Posts

Showing posts from September, 2019

About the EDR solution that is emerging these days.

Image
I need to write a security story after a while. I've been busy for a while (although I'm still busy), so I've been writing to my blog and I'm just dropping visitors, so I'm going to talk about the security system that's been hot lately. Like year's security conference in the United States, RSA 2018, which has been popular in the IT press, especially in the field of security since last year, says that endpoint detection and response (EDR) solutions are in the spotlight. EDR literally means endpoint threat detection and response, so let's take a look at why it's in the spotlight. Of course, it is a theorem in the knowledge I know. As a result, there may be some wrong information.


What is an EDR solution?
E in the EDR solution stands for Endpoint, which means it looks like it's in English, but the endpoint just means the terminal we use (the client in a server-client relationship): PC, smartphone, tablet, etc. do. IoT products also enter endpoints …

What You Need To Know About GDPR In 2019

Image
Today we’ll talk about the “great and terrible” GDPR (General Data Protection Regulation) or General Data Protection Regulation. Despite the fact that the law was adopted in May 2018, many companies still do not fulfill all its requirements.



We met with our DPO (Data Protection Officer) to tell him in simple terms what GDPR is and what companies must do to avoid large fines.
The article contains footnotes citing the basic definitions of the law.

What Is GDPR?
GDPR is an international law ¹ that applies to the whole world, although it has been adopted in the EU. This is a law that protects the rights of users on the Internet, regulating, in particular, the transfer, processing, storage of personal data of each person who is in the EU or is an EU citizen.

¹ “This Regulation applies to the processing of personal data in the context of the activities of an establishment of a controller or a processor in the Union, regardless of whether the processing takes place in the Union or not."

Is WordPress Secure? What You Should Know?

Image
Introduction
WordPress is the most popular blog system on the Internet. On average, every third page uses this system to handle its content. However, many myths have accumulated around this tool over the years. Is WordPress secure? Does its use have any consequences?


Number of Errors
To answer the question posed in the title, let's try to trace the number of vulnerabilities found in the entire ecosystem. I will use WPScan Vulnerability Database website, which is the aggregator of all errors that are currently known and relate to this system. On the home page, we can read that over 14,000 errors have been cataloged now. A lot for just one script. Based on such data, we can get the false impression that using WordPress to build your brand on the Internet may not be the best idea. And how is it actually?

The vulnerabilities on this page are divided into 3 main categories. The first - vulnerabilities in Wordpress itself, the so-called core-engine of the site. Further vulnerabilities in…

Synergize Network Security With Content Security Policy

Image
Content Security Policy (CSP, content protection policy) is a security mechanism with which you can protect yourself from attacks with the introduction of content, for example, cross-site scripting (XSS, cross-site scripting). CSP describes secure sources for loading resources, sets rules for using inline styles, scripts, and dynamic JavaScript evaluations — for example, using eval. Downloading from non-whitelisted resources is blocked.


Operating Principle
CSP is now a candidate for recommendation by the W3C. To use the policy, the page must contain an HTTP header Content-Security-Policy with one or more directives, which are whitelists. In version 1.0, the following directives are supported:
default-srcscript-srcobject-srcstyle-srcimg-srcmedia-srcframe-srcfont-srcconnect-src The default-src default allowed sources for the remaining directives are listed. If some directive is not indicated in the header, then the policy is applied according to the list default-src.

For all directives, …

SSL - Whether To Accept An Expired Certificate

Image
Is the prompt to accept an SSL certificate that has expired and is not valid OK? Or is this contrary to good practice? What other error messages can we encounter while browsing the Internet using HTTPS? What do they show and what are their reasons? And when they can inform about a potential attack, and when they show the ignorance of the website owner?


Why Do We Encrypt The Connection?
Today about a topic that appears from time to time on the Internet, when one of the larger companies forgets to renew their SSL certificate. Today, virtually every major site uses certificates so that a green padlock appears next to the domain name in the browser. But why really encrypt the connection? The point is that everything that we provide on the site is not intercepted by someone from the outside. So - if I enter something in the form on the page, it can only be seen by the server to which this information is directed. You may wonder: but who can eavesdrop on my data? The answer to this question…

Malware? Why Should I Care?

Image
Malware, short for “malicious software,” includes any software (such as a virus, Trojan, or spyware) that is installed on your computer or mobile device. The software is then used, usually covertly, to compromise the integrity of your device. Most commonly, malware is designed to give attackers access to your infected computer. That access may allow others to monitor and control your online activity or steal your personal information or other sensitive data.


TYPES OF MALWARE Many unique types of malware can infect your computer. Below is more information about a few of the more common types. Adware: a type of software that downloads or displays unwanted ads when a user is online or redirects search requests to certain advertising websites.Botnets: networks of computers infected by malware and controlled remotely by cybercriminals, usually for financial gain or to launch attacks on websites or networks. Many botnets are designed to harvest data, such as passwords, Social Security number…