iSA_LOGO_FINAL-new-3 (1)

Category: Uncategorized

Categories
Uncategorized

Two Discreet Ways to Explore The Deep Web

Anonymous hacker in front of his computer with red light wall backgroundAnonymous hacker in a black hoody with laptop in front of a code background with binary streams cyber security concept

Add Your Heading Text Here

Share it:

Unfortunately, search engines such as google and other similar ones can’t refer to web pages such as user databases, registration-required web forums, webmail pages, and pages behind paywalls. However, there are other ways of accessing these resources. In this article, we will show how to access resources residing on the dark web and deep net using specific deep web search engines.

The ‘Deep Web’ refers to all web pages that  search engines such as google, bing and others can’t find whilst the ‘Dark Net’  is where you can operate without been tracked. 

 notEvil:

This deep web search engine works like Google. It connects Internet users to content hosted inside the Tor network. However if you want to access content outside the Tor network, you need to download the Tor Browser Bundle and access this content over Tor.

parazite:
 ParaZite is another type of deep web search engine. Apart from its flexible search features, it also allows users to access other external deep web sites. It is advisable to use firewall and VPN before accessing Parazite.
 
 
 
#ISA_ltd
#ISA_informs
 
Latest Post
Categories
Categories
Uncategorized

Memcached flaw can Overflow Networks with 260 Gbps Traffic

Add Your Heading Text Here

Share it:

The following facts describes devastating effect of Memcached flaw:

  • A vulnerability in memcached allows attackers to amplify traffic up to 51,200 times for use in denial of service attacks.
  • Only 5,729 of the 88,00 known unprotected servers have been used in memcached attacks thus far, and security experts expect an imminent increase in such attacks.    Source : TechRepublic 

Memcached is a general-purpose distributed memory caching system. One of its primary goals is to speed up dynamic web applications by alleviating database load.  This is accomplished by storing frequently accessed content in RAM, which reduces the number of database queries needed to generate a web page.  Memcached server runs over TCP or UDP port 11211.

Cybercriminals have discovered a way to abuse  memcached servers to launch over 51,000 times powerful DDoS attacks beyond their original strength. This action could result in knocking down of major websites and Internet infrastructure.

Memcrashed amplification attack  works by sending a false request to the targeted server (vulnerable UDP server) on port 11211 using a spoofed IP address that matches the victim’s IP.

How to Resolve Vulnerable Memcached Servers:

  • Block or implement rate-limiting UDP on source port 11211.
  • Disable UDP support if not in use.

#ISA_informs

#ISA_ltd 

Latest Post
Categories
Categories
Uncategorized

FIVE SKILLS ISVM WILL TEACH YOU NEXT MONTH

Add Your Heading Text Here

Share it:

ISVM or Information Systems Vulnerability Management is a hands-on training for system administrators, security engineers, CTO’s , CISO and individuals interested in managing systems vulnerability (or vulnerability related to systems) .

Since its inception , more than 250 technical consultants have learnt modern ways of resolving and managing systems vulnerabilities.

However this year, potential applicants for ISVM are likely to benefit from modern ways of managing systems vulnerability. Our trainers are eagerly ready to reveal new secrets of black hats to you and how to resolve them.

Below are five skills  ISVM will teach you if only you make the effort to register!

  • How to Identify Hash Type:

It is not quite easy to identify hash codes if you don’t know how to.  DES, Domain Cached Credentials, MD5(Unix), RAdmin v2.x, and MySQL5 are examples of hash codes.

ISVM will teach applicants how to identify hash codes in a simpler way. Knowing the type of hash codes you are dealing with helps you to know which technique to use when cracking hashed password.

  •    Patch Roll-out:

Patch roll-out is implemented when researchers discover vulnerabilities. However when patch-roll out is not done in the right way, it affects interrupts meaningful work.

ISVM will teach you specific procedures and policies to follow.

  •    Responding to new threats:

How do you respond to new threats or zero-day attacks? If you don’t know, hurry up and book for a seat. ISVM will teach you proactive approach to zero – day attacks in addition to how you can choose to implement SANS or NIST policies with regards to incident response.

  •      Developing A Backout Plan:

At ISVM you will understand why it is necessary to have a backout plan. Truth be told, almost every organisation has a backout plan. Yet when there is an emergency, IT officers struggle to bring up or ensure Infrastructure is up and working .

ISVM trainers will teach and recommend tried and tested ways of developing a good backout plan.

  •   Practical Hands-on with Metasploit:

This is one particular skill every security engineer must try harder to learn. Metasploit is the new trend in town. A security engineer who knows how to use metasploit effectively is likely to become a valuable security engineer.

We hope to see you soon!

#ISA_informs

#ISA_ltd 

Latest Post
Categories
Categories
Uncategorized

It’s Time to Up Your Game: Infosec Ops!!!

Add Your Heading Text Here

Share it:

The threats won’t reduce; security researchers and attackers won’t rest.

Learn the real skills that empower you to leverage on information security tools. Your information infrastructure is as secured as the skill of the attacker, so up your game.

Join us, contact Information Security Architects Ltd business@isa.com.gh | +233245640029 | +233208141250 Weekend Bootcamps Available | 12Hours of quality content! #SecurityStateOfMind #UpYourGame #ISVM #isaghana #Infosec #KnowledgeTransfer #2018 

Latest Post
Categories
Categories
Uncategorized

Why You Should Choose ISA As Your Cybersecurity Provider!

Add Your Heading Text Here

Share it:

The cybersecurity landscape is becoming a crowded place because of cybercriminals employing complex methods to penetrate into networks. On the other hand, many cybersecurity providers/firms are being established to provide solutions to modern day cyber-attacks. Despite all these cybersecurity firms claiming to be competent, cyber-attacks keep increasing.

As a growing enterprise in the corporate world, how do you ensure that your cybersecurity provider is incompetent or it is capable of delivering a world-class penetration testing? Most companies prefer to have a cybersecurity provider with good technical support, top-notch performance and other good attributes.

The following reveals five solid reasons why you should choose Information Security Architects as your cybersecurity partner:

  • Top Technical Support:

Few cybersecurity providers place 100% emphasis on technical support for their clients; and ISA is part of these few ones. You can not avoid technical issues. Technical issues occur almost everyday. Without good technical support team, your business won’t operate the way you want it.

ISA provides top-notch technical support in specific areas such as database encryption failure, complex networking problem and so on.

  •     Detailed Researching:

When choosing your cybersecurity partner, it is advisable to opt for providers with experienced researchers. Without good researchers, your cybersecurity provider or partner can’t educate you on current vulnerabilities. When you know how your enemy operates,  you are not troubled at all.

At ISA, our cybersecurity researchers often dives into malware affecting mobile and web, research on the latest techniques attackers use to penetrate network and so on. Without all these information, your organization is at risk.

Do you prefer to have cybersecurity provider with fancy technologies rather than researchers having the desire to do just a little bit more?

  •        Practical Training:

Finally, many cybersecurity providers offer  training deemed as ”practical”. Yet one registers and later finds out that the entire training is theoretical.

At ISA, we offer practical training such as ISVM to Cybersecurity Practitioners, Chief Information Officers, CTO’s, System Administrators, or Individuals eager to get their hands dirty in order to learn how manage vulnerabilities on systems.

Knowing how hackers penetrate into your network and learning the skills to fix and manage vulnerabilities is crucial for every organisation.

Hence, I urge every organisation interested in securing data from intruders as well as protecting their infrastructure or network from damage to choose ISA as partners or providers.

#ISA_informs

#ISA_ltd 

Latest Post
Categories
Categories
Uncategorized

Porn on the move: In 2017, over 25% of users hit by mobile malware faced porn-themed attacks

Add Your Heading Text Here

Share it:

Wednesday, 31st January 2018

        In 2017, 25.4% of mobile users who encountered malware – over 1.2 million people – were attacked by malicious programs that used adult content to lure them into installing malware on their devices.

This is one of the findings of Kaspersky Lab’s recent overview, ‘Cyberthreats facing users of adult websites and apps’.

Sex sells, as they say in advertising. However, in cyberspace it serves not only as a method for securing sales, but also as a tool for malicious activity. This became obvious when Kaspersky Lab experts took a look at how cybercriminals are using adult content in their activities.

It turns out that the most active use of porn topics is in the mobile threat landscape. During the course of the research, Kaspersky Lab specialists identified 23 families of malware that use porn content to hide their real functionality.

The research showed that when downloading an unknown porn application, users are at greatest risk of being infected with so-called clickers. Upon infection, this malware starts to click through ad-links or try to subscribe the user to a WAP-subscription in order to drain their pre-paid mobile credit.

Banking Trojans disguised as porn video players are the second most widespread type of porn-powered malware. This is followed by rooting malware and ransomware.

The latter often comes in the form of legitimate applications for known porn websites. In many cases, porn ransomware utilises scareware tactics: it locks the device screen and shows a message stating that illegal content (usually child porn) has been detected on the device, and the device has therefore been locked.

In order to unlock the device, the victim has to pay a ransom. This message usually comes with screenshots from actual child porn videos.

Although we can’t say that porn-themed mobile applications are technically very different to those that do not use porn in their activities, there are a few specifics when it comes to attacks with porn-powered malicious applications.

A victim who has been compromised with an adult content-enabled malicious program might think twice before reporting the incident, simply because the very fact that they were trying to find porn content is viewed critically.

Therefore, from the attacker’s perspective, such a person is a much more convenient victim. This is one of the reasons why we see so many attacks with porn malware.

          The other one is much simpler: people are consuming ever more content via mobile. This includes adult content as well,” said Roman Unuchek, security expert at Kaspersky Lab.

To prevent any malware or cyber fraud-related troubles when it comes to adult content we strongly advise users to follow these recommendations:

  1. Use only trusted web sites when it comes to adult content. Cybercriminals often set up fake porn sites for the single purpose of infecting victims with malware.

  2. Do not install Android applications from unknown sources, even if they promise you access to the content you were looking for. Instead, use official applications from official sources, like Google Play.

  3. Avoid purchasing hacked accounts to porn websites. This is illegal and such accounts may be blocked by the time you purchase it.

  4. Use reliable internet security solution capable of protecting all your devices from any kind of cyberthreats.

Learn more about threats that users of adult content websites and applications face in the full overview here.

About Kaspersky Lab

Kaspersky Lab is a global cybersecurity company celebrating operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.

The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them.

Learn more at www.kaspersky.co.za.

For further information please contact:

Princess Tsambo| Orange Ink|

Cell: +27 76 544 6703 Tel: +27 11 465 4075; +27 11 465 4030

princess@orangeink.co.za

Latest Post
Categories
Categories
Uncategorized

Safely Migrating to Cloud-Based Email: New Kaspersky Security for Microsoft Office 365 Enhances Protection in Exchange Online

Creative email network and digital cloud interface. Cloud computing and networking concept. 3D Rendering

Add Your Heading Text Here

Share it:

Thursday, 1st February 2018:   

         Small and medium-sized businesses are still on a cloud adoption journey and for the majority of them, embracing a cloud-based email service is the first checkpoint along the way.

Indeed, it tops the most used cloud-based business applications worldwide, according to the latest report from Kaspersky Lab. Now, a new Security-as-a-Service offering from Kaspersky Lab is bringing Next Generation detection technologies, powered by machine learning and real-time cloud-based threat intelligence to cloud-based email systems, providing enhanced protection for Exchange Online in Microsoft Office 365.

                                    Email is still in the crosshairs of cybercriminals

Sending and receiving emails is a part of every business’s daily routine, so it is no wonder that cybercriminals are still committed to finding new ways of exploiting this for their own malicious purposes. 

According to the recent quarterly spam report from Kaspersky Lab, there has been a steady growth and increasing levels of deviousness used in phishing and spam campaigns.

For SMBs in particular, this means that IT administrators are having to spend more of their time deleting irrelevant emails and recovering mistakenly-deleted messages, instead of working on business-critical IT tasks. 

Moreover, irrelevant emails are not only a challenge for IT resource efficiency and employee productivity. They become a real threat to a business when it comes to the phishing of staff credentials or the spreading of malware in email attachments. In 28% of targeted attacks that happened this year, the use of phishing/social engineering was a major contributing factor. 

Essential protection for email: on-premises and in the cloud: 

  To address these security challenges and help small and medium-sized businesses protect their on-premises email systems, Kaspersky Lab offers protection for mail servers and mail gateways as targeted solutions.

This year, we are expanding our SMB portfolio by adding a new product — Kaspersky Security for Microsoft Office 365 — to extend protection to the cloud-based mail service Exchange Online inside the Microsoft Office 365 suite.

Working in conjunction with Microsoft’s built-in protection, the combined security solution provides users of Microsoft Office 365 with enhanced protection from ransomware, malicious attachments, spam, phishing (including Business E-mail Compromise – BEC) and unknown threats. 

he range of Next Generation security technologies enabled in the product includes a neural network-based anti-phishing engine, machine learning-based detection, sandboxing, attachment filtering and Kaspersky Lab’s global threat intelligence network — all powered by Kaspersky Lab’s HuMachine which combines human expertise with big data threat intelligence and machine learning to defend against every type of threat a business may face. 

Native integration in the cloud and ease of management: 

     Like Microsoft O­ffice 365, Kaspersky Lab’s product is hosted in the cloud, which offers convenient and flexible cloud-based management for both email and security. 

  Kaspersky Security for Microsoft Office 365 provides small and medium-sized businesses with many benefits, such as easy configuration and native integration with Exchange Online, a dashboard showing statistics on threats and detections at-a-glance, and the ability to backup and recover deleted emails. 

Along with Kaspersky Endpoint Security Cloud, the new product is managed from a single cloud-based administration console. MSPs/MSSPs and outsourced IT administrators will benefit from its multi-tenancy, which allows protection for different organizations to be simply managed. 

It can also support multiple accounts for different administrators, providing increased flexibility and ease of use.  

Vladimir Zapolyansky, Head of SMB Business at Kaspersky Lab, comments: “With millions of emails sent on a daily basis, it might take just one – with a malicious attachment such as ransomware or a phishing link — to damage or even destroy a business. 

”With the release of this new product, we are excited to provide our customers who are migrating to the cloud-based Microsoft Exchange in Office 365 with Next Generation security technologies to protect their email communications – whether they’re hosted on-premises or in the cloud.”  

Kaspersky Security for Microsoft Office 365 is available globally now and can be purchased online.

To learn more about the product and start a full-functionality three-day free trial please visit cloud.kaspersky.com. Customers can also purchase Kaspersky Security for Microsoft Office 365 from Kaspersky Lab partners from 8th February 2018. 

About Kaspersky Lab 

     Kaspersky Lab is a global cybersecurity company celebrating operating in the market for over 20 years. Kaspersky Lab’s deep threat intelligence and security expertise is constantly transforming into next generation security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.

The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. 

Over 400 million users are protected by Kaspersky Lab technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.co.za.   

For further information please contact:

Princess Tsambo| Orange Ink|

Cell: +27 76 544 6703 Tel: +27 11 465 4075; +27 11 465 4030

princess@orangeink.co.za 

Latest Post
Categories
Categories
Internet Security Uncategorized

Best Encrypted Email Services for Infosec Ops

Add Your Heading Text Here

Share it:

In today’s  world, almost everybody wants some level of privacy. Having a certain level of privacy is deemed as a “good thing” for professionals who spend most of their time online. There are several mail services claiming to be the world’s most secure email services.  Some of these  “encrypted email services” are not secure and reliable as they suggest to privacy practitioners. Fortunately, our infosec team analyzed and gathered some of the best encrypted email services for infosec ops and privacy practitioners.

 ProtonMail:

ProtonMail  is one of the best-encrypted email services that you can use to secure your email communication. The service has various features that make it one of the best services that you can use to keep your communications secure and free from hackers. It uses end to end form of encryption.  This form of encryption means that the messages are encrypted when they are being sent. You can use this email service if you are interested in secured email service. Protonmail is based in Switzerland.

Posteo.de:

Just like Tutanota,  Posteo.de is a German-based encrypted email service. Posteo has good features for its clients. Basically, clients have to pay about 1EURO to use the service for a month. This  includes access to some of the most important features of the service such as POP3 and IMAP support.  When you are signing up, you do not need to provide your personal information. This feature separates Posteo.de from the rest.

Mailfence:

mailfence.com is another alternative for infosec ops and privacy practitioners to consider. Mailfence, based in Belgium is controlled by  a belgian firm known as ContactOffice. Mailfence offers features to users such as Integrated Keystore, Two-factor authentication, and OpenPGP (end-to-end encryption) . Unfortunately, Mailfence is not accepting new registration but you can sign up later this year.

Virtru

Virtru is an email encryption and digital privacy company based in Washington D.C.  The company was established by ex-NSA security analyst John Ackerly in 2012. Virtru provides email encryption service for Google Apps, Microsoft, and Salesforce.You can also use Virtru free extension alongside with Google Chrome, Android and iOS apps.

Tutanota:

Tutanota is an open-source end-to-end encrypted email software and freemium hosted secure email service just like Virtru and Protonmail. It provides encryption services for both premium and freemium users. In addition, it allows users to send and recieve encrypted messages from regular email service users.

There are other companies offering encrypted email services just like Tutanota. Thus, you are not limited to the afore-mentioned.  But bear in mind that security is not 100%. Companies offering email encryption services for clients could also be compromised by sophiscated hacks.  However, it is quite safer to use those above than regular email services.

#ISA_informs

#ISA_ltd

Latest Post
Categories
Categories
Uncategorized

Do You Know Spectre Updates can Slow Down PC Performance?

Add Your Heading Text Here

Share it:

In cybersecurity, one sure way of fixing vulnerabilities is to apply patches. In other words, patching simply means to fix and update to a newer version after a vulnerability discovery.  However, recent patches against CPU flaws such as Meltdown and Spectre has rather affected computer’s performance.

Meltdown and Spectre is a complex form of attack where attackers exploit common features of modern microprocessors (such as ARM and AMD) that powers our smartphones, tablets and computers

According to Microsoft, Spectre and Meltdown firmware updates may affect PC performance. It affects computers running Windows 7 or Windows 8 . As for modern computers, there is no significant change in performance.

Haswell processors and older ones will be impacted the most by a series of firmware updates designed to protect against the Spectre CPU security flaw. Intel has proposed working with PC makers to ready firmware updates. But Most machines have yet to install these updates.

In addition, Microsoft has advised firmware updates are only required to protect against what’s being described as Spectre variant 2.

For Meltdown and Spectre variant 1, Microsoft has isolated kernel and user mode page tables and hardened Edge and Internet Explorer 11 to protect against JavaScript exploits. Updates for 41 editions of the operating system are now available, and Microsoft expects the four remaining supported editions will be patched soon.

Since Microsoft has advised IT admins and security engineers not to percieve that updates against Meltdown and Spectre can resolve this threat, how do we ensure our servers are completely secured and performance is not compromised ?

We hope to hear from you!

#ISA_informs

#ISA_ltd 

Latest Post
Categories
Categories
Internet Security Mobile Phones Uncategorized

“TROJAN LOAPI” HUNTS PORNOGRAPHIC LOVERS!!!

Add Your Heading Text Here

Share it:

It seems virus writers are yet to give up on developing on different kinds of unpleasantness to frustrate android users who are fond of downloading adult-rated android application and anti-virus application from third-party stores as well as Google playstore onto their devices.

 A Trojan horse or Trojan is another kind of malware usually disguised as legitimate software. Hackers use trojans to gain access to users’ systems.

Unlike other trojans, this particular one is programmed to overheat your device as a result of the prolonged operation of the processor at maximum load. In addition, it can turn your phone into a zombie and hijack it to use in DDoS attacks against Web resources as well as sign up users to paid services secretly.

HOW TROJAN LOAPI OPERATES:

Users attract the Loapi Trojan by clicking on an ad banner or by downloading a fake AV or adult-content app . As stated earlier,  fake av or adult-content app are common vehicles used by Loapi to gain access to user’s devices.

After installation of fake apps, Loapi asks for administrator rights . Notification to grant Loapi administrator right appears on the user’s device screen until the user finally accepts Loapi administrator demands.

If the user later tries to deny Loapi of administrator rights, it locks the screen and closes the settings frame.

Furthermore, if the user tries to download apps to protect his device against malware and trojan, Loapi declares them to be malware and orders their removal.

Loapi heavily relies on frustrating users in order to prevent them from downloading legitimate anti-virus apps to wipe out other similar trojans.

HOW TO AVOID TROJANS:

  •     Deactivate installation of apps from unknown sources. In Settings go to Security and ensure that the Unknown sources checkbox is not selected.
  • Get a reliable and proven AV for Android and regularly scan your device with it because Google playstore is safe too. Doing so adds another layer of security.

#ISA_informs

#ISA_ltd

Latest Post
Categories
iSA_LOGO_FINAL new 2
Information Security Architects (ISA) Ltd is one of the leading Data Privacy and Security Practitioners in Ghana West Africa.
Services
Products
Newsletter

Sign up our newsletter for update information, insight and promotion.

Facebook Instagram Twitter Linkedin
Copyright © 2021, All rights reserved. Powered by Lynt Digital.