Gailleann Industries

15/11/2023

21/08/2023

What is an IT Audit?

An IT audit, or information technology audit, is an investigation and evaluation of IT systems, infrastructures, policies, and operations. Through IT audits, a company can determine if the existing IT controls protect corporate assets, ensure data integrity and align with the organization’s business and financial controls.

While most people are familiar with financial audits that evaluate an organization’s financial position, IT audits are still a fairly new phenomenon that is now gaining more importance due to the rise of cloud technology. The purpose of an IT audit is to check on security protocols and processes in place and IT governance as a whole.

As an unbiased observer, an IT auditor makes sure that these controls are properly and effectively installed, so the company is less vulnerable to data breaches and other security risks. However, even if adequate security and compliance are provided, there has to be a line of action in case of an unlikely event that would threaten the health and reputation of the examined business.

14/08/2023

https://www.securityweek.com/nearly-all-modern-cpus-leak-data-to-new-collidepower-side-channel-attack/

A new power side-channel attack named Collide+Power can allow an attacker to obtain sensitive information and it works against nearly any modern CPU.

20/01/2023

https://www.csoonline.com/article/3685419/how-attackers-might-use-github-codespaces-to-hide-malware-delivery.html?utm_date=20230120065524&utm_campaign=Top%20Enterprise%20Stories&utm_content=Description%3A%20How%20attackers%20might%20use%20GitHub%20Codespaces%20to%20hide%20malware%20delivery&utm_term=Editorial%20-%20IDG%27s%20Top%20Enterprise%20Stories&utm_medium=email&utm_source=Adestra&huid=3cd017e9-5a00-4854-b482-b95f23a8ad46

A feature that allows developers to make applications accessible by a public GitHub URL could enable attackers to deliver malware and avoid detection.

16/01/2023

We will be posting information on the most common examples of cyber-attacks that our users can experience. This is our way of increasing a tech-savvy community! Please contact us if you have any queries or worries and we can schedule a time for you.
Our post for today - Birthday Attack!

In a birthday attack, an attacker abuses a security feature: hash algorithms, which are used to verify the authenticity of messages. The hash algorithm is a digital signature, and the receiver of the message checks it before accepting the message as authentic. If a hacker can create a hash that is identical to what the sender has appended to their message, the hacker can simply replace the sender’s message with their own. The receiving device will accept it because it has the right hash.
The name “birthday attack” refers to the birthday paradox, which is based on the fact that in a room of 23 people, there is more than a 50% chance that two of them have the same birthday. Hence, while people think their birthdays, like hashes, are unique, they are not as unique as many think.
To prevent birthday attacks, use longer hashes for verification. With each extra digit added to the hash, the odds of creating a matching one decrease significantly.

15/01/2023

We will be posting information on the most common examples of cyber-attacks that our users can experience. This is our way of increasing a tech-savvy community! Please contact us if you have any queries or worries and we can schedule a time for you.
Our post for today - Malware Attack!

Malware is a general term for malicious software, hence the “mal” at the start of the word. Malware infects a computer and changes how it functions, destroys data, or spies on the user or network traffic as it passes through. Malware can either spread from one device to another or remain in place, only impacting its host device.
Several of the attack methods described above can involve forms of malware, including MITM attacks, phishing, ransomware, SQL injection, Trojan horses, drive-by attacks, and XSS attacks.
In a malware attack, the software has to be installed on the target device. This requires an action on the part of the user. Therefore, in addition to using firewalls that can detect malware, users should be educated regarding which types of software to avoid, the kinds of links they should verify before clicking, and the emails and attachments they should not engage with.

14/01/2023

We will be posting information on the most common examples of cyber-attacks that our users can experience. This is our way of increasing a tech-savvy community! Please contact us if you have any queries or worries and we can schedule a time for you.
Our post for today - Eavesdropping Attacks!

Eavesdropping attacks involve the bad actor intercepting traffic as it is sent through the network. In this way, an attacker can collect usernames, passwords, and other confidential information like credit cards. Eavesdropping can be active or passive.
With active eavesdropping, the hacker inserts a piece of software within the network traffic path to collect information that the hacker analyzes for useful data. Passive eavesdropping attacks are different in that the hacker “listens in,” or eavesdrops, on the transmissions, looking for useful data they can steal.
Both active and passive eavesdropping are types of MITM attacks. One of the best ways of preventing them is by encrypting your data, which prevents it from being used by a hacker, regardless of whether they use active or passive eavesdropping.
In a birthday attack, an attacker abuses a security feature: hash algorithms, which are used to verify the authenticity of messages. The hash algorithm is a digital signature, and the receiver of the message checks it before accepting the message as authentic. If a hacker can create a hash that is identical to what the sender has appended to their message, the hacker can simply replace the sender’s message with their own. The receiving device will accept it because it has the right hash.

13/01/2023

We will be posting information on the most common examples of cyber-attacks that our users can experience. This is our way of increasing a tech-savvy community! Please contact us if you have any queries or worries and we can schedule a time for you.
Our post for today - Trojan Horses!

A Trojan horse attack uses a malicious program that is hidden inside a seemingly legitimate one. When the user executes the presumably innocent program, the malware inside the Trojan can be used to open a backdoor into the system through which hackers can pe*****te the computer or network. This threat gets its name from the story of the Greek soldiers who hid inside a horse to infiltrate the city of Troy and win the war. Once the “gift” was accepted and brought within the gates of Troy, the Greek soldiers jumped out and attacked. In a similar way, an unsuspecting user may welcome an innocent-looking application into their system only to usher in a hidden threat.
To prevent Trojan attacks, users should be instructed not to download or install anything unless its source can be verified. Also, NGFWs can be used to examine data packets for potential threats of Trojans.In a drive-by attack, a hacker embeds malicious code into an insecure website. When a user visits the site, the script is automatically executed on their computer, infecting it. The designation “drive by” comes from the fact that the victim only has to “drive by” the site by visiting it to get infected. There is no need to click on anything on the site or enter any information.
To protect against drive-by attacks, users should make sure they are running the most recent software on all their computers, including applications like Adobe Acrobat and Flash, which may be used while browsing the internet. Also, you can use web-filtering software, which can detect if a site is unsafe before a user visits it.

12/01/2023

We will be posting information on the most common examples of cyber-attacks that our users can experience. This is our way of increasing a tech-savvy community! Please contact us if you have any queries or worries and we can schedule a time for you.
Our post for today - Insider Threats!

Sometimes, the most dangerous actors come from within an organization. People within a company’s own doors pose a special danger because they typically have access to a variety of systems, and in some cases, admin privileges that enable them to make critical changes to the system or its security policies.
In addition, people within the organization often have an in-depth understanding of its cybersecurity architecture, as well as how the business reacts to threats. This knowledge can be used to gain access to restricted areas, make changes to security settings, or deduce the best possible time to conduct an attack.
One of the best ways to prevent insider threats in organizations is to limit employees' access to sensitive systems to only those who need them to perform their duties. Also, for the select few who need access, use MFA, which will require them to use at least one thing they know in conjunction with a physical item they have to gain access to a sensitive system. For example, the user may have to enter a password and insert a USB device. In other configurations, an access number is generated on a handheld device that the user has to log in to. The user can only access the secure area if both the password and the number are correct.
While MFA may not prevent all attacks on its own, it makes it easier to ascertain who is behind an attack—or an attempted one—particularly because only relatively few people are granted access to sensitive areas in the first place. As a result, this limited access strategy can work as a deterrent. Cybercriminals within your organization will know it is easy to pinpoint who the perpetrator is because of the relatively small pool of potential suspects.

11/01/2023

We will be posting information on the most common examples of cyber-attacks that our users can experience. This is our way of increasing a tech-savvy community! Please contact us if you have any queries or worries and we can schedule a time for you.
Our post for today - Web Attacks!

Web attacks refer to threats that target vulnerabilities in web-based applications. Every time you enter information into a web application, you are initiating a command that generates a response. For example, if you are sending money to someone using an online banking application, the data you enter instructs the application to go into your account, take money out, and send it to someone else’s account. Attackers work within the frameworks of these kinds of requests and use them to their advantage.
Some common web attacks include SQL injection and cross-site scripting (XSS), which will be discussed later in this article. Hackers also use cross-site request forgery (CSRF) attacks and parameter tampering. In a CSRF attack, the victim is fooled into performing an action that benefits the attacker. For example, they may click on something that launches a script designed to change the login credentials to access a web application. The hacker, armed with the new login credentials, can then log in as if they are the legitimate user.
Parameter tampering involves adjusting the parameters that programmers implement as security measures designed to protect specific operations. The operation’s ex*****on depends on what is entered in the parameter. The attacker simply changes the parameters, and this allows them to bypass the security measures that depended on those parameters.
To avoid web attacks, inspect your web applications to check for—and fix—vulnerabilities. One way to patch up vulnerabilities without impacting the performance of the web application is to use anti-CSRF tokens. A token is exchanged between the user’s browser and the web application. Before a command is executed, the token’s validity is checked. If it checks out, the command goes through if not, it is blocked. You can also use SameSite flags, which only allow requests from the same site to be processed, rendering any site built by the attacker powerless

10/01/2023

We will be posting information on the most common examples of cyber-attacks that our users can experience. This is our way of increasing a tech-savvy community! Please contact us if you have any queries or worries and we can schedule a time for you.
Our post for today - Brute force attack!

A brute-force attack gets its name from the “brutish” or simple methodology employed by the attack. The attacker simply tries to guess the login credentials of someone with access to the target system. Once they get it right, they are in.
While this may sound time-consuming and difficult, attackers often use bots to crack the credentials. The attacker provides the bot with a list of credentials that they think may give them access to the secure area. The bot then tries each one while the attacker sits back and waits. Once the correct credentials have been entered, the criminal gains access.
To prevent brute-force attacks, have lock-out policies in place as part of your authorization security architecture. After a certain number of attempts, the user attempting to enter the credentials gets locked out. This typically involves “freezing” the account so even if someone else tries from a different device with a different IP address, they cannot bypass the lockout.
It is also wise to use random passwords without regular words, dates, or sequences of numbers in them. This is effective because, for example, even if an attacker uses software to try to guess a 10-digit password, it will take many years of non-stop attempts to get it right.