Category Archive Information Security

ByJayanthi

Asset

The Blogchatter A to Z has kicked off and I start off my set of posts primarily around the theme of technical and personal posts. My latest fascination has been ‘Blockchain’ and I am striving to do my technical posts around my latest interest. 

‘Blockchain’ is the common shared digital ledger that every participant in the business sees. In the Blockchain world, any thing that has value is  called as an ‘Asset’. Assets are sold and bought and these are recorded on the Blockchain ledger. Asset is the key aspect of Blockchain. 

Assets are further classified into tangible assets and intangible assets. Tangible assets are those that can be seen and visualized. Examples of tangible assets are car, motorcycle, house.

Intangible assets are those that are abstract and cannot be seen but they play an equally vital part in the blockchain  cosmos. Examples of intangible assets are mortgage, patent, trademark. 

Cash is yet another form of ‘asset’ but it is completely anonymous. We cannot track its movements. We don’t know who we received it from and where it will go next. 

We discussed ‘Asset’ in the Blockchain world. Drop by tomorrow as I continue my ‘Blockchain’ journey…

ByJayanthi

Blockchain trainings!

Technology is a fickle thing. The requirements change at the speed of light!(not exactly – but fast enough! :))  No sooner do we think that “Java” is the most required skill in the technology space, in comes,  “Data analytics”, “Security” and “PMP”!!

Now it is artificial intelligence(AI), machine learning and the Blockchain wave that is sweeping the technology landscape and we hear that there will(or there already is) a shortage of professionals in these areas.  This results in organizations and professionals scampering to reskill in these areas and looking for appropriate trainings. This post will list the popular Blockchain trainings around Bangalore, India and around the world.

Deal from GoDaddy!

  1. Edureka:

  Edureka’s ‘Blockchain certification course‘ is a live, instructor led course. This course provides “an overview of the structure and mechanism of Bitcoin, Ethereum, Hyperledger and Multichain Blockchain platforms”( Source: https://www.edureka.co/blockchain-training) In addition, this course teaches you to create your blockchain and render smart contracts on Ethereum.

2. Simplilearn

     Simplilearn offers ‘Blockchain basics‘ course and ‘Blockchain certification course’. Both the courses are online and self-paced. A few points regarding the Blockchain certification course. It helps the learner develop “a strong understanding of Blockchain technology and understand what Bitcoin is and how it works” (Source: https://www.simplilearn.com/blockchain-certification-training)

3. Coursera: IBM Blockchain Foundation for developers

In this course, IBM Blockchain experts guide one to understand the basics of Blockchain technology. It also helps one to build a simple blockchain solution. In addition, there are several tests, quizzes to asses the knowledge of the student.

4. Udemy: 

Udemy has mutiple courses on Blockchain. They can be found at this link

This post just listed a few of the sites that offer Blockchain training. For more information on each of these trainings, click the links given.

Join me as I begin my A to Z BlogChatter Challenge from April 1st!

ByJayanthi

2018 Cybersecurity Trends

We are already far into the New year and with it are coming new developments in cybersecurity. 2017 was an exciting year for the cybersecurity industry, and as its growth is bound to continue into 2018, there are plenty of things you need to watch out for. Here, we are going to go over the major ones.

  1. AI Attacks

Artificial intelligence has now entered the mainstream and there is an abundance of free and commercial AI solutions. It was only a matter of time until cybercriminals dived on to the AI trend.

Well, now, they have. AI software can learn from past events in order to help predict and identify cybersecurity threats. AI is used by almost 87% of the US based cybersecurity professionals. However, it is a double-edged sword because hackers can easily use AI to launch sophisticated cyber attacks.

It can, for example, be used to automate the collection of certain information which can be sourced from public domain support forums, code anks and social media platforms.

  1. Ransomware and IoT

The Internet of Things ransomware is not making headlines yet, because IoT typically does not store valuable data. But we should still not underestimate the potential for IoT ransomware to damage devices. For example, critical systems relying on IoT, such as power grids, can fall victim to cybercriminals.

If a cybercriminal was to gain hold of a grid and the ransom was not paid, they could shut down the grid. Other IoT risks include smart cars, smart home appliances and production lines.

  1. Multi-factor Authentication

63% of data breaches involve leveraging weak, stolen or default passwords. This is because many organizations are still using a single-factor authentication, which only relies on the use of a password.

Companies tend to shy away from implementing multi-factor authentication because they think it can damage the user experience. But there is a growing awareness of password theft and, as such, it is likely that we will see a number of companies and websites implementing multi factor authentication as standard.

  1. Adoption of Advanced Cybersecurity Tech

There are many new cybersecurity technologies emerging which we will probably see a wider adoption of in 2018. For example, the use of remote browsers can be useful to isolate your userโ€™s browsing session from the main network.

Speaking of networks, deploying an encrypted VPN can be much more efficient deterrent than a single firewall and antivirus, keeping malware and sniffing well out of striking distance.

Also, dispersion technologies which imitate a companyโ€™s most valuable assets act as a honeypot trap for attackers trying to steal the data.

Plus, there will be developments in the use of technologies which can detect and respond to strange behaviour. Endpoint Detection Response systems can monitor endpoints and alert system security admins of suspicious behaviour. Also, network traffic analysis can be used to determine the type, size and origin of data packets, helping to prevent DDoS attacks which can bring down entire networks.

Cybersecurity is a serious industry and is worth over $120 billion. We will only see it grow in the years to come. If you want to learn more about cybercrime and cybersecurity, check out our infographic below.

-By Guest writer

Cyber crimes Infographic 2018

ByBala Manikandan

Overloading and Overriding Methods in Java

Two terms commonly associated with methods in Java are overloading and overriding. These two concepts will be discussed in the following sections.

Method Overloading

Method overloading is the process of defining more than one method having the same name in the same class (or in the same inheritance tree).

Rules to define overloaded methods:

  • The methods must have the same name.
  • The methods must have different argument lists.
  • They may have same or different return types.
  • Their access levels may be same or different.

The correct method to be executed by the system is decided by the Java compiler at compile time, and this is called static polymorphism. The following example demonstrates method overloading:

public class Test {

       public static int add(int a, int b){    //adds 2 numbers

        return a + b;

    }

       public static String add(String a, String b){  //concatenates 2 Strings with a space in between

        return a + ” ” + b;

    }

       public static void main(String[] args){

           System.out.println(“4 + 5 = ” + add(4, 5));

        //calls 1st method

           System.out.println(“Method + Overloading = ” + add(“Method”, “Overloading”));

        //calls 2nd method

    }

   }

The output of the above program is:

4 + 5 = 9

Method + Overloading = Method Overloading

Method Overriding

Method overriding means giving a new definition to an existing method in a class, in one of its subclasses. This is done to redefine the behaviour of objects of the subclass.

Rules to override a method:

  • The overriding method should be present in the subclass of the class in which the overridden method is present.
  • The overriding and overridden methods should have the same name and argument list.
  • The two methods should have the same return type. Or the return type of the overriding method should be a subclass of that of the overridden method.
  • The access modifier of the overriding method must be either the same as or less restrictive than that of the overridden method.

The method to be executed is decided at runtime (not at compile time), and this is called dynamic polymorphism. The following example demonstrates method overriding:

class A {

    public void display(){

        System.out.println(“Executing from class A”);

    }

}

class B extends A {

    public void display(){               //override the method display()

        System.out.println(“Executing from class B”);

   

    }

}

public class Test1 {

    public static void main(String[] args) {

        A objA = new A();

        A objB = new B();              //an A reference, but a B object

        objA.display();

        objB.display();

   

    }

 

}

The above code prints:

Executing from class A

Executing from class B

We have seen the core concepts of ‘Overloading and Overriding’ in Java in this post… Join me as I uncover more Java concepts in subsequent posts…

ByJayanthi

Use cases of Blockchain

Even as the concept of ‘Blockchain’ is bouncing off everyone’s radar and everyone is keen to know more about this trending topic – let us see more about this new and emerging technology. 

Introduction:

‘Blockchain’ is popularly associated with ‘Bitcoin’ cryptocurrency. The Blockchain system shot into prominence and more industry experts took notice of it only after Bitcoin’s surge and ultimately its downfall!

‘Blockchain’ as you might recollect from my earlier post is the shared ledger system. Each transaction is recorded and added to the shared ledger after being approved by the ‘miners’.  The beauty of ‘Blockchain’ is that each miner or node has a copy of the transaction. None of the transactions can be modified or deleted.It allows total transparency of the system with no central authority and promises complete anonymity and security.

Read More

ByJayanthi

What is Information security?

After having dealt with a huge number of posts on Information security, I thought I will answer one of the fundamental questions about Information security in this post – “What is Information security?” ๐Ÿ™‚

Definition:

Information security or “InfoSec” is that discipline of study that broadly seeks to counter and prevent cyber attacks. It also seeks to keep data/information safe by employing different techniques and strategies.

Read More

ByJayanthi

Social engineering

Introduction:

” 22 bank accounts hacked, โ‚น5.3 lakh stolen in 48 hours” scream the headlines in a local newspaper on 28th January, 2018 morning.(Source: http://www.thehindu.com/news/cities/bangalore/22-bank-accounts-hacked-53-lakh-stolen-in-48-hours/article22538891.ece)

How did it happen? Two customers were duped of nearly 20,000 Rs and 50,000 Rs by a two conmen(or was it one?) who called the customers in the guise of “bank agents”. They were  asked for their bank details and OTP(one time password) The customers readily obliged since the call was from their “bank”. In a short time, they noticed, that their money was fraudulently withdrawn. 

This is the social engineering technique used by hackers and fraudsters.Let us see this in greater detail.

Read More

ByJayanthi

Security policies

‘Security policies’ are yet another aspect of Information security that is all around us – but we are hardly aware of it. We will see the meaning of security policy, the reasons for having security policies and some examples of security policies in this post.

A security policy in a nut shell is a document that lays out in detail how an organization is planning to safeguard its business and technological assets.

Read More

ByJayanthi

Biometrics

‘Biometrics’ is gaining more recognition in today’s world – thanks be to popular organizations embracing it. What is ‘Biometrics’ and what are the different types of biometrics? Read on to find out:

Biometrics – Definition:

Biometrics is uniquely used to identify a person by making use of the distinct characteristics of a person. According to the Michigan State University Biometrics research group, โ€œThe field of biometrics examines the unique physical or behavioral traits that can be used to determine a personโ€™s identityโ€.  These unique traits can be fingerprints, palm scan, hand geometry, retina scan, iris scan, keyboard scan to name a few of them.

Read More

ByJayanthi

Security trends for 2018!

With the New Year upon us, it is but natural to write about my thoughts on the security trends that might shape 2018! ๐Ÿ™‚ So, here goes:

  1. Overall, security trends will closely follow technical trends for a particular year. If AI(Artificial intelligence) , ‘Data analytics’ and IoT(Internet of things) are said to be game changers in the technical industry for 2018 – Infosec trends will definitely exploit the security issues with the mentioned concepts. 
  2. ‘Expect the unexpected’

This might be life’s greatest quote but it holds good for the Infosec industry as well. Equifax, eBay, Uber, University of  Oklahoma, Washington State University were all victims of data breaches of 2017.

These data breaches compromised personal data and 2018 will be yet another year, which steals more personal data. More organizations will lose their precious data or the data will be at the mercy of yet another ingenious way to grab it!

3. ‘Bitcoin’ and other cryptocurrencies:

Will ‘Bitcoin’ hold its sway and continue its meteoric rise? From a humble value of 1000$(for 1 Bitcoin) in the beginning of 2017 to a massive rise of 15,000$(for 1 Bitcoin) by the end of 2017, Bitcoin sure did raise a few eyebrows.  It is quite a possibility that the rise will continue and ‘Bitcoin’ and other cryptocurrencies will be a game changer in the Infosec industry in 2018.

4. Ransomware, fileless malware… what next?

Viruses,phishing emails,Trojan horse were already on the prowl than, that new attacks came to the fore in 2017. We heard new security jargon like ‘ransomware’ and ‘fileless malware’ in 2017 and were scrambling to read all about it , understand it and see if were affected by it in any way. 

2018 will continue to see newer types of attacks and newer security lingo thrown around as hackers get smarter. The more a technology or product is used – the higher the possibility it will be exploited in a novel manner for personal gains. 

5. Data privacy 

Data privacy continues to be a lost issue with every new device monitoring our conversation, location, likes, dislikes. There is a huge electronic virtual  dictionary being built on us with the digital footprint that we are constantly leaving. This will continue into 2018 and beyond!

These are the five points that I think might shake the InfoSec world in 2018!