As usual, I am starting sharing my experience with the world how my classes are going. So far great but I have to admit CYBR 515 class is challenging and highly technical. I with some other classes were like this one. Assessments are not about just writing papers but also encryption and decryption using the double transposition cipher method. The second-week assignment made me feel like "If you don't get it, you don't get it" like the Washington Post commercial. My Internet research helped me figure out how to decrypt a message using double transposition. It reminded my college math class where I had to learn 4 X 4 matrix. Hope coming weeks, we get similar technical assignments. There is a possibility that this class can be my two feature class after Ethical Hacking class.
Article 1:
Most Apple products users think Apple is less vulnerable and secure which is true when we compare with Windows products. I read an article, and it explains how Apple is becoming vulnerable as the number of users is growing worldwide. According to the article "Apple released security patches for its MacOS and MacOS Server, iOS, watchOS, tvOS, Safari, and Pages, to address over 200 vulnerabilities." The affected OS was mostly recent products which believed to be less vulnerable which isn't the case anymore after finding the vulnerabilities.
In MacOS, some of the flaws include memory corruption, user interface issues, access and validation issues, buffer overflow, profile uninstallation problem, etc. Reading this sounds like Apple got more flaws than Windows to me. I never heard or experienced profile uninstallation problem in my Windows OS even though I am a MAC user also.
According the researchers "An application that passes a malicious certificate to the certificate validation agent could trigger this vulnerability. Possible scenarios where this could be exploited include users connecting to a web site which serves a malicious certificate to the client, Mail.app connecting to a mail server that provides a malicious certificate, or opening a malicious certificate file to import into the keychain,". This is why it is critical not to click on suspicious links or open unknown websites. Reviewing all the Apple OS, it seems to they got some work to do if they want to have their customer's trust like before.
Here is the direct link if you interested reading the full article.
http://www.securityweek.com/apple-patches-hundreds-vulnerabilities-across-product-lines
Article 2:
I read another article this week which was posted to the Nationalinretest.org website. The title of the
article says it all "Why the Pentagon Needs to Leverage National Guard Cyber Skills." However, I disagree with the writer because National Guard is a part of the military and they support every federal and state mission based on the need of the country. It shouldn't matter whether it's a cyber mission or natural disaster mission. Next, the article talks about the consequences of the cyber attacks. Imagine if they could shut down a power grid or water system, railway systems. I think it's coming and it just the matter of time we will see all these disasters if we don't do enough to protect ourselves. It is surprising that we are trying to come up with a cyber team when enemies are already attacking government systems. We could have prepared well and ready to fight in the cyber domain if there is an attack. Especially the Air National Guard is trying to come up with a cyber team and support the federal/state mission. Now the National Guard has over 32 units focussing to the cyber mission.
According to Senator Ernst, “Cyber warfare is an emerging and ever-evolving battlefield, and we must use all available tools to protect our nation’s security, including those that already exist in our National Guard units.” I think most of us agree with Senator Ernst about his views about the threats and cyber being a new battlefield.
Overall this was a great article and explains well about the current activities of National Guard regarding the cyber mission.
http://nationalinterest.org/blog/the-buzz/why-the-pentagon-needs-leverage-national-guard-cyber-skills-19920
No comments:
Post a Comment