 teaches us that there is need to manage the privileges in a better way. The passwords and authentications for the online accounts should be well managed. Credentials should be strongly monitored. Organisations need to beware about the employee’s which were the member of their organisation.

8. Be Friendly with Federal Trade Commission:-The U.S. FTC (Federal Trade Commission) could move forward with its lawsuit that  alleged Wyndam Worldwide hotel chain should be held responsible for leaving its customer data unprotected, ruled by the Third U.S. Circuit Court of Appeals. It effectively gives the  power to FTC to regulate the security practices of all businesses.

Source: darkreading.com

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.