Silicon Den Systems.

28/04/2017

The proof of the designer lies in the design!

24/12/2016

Many companies, organizations, and even medical facilities are required to meet a certain compliance with regards to vulnerability management. And while the effort and complexity of vulnerability management can be overwhelming to those entities, it is an easy task for professionals versed in the high level process. Vulnerability Management is a continuous information security risk process that requires management oversight and includes a 4-tier approach of: discovery, reporting, prioritization, and response. The objective for Vulnerability Management Analysts is to determine internal and external weaknesses, report and resolve them. This skill certification tests covers usage of popular scanning tools, delivery of progress reports, and implementation of increased system coverage. Although somewhat similar to pe*******on testing, the difference lies in the fact that vulnerability assessment lacks exploitation. But one thing is certain, it is a necessity. In a
post from Tenable Network Security, they discuss how a particular industry is at the forefront of vulnerability management and further driving its’ need.

21/12/2016

DIGITAL FORENSIC ANALYSTS SOME THRILLING NEWS ALONG YOUR WAY.
The Ultra Kit combines a variety of different write blockers into one handy Pelican case. They are purchased all at one time, are combined into one portable kit and are very reliable. These do cost more than a single write blocker, but if you purchase a kit you will get a variety of write blockers that fit many different hard drive formats. I would recommend investing in one of these if you are going to seriously enter the realm of digital forensics and want to be prepared for almost any situation that you might face.
http://www.digitalintelligence.com/products/ultrakit/
$1,799 – $4,399

20/12/2016

Social engineering is a creative art and it takes many forms:
· Phishing – Tricks a user to click/download a malicious link.
· Spear phishing – Targeting a specific organization and/or individual.
· Whale phishing – Targets specifically individuals such as CEOs.
· Vishing – Targeting individuals over the phone.
· Pretexting – Presents oneself as someone else.
· Tailgating (piggybacking) – Unauthorized person gains access to restricted area by following an authorized person.
· Water-holing – Hacker compromises a third party website in order to compromise a person who visits that website to deliver a malware.
· Dumpster diving – Collects information about a company and/or individual by going through the trash.
· Reverse social engineering – It’s not a hacker who initiates a contact, but a potential victim themselves.
· Baiting – The hacker might drop a portable USB drive in the company parking lot or elevator on the chance that an employee will plug it into a work computer.
· Quid pro quo – Hacker requests private information such as username and password in exchange for gift such as a gift card.
· Scareware – To scare/manipulate a person to buy unwanted software and/or to download a software (which is malicious) to fix a problem.
· Malvertising – Spread malware by online advertising on popular websites.

19/12/2016

18/12/2016

Typically, people are the weakest link in a security chain lifecycle; therefore, they – not technology – become the priority of a hacker. In the most of high-profile data breaches, hackers used some form of social engineering.
Companies may spend millions of dollars to protect their data with the latest technologies and security services, but their critical data could still remain vulnerable to old-fashioned human manipulation. Most people think that hacking is mostly technical, utilizing the technical flaws in the system that the hacker is able to exploit.
Social engineering is a non-technical kind of attack that tricks people into performing malicious actions or giving away confidential data. The bottom line is that social engineering uses organization’s employees to bypass organization’s security controls.
The purpose of social engineering is the same as technical hacking: to gain unauthorized access to critical information and systems, identity theft, or to disrupt the service. Social engineers always try to gain the trust of an authorized user, and get them to provide information they need to perform an attack.
Social engineers often believe that people are not aware of the value of the data they have. They also take advantage of our willingness to trust and help others. Social engineering takes place via email, phone, or walking in the front door behind someone with an authorized badge.
Social engineering is not a new concept; Victor Lustig is a prime example of social engineer that was born in 1890. Victor who is perhaps best known as the man who sold Eiffel Tower twice, had used social engineering tactics 100 years ago to convince people to give him what he wanted. We often hear there is a psychological aspect to social engineering such as human buffer overflow and amygdala hijacking (emotional hijack). The amygdala is a section of brain responsible for detection and immediate response to fear. In terms of social engineering, it is an automatic, overwhelming

17/12/2016

If you believe Intel’s cheerful hype about these processors making things more secure than ever, think again, because any processor which allows a machine to be accessed even when it’s turned off equates to an information tyrant’s dream come true. Please engage your brain while watching this , the security pitch is unadulterated B.S. These processors in fact represent an
absolute breach of security no matter how they are marketed. From the technical viewpoint of someone who dug deep in cryptography, I call B.S. on Intel, avoid these processors like the plague!

13/10/2016

Free code camp

11/10/2016

Security threats are becoming increasingly complex, harder to detect and can cause damage to an organization which can stretch across all business process and aspects including clients. Thus, an organization just having a firewall, anti-virus and intrusion detection system (IDS) is not enough (DEFCON n.d.) and therefore they need to implement a SOC. A SOC not only looks over preventing threats, but provides continuous prevention, protection, and detection, fast response capabilities against threats, vulnerabilities and real-time incidents.

10/10/2016

Computers have become part of our day to day lives.From home, work, school, hospitals
subways,buses, planes name it! They accompany us everywhere,lets say its the closest friend of
man in this era. Computers are amazing, different forms,way of use, problem they solve... come
up daily. For instance, computers help us maintain our financial, social, and professional
relationships.In short they carry our 'images' (alot of information about us ie pictures,
profiles,financial records, hospital records ).They carry virtually everything about us. We can't
escape them they are part of our lives.
With the amazing nature of computers they also come with a problem. Security.With the
computer development graph shooting, the computer security issues also rise. More
vulnerabilities are discovered daily. More and more variants of viruses, Trojans,Ransomwares
arise. Phishing attacks,denial of services attacks .Computer security is threatened from all
sides you can think of.This means everything we own or use is at risk.
With the development of IoT (internet of things)the bad guys ain't sleeping while we sleep.They
are out there looking for every possible way to get to us.You have a computer? Then you ain't
safe! The only safe computer is that wireless computer operating deep below the sea...In short
no one is safe. The bad guys are advancing everyday.Script kidies are upgrading to real bad
guys. Different services such as ransomware as a service(Raas) developed by the bad guys
come up to help the less experienced.

07/12/2015

Doing good is a good business. ...quality is part of our DNA