Categories
Cyber Security

ATM FRAUDSTERS IN KOLKATA PERFORM MITM ATTACK, STEAL AROUND TWO CRORES

ATM FRAUDSTERS IN KOLKATA PERFORM ‘MAN-IN-THE-MIDDLE ATTACK”, STEAL AROUND TWO CRORES.

Man in the middle attack, atm hacking

The Kolkata Police has found ATM fraudsters steal around two crores from at least ten unguarded ATMs around the city between the 14th and 22nd of May, 2021. The police report that the hackers have stolen the money by intercepting the two-way encrypted messaging between the ATM and the bank server. They have used a method which the experts refer to as “Man-in-the-middle attack” (MITM attack).

Hackers are breaking the systems for profit. Before, it was about intellectual curiosity and pursuit of knowledge and thrill, and now hacking is big business.
Man in the middle attack, atm hacking

A MITM attack is a cyber-attack where the hackers alter communication between two parties, where the ATMs and the bank servers. These two parties believe that they are directly communicating with each other. But in reality, there is a middle-man interrupting and manipulating the communication illegally to their benefit. The attackers get access to sensitive data, then they manipulate the content of the transmitted messages. The ten unguarded, not updated ATMs lose an amount between 2 to 20 lakhs each.  The fraudsters have targeted the same private bank to which all these ATMs belong.

The two suspects caught in the camera have carried out a similar crime in Faridabad of the Delhi/NCR region around two months back. It was a physically orchestrated mission where the camera has caught them installing a “black box” like device into the machines. They stayed for around 30 minutes to an hour. The joint commissioner of police (Crime Department), Mr. Murlidhar Sharma tells the reporters that the company that loads the money will incur the losses. 

Kolkata faces a highly sophisticated cyber-attack like this for the first time. The first attacks were in the machines located in the New Market, Jadavpur, and Cossipore police stations. Due to the lack of recent updates in the operating system, there is a loss of around 40 lakhs initially.

There are two ways in which the hackers have performed the breaching between the ATMs and the bank servers. First, the hackers have placed proxy bank servers. So the encrypted messages from the ATM switch reach the proxy bank servers instead of the valid bank server. Then the fraudsters would insert dummy cards to dispense the cash that the proxy bank server allows. In the second one, the fraudster tampers the ATM LAN connection. Here, the external device manipulates the encrypted messages from the bank server authorizing the transaction before it bounces back to the ATM switch. 

We can avoid these sophisticated MITM attacks by upgrading the security system with lesser loopholes that would restrict the fraudsters hacking into systems, thus preventing the spewing of cash unethically.

Categories
Cyber Security

ENCRYPTION KEY MANAGEMENT SERVICES

5 eNCRYPTION KEY BEST PRACTICES IN 2021

encryption key management

Data breaches have skyrocketed cyberspace with the growing competition for sensitive information. In the whole data life cycle, data encryption is one of the best ways which ensures confidentiality by providing a secure method of cyber threat protection by avoiding losses and exploitation of data.

With the growing sophistication of cyber-attacks, cryptographic key management provides a safe and secure way to control massive data breaches. It helps in reducing the risk in the cybersecurity architecture of your company.

At TeamCognito, a leading cybersecurity company in Kolkata, we ensure the full protection of electronic communications and financial transactions in the fast-growing modern world. Our encryption key management services in Kolkata include creation, storage, protection of existing and expired keys, distribution, replacement, and destruction of encryption keys.

There are two types of encryption: one that will prevent your sister from reading your diary and one that will prevent your government.
data breach, cybersecurity, data protection
There are three primary key management approaches 
  1. Decentralised key management – In this type of key management, the end-users are responsible for their key management. The organization does not handle the governance of the key.
  2. Distributed key management – In this type of key management, each team or department in the organization is responsible for handling its key management protocol according to its process and policies. They have the option of contacting or coordinating with other departments.
  3. Centralised Key management – In this type of key management, there is one policy throughout the organization. All the team and department of the company follow it. 

In the key management server, the encryption key is created and stored along with its various attributes which include its name, size, ability to delete, activation date, mirroring, key access, etc. The encryption key manager keeps track of the encryption key’s current and previous uses. The key manager would allow the administrator to change the attribute of the keys.

There are four basic types of encryption keys 
  1. Symmetric encryption – A single encryption key is used for both data encryption and decryption in this type of cryptography. This type of encryption is used to secure data and is also a quick algorithm.
  2. Asymmetric encryption – Both keys are paired and created simultaneously in this type of cryptography. Public and private keys are the two types of symmetric encryption.
  3. Public keys – These keys are only used to encrypt the data and not to decrypt it.
  4. Private keys – These keys are used to decrypt the data. The encrypted data can be decrypted by this only key. It should be password-protected.
With the size and complexity of the environment, the key management system gets challenging. When a key has been compromised, it is quite difficult to identify the threats until it is exploited. These are some major threats that can be considered:
  1. Weak keys: Complex keys help in securing and protecting sensitive data for a while.
  2. Incorrect use of keys: For a specific purpose/task only one key should be generated.
  3. Reuse of keys: When the keys are reused for multiple purposes, it can be dangerous and put the organization at high risk.
  4. Inappropriate storage of keys: Keys should never be stored on a server or a database.
  5. Improper protection of keys: Keys should be made available in unencrypted form within a secure tamper-protected environment.
  6. Insecure moment of keys: To move keys safely between systems, we wrap the key under a pre-shared transport key which is either a symmetric or asymmetric key.
Ensuring data security is every employee’s business. Here are a few best practices for encryption key management 
  1. Secure key stores: Complex keys should be used to achieve optimal security and protect key stores. They must be protected when stored, when in transit, and during backup. The loss of all data is mainly due to improper key storage.
  2. Access to key stores: There should be policies governing key stores which use separation of roles to help in controlling access. The entity of a given key and a stored key shouldn’t be the same. All-access to these entities should be limited to particular access.
  3. Key backup and recoverability: Secure data backup and recovery solutions must be followed in case there is an accidental loss of the key. A loss of the key would mean the loss of data that was protected by the key, and this might create havoc in the company if the data was deleted unintentionally.
Here are the five factors that should be considered while choosing a good key management solution:
  1. User-friendly interface: There can be accidents in configuring or misusing features in a poorly designed interface. This can compound numerous security problems. A well-designed and user-friendly interface is the solution for any kind of mismanagement in protecting and securing the data.
  2. Key storage: We should be well aware of where the encryption key is stored and who has access to it. For example, if the solution in question requires encryption keys to be available to the cloud infrastructure, then it shouldn’t be considered secured.
  3. Key rotation and destruction: Key rotation is when a new key is generated periodically. It is set as the primary key. The data is then encrypted with a new and different encryption logic using the primary key.
  4. Key generation granularity: The keys are kept within a secure environment that is divided at the highest possible level with the help of a zero-trust approach. Granular access control should be allowed by the KMS to manage access at the lowest hierarchy within the scope of the department/role/user/device.
  5. Automation: Mistakes can be prevented from occurring when the key of the lifecycle events can be automated. Automation should be offered to repetitive tasks. It should be flexible enough to be easily modified if any conditions change.

Being the top cybersecurity company in Kolkata, Teamcognito helps in maintaining the best practices in encryption key management by providing credible services. It is advised that the monitoring team investigate the access logs from time to time and secure sensitive areas to reduce the exploitation of data in cyberspace. At our cybersecurity solutions company in Kolkata, we provide our clients with a robust encryption key management system to protect the entire data life cycle. 

Categories
Cyber Security

CLOUD COMPUTING SECURITY SERVICES IN KOLKATA

4 tHINGS TO KNOW ABOUT CYBERSECURITY IN CLOUD

As we migrate our computers, data centers, business processes, and other assets to the cloud, cloud data protection becomes increasingly necessary. Robust cloud security policies accomplish data protection and generate a security-conscious organisational culture. TeamCognito is the leading cybersecurity company in Kolkata. We help enterprises protect their digital assets and ensure a safe digital workspace for their employees. 

Cloud security has many advantages, including:

Centralized security: Cloud security is similar to how cloud computing centralises software and data. When dealing with shadow IT or BYOD, cloud-based business networks include numerous devices and endpoints that can be difficult to handle. Centrally managing these organisations improves traffic analysis and site filtering, streamlines network event management, and results in less programme and policy changes. When disaster recovery plans are handled in one location, they can also be easily executed and implemented.

Reduced costs: The advantage of using cloud storage and encryption is that it reduces the need to invest in specialised hardware. This decreases not just capital spending but also administrative overhead. Whereas IT teams used to respond to security issues reactively, cloud security provides proactive security capabilities that provide protection 24 hours a day, seven days a week with little or no human interference.

Reduced Administration: You can say goodbye to manual security settings and almost daily security updates when you use a reliable cloud services provider or cloud security platform. These activities can consume a significant amount of energy, but when you transfer them to the cloud, all security administration takes place in one location and is completely handled on your behalf.

Reliability: Cloud computing services have the highest level of dependability. Users can access data and apps in the cloud securely no matter where they are or what device they are using if the proper cloud protection measures are in place. Teamcognito provides the very best cloud computing security services.

The cyberspace comes with numerous benefits. Like any amenity where there exists a product there exists its merits and demerits.
cybersecurity, cloud services

What are the cybersecurity challenges in cloud security?

The rapid growth of the cloud has centered attention not only on the advantages of the cloud but also on the cloud security issues that exist in its climate. The security of cloud storage also depends on the users. Failure to adhere to security requirements and fix security threats in a timely manner will result in a cyberattack or data breach that could have been avoided. This necessitates that businesses effectively understand and manage cloud security risks. Assess and take the right precautionary measures with TeamCognito, the top cybersecurity company in Kolkata.

The most common problems for cloud computing security include:

  • Identifying and preserving access measures

  • Balancing the cloud service provider’s and the user’s joint responsibility for the protection

  • Compliance with regulatory standards for data security in the cloud

What are the best practices in cybersecurity services in the cloud?

It is not an exaggeration to say that any organization may become a victim of cyber-crime. Government agencies, educational and healthcare institutions, banks, law firms, non-profits, and a variety of other organizations have reported cyberattacks. Smart companies are increasing their investments in cloud security services in order to eliminate threats and safeguard confidential data. TeamCognito has some of the best cyber-crime experts in Kolkata.

Here are some of the best cloud cybersecurity practices:

Use strict user access control/least privilege.

Administrators should enforce strict user access control, similar to the conventional software protection process, to determine who can access the data and to what degree users can access it. This will help to ensure that only approved users have access to data stored in the cloud infrastructure.

Use SSH Keys and Store Keys Securely

With private and public key pairs, Protected Socket Shell (SSH) keys aid in the establishment of secure server connections. Since we use SSH keys to access sensitive data and perform essential, privileged tasks, it is critical to properly maintain and safely store them.

Implement Cloud Encryption

Data encryption in cloud computing is critical for businesses because it ensures that data flowing to and from the cloud is encrypted and stable. Encryption, with other security mechanisms such as the principle of least privilege (PoLP), allows organizations to comply with strict regulatory policies such as PCI DSS, HIPAA, and GDPR.

Conduct Routine Penetration Tests

Cloud penetration tests aid in identifying security flaws in cloud infrastructure. Pen tests are often a joint liability in cloud computing, so both the organization and your cloud service provider should conduct penetration tests to identify security vulnerabilities in the cloud.

Hardened and Controlled Images

A hardened virtual server image is one that is devoid of anything unnecessary to the task at hand and has its configuration tightly protected. They create these images in accordance with cloud security requirements, with the fewest access rights and administrative permissions, as well as only the ports and services that are needed.

Implement Multi-Factor Authentication

MFA (multi-factor authentication) protects the company’s data and user accounts by using a variety of authentication mechanisms such as one-time passwords, biometrics, security questions, and many others.

Examining Vulnerabilities and Unauthorized Hardening Processes

In the cloud storage environment, misconfiguration can lead to exploitable security flaws. You must check the IaaS settings for access control, encryption, and network configuration to avoid such cybersecurity vulnerabilities.

How TeamCognito can assist?

Our security team includes top security and subject-matter experts on AWS, Azure, and Google Cloud, as well as experienced security coaches who can assist you with questions to ask your cloud service provider before purchasing cloud services.

We also provide security audits to identify and mitigate security flaws in cloud infrastructure, making it simple for you to protect your cloud environment. TeamCognito has the best cybersecurity experts in Kolkata.

About TeamCognito 

TeamCognito has become one of the cloud computing services in Kolkata. From receiving Special Recognition from the Ministry of Information Technology of the Government of India for the Citizens Voice Challenge to being incubated by BCC&I. With 60+ clients, including international clients, we’re going global. You can be assured that you will receive top-notch service.

Cybersecurity, Machine Learning, and Artificial Intelligence are among our specialties. When things get technical, TeamCognito also has experience in Application, Website, and Product Creation, as well as Digital Marketing services to help you make a mark in the media. We provide the best cloud cybersecurity services in Kolkata.

TeamCognito is a brand that stands for “The Best of All.” Growing to be one of India’s Top 10 Cybersecurity Service Providers and the one-stop-shop for all your company needs, from apps to web to marketing.

Categories
Cyber Security

TOP CYBERSECURITY TRENDS TO LOOK FOR IN 2021

TOP CYBERSECURITY TRENDS TO LOOK FOR IN 2021

Hacking, Statistics, Data Loss, Fraud

With the digital revolution sweeping the globe, all businesses, large and small companies, organizations, and even governments depend on computerized systems to run their daily operations, making cybersecurity a top priority to secure data from various online attacks or unauthorized access. Continuous technical advancement implies a parallel change in cybersecurity trends as stories of data breaches, ransomware, and hacks become commonplace.

The cyberspace comes with numerous benefits. Like any amenity where there exists a product there exists its merits and demerits.
Artificial Intelligence in Cybersecurity

With the introduction of AI in all market segments, this technology has resulted in significant changes in cybersecurity, thanks to machine learning. In the development of automated security systems, natural language processing, face recognition, and automatic threat detection, AI has played a critical role. It’s also being used to create smart malware and attacks to get around the most up-to-date data security protocols. Threat detection systems with AI can predict attacks and alert administrators to any data breaches instantly, making them the next cybersecurity trend in 2021.

Automotive Hacking and its Influence

In 2021, the first cybersecurity theme will be the rise of automotive hacking. In areas including cruise control, engine timing, door lock, airbags, and advanced driver support systems, modern cars are outfitted with automated software that provides smooth communication for drivers. These vehicles communicate via Bluetooth and Wi-Fi, exposing them to a variety of vulnerabilities and hacker threats. We believe that taking control of the vehicle or using microphones for eavesdropping will increase in 2021 as the use of autonomous vehicles grows. Self-driving or autonomous cars use a more complex mechanism that causes more rigorous cybersecurity protections.

Mobile malware is the new threat

We observed mobile banking malware or attacks increasing by 50% in 2019, making our handheld devices a target for hackers. Individuals are more at risk from all of our images, financial transactions, emails, and texts. In 2021, a smartphone virus or malware could attract the attention of cybersecurity trends.

Cloud computing vulnerabilities

To avoid data leaks, security protocols must be continuously monitored and updated as more companies migrate to the cloud. Although cloud applications like Google or Microsoft are well-protected on their end, user error, malicious apps, and phishing attacks continue to be a major source of erroneous errors, malicious apps, and phishing attacks.

Data breaches and their effect

Data will continue to be a challenge for businesses all over the world. The primary goal right now is to protect digital data, whether it belongs to an individual or an entity. Hackers can gain access to personal data by exploiting some minor flaw or bug in your system browser or software. The General Data Protection Regulation (GDPR) went into force on May 25, 2018, granting data protection and privacy to individuals in the European Union (EU). Similarly, on January 1, 2020, the California Consumer Privacy Act (CCPA) went into effect to protect consumer rights in California.

IoT and 5G Network

IoT with 5G networks is the next big cybersecurity theme for 2021. With 5G networks set to launch internationally in 2020, the Internet of Things will usher in a new age of interconnectivity. This contact between multiple devices exposes them to outside influence, threats, or an unknown software error, exposing them to vulnerabilities. Even Google Chrome, the world’s most popular browser, was found to have serious flaws. 5G architecture is still relatively new in the industry, and it will take a lot of investigation to find flaws that will enable the system to be safe against external attack. Every step of the 5G network might bring a plethora of network attacks we might not be aware of.

State-Sponsored Cyber Warfare

There will be no truce between the western and eastern forces in their search for dominance. Though the attacks are rare, they have a major effect on an event such as elections. With over 70 elections expected this year, illegal activity will probably increase during this time. The biggest cybersecurity trends for 2021 are likely to be high-profile data hacks, political and industrial secrets.

Insider Threats

One of the most common causes of data breaches is human error. An entire company can be brought down by a single bad day or a deliberate loophole that allows millions of records to be stolen. Employees were directly or indirectly responsible for 34% of total attacks, according to a Verizon data breach report. As a result, raise awareness among employees to ensure that data is protected in every way possible.

How TeamCognito can help?

The best call today is to step up your security game and keep up with these cybersecurity trends, and we will help. TeamCognito’s cybercrime experts in Kolkata will help you stay one step ahead in this rapidly developing sector. With our proactive approach, you’ll have access to approaches of protecting your infrastructures, securing data and information, conducting risk analysis and mitigation, architecting cloud-based protection, achieving compliance, and much more.

TeamCognito has become one of the leading cybersecurity company in Kolkata. From receiving Special Recognition from the Ministry of Information Technology of the Government of India for the Citizens Voice Challenge to being incubated by BCC&I. With 60+ clients, including international clients, we’re going global. You can be assured that you will receive top-notch service.

About TeamCognito

Cybersecurity, Machine Learning, and Artificial Intelligence are among our specialities. When things get technical, TeamCognito also has experience in Application, Website, and Product Creation, as well as Digital Marketing services to help you make a mark in the media. We provide the top cybersecurity company in Kolkata.

TeamCognito is a brand that stands for “The Best of All.” Growing to be one of India’s Top 10 Cybersecurity Service Providers and the one-stop shop for all your company needs, from apps to web to marketing.

Even after taking the best protection measures, there is a chance your mobile data can be breached, that is where TeamCognito can come into being. TeamCognito’s cloud-native, purpose-built solutions for Salesforce, Office365 and G Suite will give full protection to your organisation data. With TeamCognito’s  cybersecurity services in Kolkata, you will stay protected all the time.

Low-cost cyber security solutions – Secure and protect your data

TeamCognito makes use of artificial intelligence to segregate the critical tasks from the routine network activity. We have the finest cybersecurity experts in Kolkata who can assist in identifying the critical cyber threats, thus helping teams save time that might otherwise be spent investigating alerts that do not need immediate attention. We try to identify the chains of activities that are responsible for the cyber-attacks and then take action accordingly.

Automotive hacks become an ever-growing concern for every business today. At TeamCognito, avail affordable, comprehensive cybersecurity solutions for your automotive hacks. Our cybersecurity consultant services in Kolkata will protect all the sensitive data, meet compliance requirements, so that you can remain safeguarded and stress free.

We are the industry leader in cyber security solutions, some of the renowned companies of Kolkata are dependent on us. Our cyber security experts have tons of experience in handling mobile malware mitigation issues. This wide range of experience provides us with unparalleled insight into new malware threats before they cause significant damage.

Unauthorized cloud services can result in an increase in malware infections or data exfiltration. With TeamCognito’s top cybersecurity services stay protected from all the five kinds of cloud security vulnerabilities – account hijacking, malicious insiders, data breaches, system vulnerabilities and insecure APIs.

Data leaks can prove fatal if no actions are taken at the right time. Be it any business organisation, government agencies or individuals, get total safety and security. TeamCognito being one of the premium cyber security solutions companies in Kolkata is committed to helping people stay safe online and beyond. Discover how our award-winning security can help you stay protected against data breaches 24×7.

We offer comprehensive protection for the critical infrastructure and OT environments. Enjoy complete protection on home networks on Wifi router with our top-notch cyber security services in Kolkata. Get the latest products and solutions to secure Internet of Things (IoT) and 5G for your business, school campus, or vehicle from TeamCognito.

Cyberwarfare has become a potential threat in India in recent times. If your agency is the victim of any computer viruses or denial-of-service attacks, look no further, get in touch with TeamCognito, get best recommendations on methods of defending against the damaging effects of cyber warfare on a nation’s digital infrastructure.

Potential risks of insider threats are numerous, including installing malware, financial fraud, data corruption, or theft of valuable information. To counteract all these possible scenarios, organizations should implement an insider threat solution. Decrease your risk immediately with advanced insider threat detection and prevention from TeamCognito.

Categories
Artificial Intelligence

GENERATIVE ADVERSARIAL NETWORK (GANs)​

GENERATIVE ADVERSARIAL NETWORK (GANs)

Generative adversarial networks (GANs) are algorithmic architectures that use two neural networks, pitting one against the other in order to generate new, synthetic instances of data that can pass for real data. GANs were introduced in a paper by Ian Goodfellow and other researchers at the University of Montreal, including Yoshua Bengio, in 2014. They are used widely in image generation, video generation and voice generation.

Generative Adversarial Networks is the most interesting idea in machine learning in last ten years — Yann Lecun (Facebook AI Director)
Generative Adversarial Network

GANs consist of two parts: generators and discriminators. The generator model produces synthetic examples (e.g., images) from random noise sampled using a distribution, which along with real examples from a training data set are fed to the discriminator, which attempts to distinguish between the two. Both the generator and discriminator improve in their respective abilities until the discriminator is unable to tell the real examples from the synthesised examples with better than the 50% accuracy expected of chance. The goal of the generator is to generate passable hand-written digits: to lie without being caught. The goal of the discriminator is to identify images coming from the generator as fake. 

  Here are the steps a GAN takes:

  • The generator takes in random numbers and returns an image.
  • This generated image is fed into the discriminator alongside a stream of images taken from the actual, ground-truth dataset.
  • The discriminator takes in both real and fake images and returns probabilities, a number between 0 and 1, with 1 representing a prediction of authenticity and 0 representing fake.
Categories
Cyber Security

HARDWARE HACKING

HARDWARE HACKING

HArdware Hacking, Hacking, Cyber Security

In general definition it can be described and socially accepted as when an electronic device is made to perform a deviated task that it did not intend to perform initially.

In the late 2018,Bloomberg ran a series of stories reporting that China installed spy chips on motherboards manufactured by U.S.-headquartered Super-micro, a company whose motherboards are used by tech companies like Apple and Amazon in their servers.

Man is to technology what the bee is to the flower. It’s man’s intervention that allows technology to expand and evolve itself and in return, technology offers man convenience, wealth and the lessening burden of physical labor via its automated systems. ― James Scott, Co-Founder, Institute for Critical Infrastructure Technology

Now as abundant availability of rapid hardware prototyping has come into existence it has been like a boon to the hardware hacking cartels. It can be used for many purposes and of those some of are privacy breach, system spying, system crashing, blackmailing someone for money in exchange of their privacy and for God’s sake many more.

As in one of those paragraphs I have mentioned about a Bloomberg’s reports of China putting in spy chips, so just imaging if it’s true and really did happen, just image of you are right now using one of those computers fitted with those, imaging if they get to know that you are reading this from the spy chip they might have put in your laptop or computer. Where are enormously big companies who succumb to these security breaches and lose billions to the market. Well I would like to put some light over some events that took place some years ago, some pretty big companies suffered enormous lose due to unrecognized money transfers to anonymous bank account across the globe and till the time they found out it was way too late they succumbed to sudden bankruptcy then fell down in the market and some anonymous personality bought their shares from their own money and made the company run for billions, well it’s not a true story it’s what I would to if I had expertise in it. This is one of the ways organizations suffer to hardware hackings.

Back in days when we used to buy those PC game disks and some of them would finish the setup but wouldn’t run, out of those some would eventually end up damaging our own system and we were forced to restore the system erasing all the data and reinstalling the windows. So, in this context this does also can contribute to hardware hacking under the condition that the problem in the disc is purposely put to harm the system of the beholder.

To staying safe from breaches like these, governments across the globe have joined hands and procurement of the desired products aTer certain evaluations and only aTer they meet certain standards was made mandatory.

Categories
Cyber Security

CYBERBULLYING AND LAW TO PROTECT YOU FROM ONE

CYBERBULLYING AND LAW TO PROTECT YOU FROM ONE

Cyber Bullying, Criminal, Law

Let just imagine a scenario where you just like in just a normal day or was one you open you social media account to have some new of your sphere but then suddenly there is one anonymous personality whose words are not so pleasing to you rather would refer offensive to you in one way or the other. In this case if the absurd message, comment or post is without the intention of hurting you, you’ll end up blocking that account and forget about what happened. But if that occurs on a frequent basis with maybe the same personality behind it with some not so good intentions is called Cyber Bullying.

Cyber-bullying is poised to turn into the biggest online concern, already affecting up to 35% of all children. - Dr Martyn Wild

There can be different types of Bullying which I don’t want to speak out as while saying so I might offend someone somewhere but I’ll chose to say so because to pour light on something you need to have the source of the light which are in this context the bullies. So those are body shamming, face shamming, offensive words, threats etc. While it is a scary part of being on the internet it is protected by some laws. Following are some cyber laws though that cover some of the acts classified as cyber bullying in India:-

Sec.66A – Sending offensive messages through communication service, etc.

Sec.66C – Identity TheL.

Sec.66D – Cheating by personation by using the computer resource.

Sec.66E – Violation of privacy.

Sec.67B – Punishment for publishing or transmitting of material depicting children in any sexually explicit act, etc. in electronic form.

Sec.72 – Breach of confidentiality and privacy.

Sec.503 Indian Penal Code (IPC) – Sending threatening messages through email.

Sec.509 IPC – Word, gesture or act intended to insult the modesty of a woman.

 

Sec.499 IPC – Sending defamatory messages through email.

Sec .500 IPC – Email Abuse.

 

Well there are some tips to avoid one :-

1. OBSERVE:- Watch out and stay alert.

2. RECORD:- If there’s one store proof by screenshot or anything likewise.

3. REPORT:- Report to your country’s Cyber crime branch.

Categories
Cyber Security

SOCIAL MEDIA HACKING

SOCIAL MEDIA HACKING

Hacking, Facebook, Instagram, Whatsapp Hacking

So, Hello reader! If you’re reading this its a fairly high chance that you might be on some social media platform. Stating that you might even have an account in one of those. Suppose you receive a mail from some anonymous sender and you out of curiosity open it but there’s nothing to feed your curiosity in there, its empty or has either some emoji or .gif or might even have just a hello message. What you notice after some time that there’s some malicious activity going around with your email address like unknown sent mail’s, anonymous subscription to site you’re not aware of or maybe you don’t access to your email address anymore.

Social engineering has become about 75% of an average hacker's toolkit, and for the most successful hackers, it reaches 90% or more. - John McAfee

What just happened comes under a wide class of hacking called Social Media Hacking. Well it’s always in my nature to elaborate things with some situational examples.

It can happen in any social media platforms and some of those are Facebook ,Instagram ,Telegram, LinkedIn etc. You can avoid these malicious activities to your account by some basic steps or I’ll phrase it at-least you’ll be less prone to these attacks

 

Ways to prevent Social Media Hacking:-

1. Password – Make sure you have a fairly hard to
guess password. Make it less likely to be found from hit and
trial method like your name, date of
birth or names of family/ friends.

2. Security Question:- There’s an option to set a security question
to your account incase you forget your
password. And you should always opt for this option. It makes the account even
more secure.

3. Recovery Mail or Phone number:- Don’t
forget to add your mail and phone no. to recover your password in case you forget. You
can also set a recovery mail to your email account. Make sure you you set a recovery mail by
your family members or anybody very close to
you.

4. Watch out for malicious activity:- Always check your activity on a regular
basis and if you find some malicious activity going with the social media
accounts, try resetting you’re password just put you in a more safe place. You also have an option of filing a complaint to the particular
social media and they take immediate action to check your account.

5. Report:- You can always report some malicious activity to your service provider
and they’ll look into the matter. In
social media you can always go to
the support section to put your concerns about your account’s activity.

6.  Open Mail/ Msg Carefully:- Before opening any mail/ msg make sure you have received it from authenticate account. If you see any
suspicious number or mail ignore it.

You can always contribute to the security of your own account and your account awareness can actually put down many of these attempts.

Categories
Cyber Security

CREDIT CARDS AND ITS CYBER SECURITY

CREDIT CARD AND IT'S CYBER SECURITY

In simple definition of credit card is that it is a small plastic card with a unique number to it which is related to an account and people are able to buy any kind of stuffs using that and receive a bill every month for the purchased.

Credit, as the name suggests it is a kind of loan and it comes under micro loaning. It has interest charges, fines, default laws and etc. Infact it’s just like any ordinary loan but in micro level of the economy. The amount of money you can spend using your credit card is determined by your bank and it analyses some factor to do so. There are five components your credit amount depends upon and those are Character, Capacity, Capital, Collateral and conditions. On the basis of this in order to get a fair amount of credit amount your character should be clean legally, you should have the capacity to pay back, you should have some collateral in case you are unable to pay back and of-course there are some contains to the credit amount. If you clear all these you’ll be provided with a credit amount based on your capital and monthly income.

Our advice is to treat Credit Cards like what they are: little plastic grenades that must be handled very carefully.
Hacking, Statistics, Data Loss, Fraud

Now as we learned about credit cards and how it works there something we all do and it’s quite common and it is online transactions. If anything comes with an online mobility it always come with the chances of cyber theft and that’s why there exists a term called Cyber security and as the name literally means it provides security from cyber theft.

Security available to avoid a cyber theft are:-

1. Card details – Card number, expiry date, CVV and a one ,me password that is sent to the registered mobile number when you make a transaction and it is necessary to complete the transaction. It is you who is authorizing the gateway to continue with the payment.

2. Payment gateway security – You must’ve seen some lines on your payment gateway while you were making an online payment like “NORTON SECURED, Visa secure, Wibmo” or of the same type. They are security providers for payment gateways.

 3. You yourself – You are the biggest contributor to your own security. You should never shared your card details and password with anyone. Remember 8 out of 10 ,me it’s done from someone who know your card identity. And always keep track of your fund movements and of you notice any malicious activity report to your bank. And avoid making transaction on non popular and not verified sites. You can save yourself better than anyone else in this world.

Categories
Cyber Security

ARE WE SAFE IN CYBER ERA?

ARE WE SAFE IN CYBER ERA?

Work

In the time of constant evolution and advancements increasingly more and more people are gaining access to mobile phones, computers and the internet. We are digital consumers in a very digital era and we completely rely on our phones and laptops to go about our day to day activities be it accessing the social media, or to buy something or for banking. We are a part of that generation which relies heavily on the internet, but what we end up neglecting in this process is our security by assuming that we’re safe.

The cyberspace comes with numerous benefits. Like any amenity where there exists a product there exists its merits and demerits.
Cyber Security

Just to put some light over the merits of cyberspace which include cashless payments, navigation, messaging, data sharing, high speed online gaming, education, connectivity, entertainment etc there are many more. With these immense possibilities there are various ways someone can use it in a way it not made for.There are many religious disputes which feeds on social media. Many hatreds are spread using online platforms and due to its global reach and availability it affects on a very large scale and even to the extent when it’s not even reversible anymore. Even it provides the hackers numerous ways to hack into someone’s personal device and performance malicious operations.

This when used properly can be of huge help because it can carry almost infinite amount of information which can be accessed globally. In this COVID-19 situation kids are having online classes, people are doing work from home and likewise is only made possible due to the presence of the cyberspace. If this wouldn’t have been present in these time would certainly come to an abrupt stop hampering the spread of instantaneous supply of information to the neighbouring areas. Remember those days when we used to buy high capacity hard disk or pen-drives but this evolutions have gifted us the availability of cloud storage where we can store our personal information and files and access them anywhere very easily. This freed us of physical availability of storage disks and made our life easier and work faster.

Concluding the above facts almost any products has its pros and cons but it’s all about how the individual plans to use it and in-fact no one can assure malicious activity free use of any product or service. To decrease the amount of malicious activities there are many cyberspace laws which can be later over the defector and can punished according the severity of attack. If we take measures and assure best use of the cyberspace in our own individual sphere and everyone thinks this way then we can bring down cybercrime below significant levels.