Assignment: Malicious Code Pointing

Want create site? With Free visual composer you can do it easy.

Assignment: Malicious Code Pointing

Assignment: Malicious Code Pointing

ORDER NOW FOR AN ORIGINAL PAPER:Assignment: Malicious Code Pointing

Unenforceable policies that don’t fit the IT and the users

SETA (training) Shared: IT and Business Leaders

Business buy-in and technical correctness

Insufficient training; errors

Information Security Investments

Shared: IT and Business Leaders

Evaluation of business goals and technical requirements

Over- or under- investment in security

© 2016 John Wi ley & Sons, Inc. 7

How Have Big Breaches Occurred?

Date Detected Company What was stolen How

November 2013 Target 40 million credit & debit cards Contractor opened virus-laden email attachment

May 2014 Ebay #1 145 million user names, physical addresses, phones, birthdays, encrypted passwords

Employee’s password obtained

September 2014 Ebay #2 Small but unknown Cross-site scripting

September 2014 Home Depot

56 million credit card numbers 53 million email addresses

Obtaining a vendor’s password/exploiting OS vulnerability

January 2015 Anthem Blue Cross

80 million names, birthdays, emails, Social security numbers, addresses, and employment data

Obtaining passwords from 5 or more high-level employees

© 2016 John Wi ley & Sons, Inc. 8

Password Breaches

• 80% of breaches are caused by stealing a password.

• You can steal a password by: • Phishing attack

• Key logger (hardware or software) • Guessing weak passwords (123456 is most common) • Evil twin wifi

© 2016 John Wi ley & Sons, Inc. 9

Insecurity of WiFi– a Dutch study

• “We took a hacker to a café and, in 20 minutes, he knew where everyone else was born, what schools they attended, and the last five things they googled.”

• Had WiFi transmitter broadcasting “Starbucks” as ID

• Because they were connected to him, he scanned for unpatched or vulnerable mobile devices or laptops

• He also saw passwords and could lock them out of their own accounts.

• The correspondent: “I will never again be connecting to an insecure public WiFi network without taking security measures.”

© 2016 John Wi ley & Sons, Inc. Sl ide 5-10

Other Approaches

• Cross-site scripting (malicious code pointing to a link requiring log-in at an imposter site)

• Third parties • Target’s HVAC system was connected to main

systems • Contractors had access • Hackers gained contractors’ password • Malware captured customer credit card info

before it could be encrypted

© 2016 John Wi ley & Sons, Inc. 11

Cost of Breaches

• Estimated at $145 to $154 per stolen record

• Revenue lost when sales decline

• Some costs can be recouped by insurance

©

Did you find apk for android? You can find new Free Android Games and apps.