Posts

Cyber Threat Intelligence

Introduction

For cybersecurity measures to remain effective by the people who use make to protect systems and networks requires knowledge and awareness of threats and attacks potential or current. This is where cyber threat intelligence defined as theorganisation, analysis and refinement of  information about potential or current attacks that threaten an organisation comes into play. This post aims to serve as an introduction and brief overview of cyber threat intelligence. 

The primary purpose of threat intelligence is helping organisations understand the risks of the most common and severe external threats, such as zero-day threats, advanced persistent threats (APTs) and exploits. Although threat actors also include internal (or insider) and partner threats, the emphasis is on the types that are most likely to affect a particular organisation's environment. Threat intelligence reports often include in-depth information about specific threats in different business or service areas…

Data Dignity

What it Means and Why it Matters
Data dignity can be defined as a person's right to have their data and information to be treated ethically and for the individual to have choice and control over how their data is used. From a cybersecurity perspective, this matters because while data dignity is more of an ethics issue the practical elements of ensuring data dignity fall partly under cybersecurity especially when it comes to data protection and privacy controls. 

Application of Data Dignity
At the moment users might feel empowered but at the same time, they don’t. Distrust is high. And if the technology companies believe that consumers really like to share their data because they think it will make everything better and they “love” them, think again: many have simply given up when it boils down to their data, let alone, their privacy. They feel powerless, not empowered because they know they really don’t know what happens with their data and can’t control it.
It’s the trade-off fallacy…

Online Sextortion and Malware

Introduction
I have written about online sextortion so I will not be going into explanations about it. What this post aim is to highlight an upcoming trend and what may be a future wave of online sextortion attacks. This links to spam emails by aiming to take advantage of human behaviour to extort money usually some form of cryptocurrency from a victim. These are derived from social engineering and phishing attacks. But now Sextortion, Malware and Spam are being used together. Unhappily for a French ISP's users, online crooks combined all three in a hideous attempt to extort cash with custom malware that records their on-screen doings, according to infosec researchers.
In a curious evolution of online attempts to scam people, the Varenyky malware being tracked by Slovakian anti-malware company ESET briefly included a screen-recording feature that scanned for particular pornography-related terms before recording what was on screen.
ESET's described how the malware "was able t…

Personal Interest - Mummification in Bronze Age Britain

Introduction

Whenever mummies are mentioned, our imaginations stray to the dusty tombs and gilded relics of ancient Egyptian burial sites. With their eerily lifelike repose, the preserved bodies of ancient Pharaohs like  Hatshepsut and Tutankhamen  stir our imaginations and stoke our interest in people and cultures which have long since passed away.  But the Ancient Egyptians weren’t the only ones to mummify their dead. As it happens, mummies dating back to the Bronze Age – between 4,200 and 2,700 years ago – have also been discovered in Britain. But until recently, we knew very little about how mummification was practised by ancient British societies, or to what extent.  Mummification may have been more common in Bronze Age Britain than previously believed, and the ancient Britons may have purposefully mummified their dead with unknown funerary rituals—but reasons why and the exact practises carried out still eludes archaeologists.
Practises

This evidence says to researchers the ancient B…

Potential Trends and Threats in Cybersecurity For 2020

Introduction

Most  of the elements listed here are continuations and evolutions of previous threats and patterns of attack that the cybersecurity industry faced previously. For 2020 there are the "Known" the trends and threats. The Known-Unknown things that are expected in 2020 but have will unknown effects and repercussions. Finally, the Unknown-Unknown things which we cannot talk about or prepare for because they will come about out of the blue. Though we can speculate that some new type of malware  or DDOS attack may come about or even an attack using quantum computing may appear. The trends and threats are listed in particular order.

Trends and Threats
5G & the IoT - 5G will make the IoT a reality. This interconnected network of internet-enabled devices already exists. However, its potential is limited by the slow speeds of 4G wireless. The ultra-fast 5G network will allow these devices to transfer exponentially more information with download speeds of up to 10Gbps. T…

Open Data and Closed Data

Introduction

In our always connected environment, there are considerations that organisations have to make when determining whether certain data should be open or closed access, especially if they have the potential to benefit society as a whole. Decisions that are made can affect how they implement data protection and privacy regulations along with cybersecurity policies. 

Definitions

Open Data: The Open Data Institute (ODI) provides the following definition: “open data is data that anyone can access, use or share.” “Anyone” refers to literally anyone, including commercial users. So Open Data can be accessed, used, remixed and shared again with no restrictions at all. Open Data – Data that meets the following criteria:
Accessible (ideally via the internet) at no more than the cost of reproduction, without limitations based on user identity or intent;In a digital, machine-readable format for interoperation with other data; andFree of restriction on use or redistribution in its licensing c…

Trustworthiness in the Information Age

Introduction

In our Information Age where the vast majority of systems and devices are now able to connect to the internet and communicate with each other the trustworthiness of how we communicate, the devices we use and the networks they run becomes critical. But there is a slight problem it is difficult to prove trustworthiness but also maintain it and to have confidence in we operate in this environment this is a problem worth discussing. 

Definition of  Trustworthiness: At it is most simple is the Quality of being authentic and reliable. In cybersecurity, the Industrial Internet Consortium(IIC) defines trustworthiness as the degree of confidence one has that a system performs as expected.

In our daily lives, trustworthiness inks to the problem of fake news and/or disinformation campaigns which stem from social media and can when comes to services and systems if can be used to harm the reputation of services and companies. This is due to the weaponisation of context in order to sprea…