-
World Cybersecurity Forum (1st Quarterly Clubhouse Edition)
We held the first World Cybersecurity Forum this past week and it was a great success! The World Cybersecurity Forum was a 24-hour event held for the first time this year on Clubhouse! The event featured cyber experts from around the world, and was an event open to all with the mission of demystifying cyber, creating awareness and answering the public’s questions. The World Cybersecurity Forum believes that cybersecurity is EVERYONE’S responsibility. Organized by Jacqueline Jayne, Security Awareness Advocate at KnowBe4, Jacqueline or, JJ, for short, can be found on LinkedIn. The session aimed to bring the best minds together from around the world to talk about all things cyber.…
-
What is Zero Trust?
Zero Trust Castle & Moat construct (which assumes that all security threats come from outside an organization) is outdated & problematic. Shift in attitude from trusted to untrusted. Trust is a vulnerability. Workers (users) are our weakest link No trust-by-default… Instead, Why don’t we inherently distrust everything? The user today needs a variety of access methods to a multitude of systems (while simultaneously NOT trusting them). The ‘Zero Trust’ model allows workers to perform their roles & responsibilities in a much more secure, much less trusted environment. The framework was conceptualized by Forrester Research in 2010. Not “Trust, but verify” rather, “Verify, then trust…but only a little.” No person is…
-
IP Addresses, Subnet Masks, Subnetting, and Calculating Hosts
IPv4 IP addresses are a 32-bit (binary digit) value. IP addresses are just strings of 32 binary digits (bits!). ex: 11000000101010000000010000000010 Broken down into 4 groups of 8, separated by dots (periods/decimals). ex: 11000000.10101000.000001.00000010 Now each 8-bit value, octet, is converted to a decimal number between 0 and 255 (for a total a 256 options). So the above would translate to: ex: 192.168.4.2 This is “dotted decimal notation” aka “the dotted octet numbering system”. Tip: You should memorize that 0=00000000 and 255=11111111. You’ll find knowing this very helpful. Note: By definition, all computers on the same network have the same subnet mask and network ID. /24 is limited to IP…
-
The TCP/IP Reference Model and Layers
The TCP/IP model is a more concise take on the OSI model. The TCP/IP model contains four layers: Process/Application Layer Host-to-Host/Transport Layer Internet Layer Network Access Layer/Link Layer Network Access Layer The Network Access Layer defines how to use the network to transmit an IP datagram, or unit of information packet. The Network Access Layer is: the lowest layer physical, data link, network a directly attached network the protocols provide the means for the system to deliver data to other directly (physically) attached network devices. must be able to know the details of the underlying network (packet structure, addressing, etc.) Gateways are devices that switch packets between different physical networks.…
-
What is a social engineering attack?
Social engineering is using human interaction (social skills) to obtain or compromise data/information about an organization or its computer systems. This information can them be used to deploy an attack and/or penetrate a network further. Social engineering attacks are particularly dangerous because they prey on our human instincts, interactions and dealings with people and our contextual environment. An attacker may not fit the stereotype we hold in our heads. Social engineering preys on the fact that humans will have our guard up for natural signs of danger and natural enemies, but things get fuzzy when the distinction is not so clear. In social engineering, the attacker may seem unassuming, respectable…
-
Notes To Know: “Fundamentals of Telecommunications” by Roger L. Freeman—Chapter 1 Introductory Concepts
(Note: This is an evolving, evergreen post.) Chapter 1–Introductory Concepts What is Telecommunication? “Communications at a distance.” —Webster Dictionary “The transmission of signals over long distance, such as by telegraph, radio or television.” —IEEE Standard Dictionary Telecommunications is one of those words that has broad scope, meaning and coverage. It can mean different things to different individuals. “Fundamentals of Telecommunications” brings forth the following definition: “Some take the view that telecommunications deals only with voice telephony, and the typical provider of this service is the local telephone company. We hold a wider interpretation. Telecommunications encompasses the electrical communication at a distance of voice, data, and image information (e.g., TV and…
-
4). Intro to Hypervisor, Docker & Container Basics–(VMs) Virtual Machines [VIDEO]
There’s a great series of videos on YouTube giving a quick intro to telecommunication cloud basics. The videos feature Vikas Shokeen and are available in short 4-video series. The fourth one is below with some basic notes. 4). Intro to Hypervisor, Docker & Container Basics–(VMs) Virtual Machines [VIDEO] Docker Architecture See also: 1). Intro to Telco (Telecommunications Company) Cloud Basics, NFV, SDN, Architecture of Cloud Networks [VIDEO] 2). Intro to NFV (Network Function Virtualization) Basics–NFV Architecture, ETSI, NFV ManO [VIDEO] 3). Intro to SDN (Software Defined Networking) Basics–SDN & Openflow Architecture [VIDEO] Biblio: [1] vCloud NFV Reference Architecture [2] Tech Tutorial–Introduction to NFV: Network Function Virtualization [3] Introduction to Network…
-
3). Intro to SDN (Software Defined Networking) Basics–SDN & Openflow Architecture [VIDEO]
Software defined networking (SDN) SDN (software defined networking) is highly correlated with NFV. SDN is a big deal in IT and Telecom. NFV is all about building up virtual platforms. SDN is about making IP networks more flexible, more customizable, more programmable so that packet routing is possible with lots of flexibility and agility. Imagine a router, a physical piece of hardware, specifically designed and manufactured for implementing software functions that allow us control over the delivery of our data packets at its core. SDN now allows us to extract the software function from the actual piece of hardware. Now, we can take this extracted software function and apply it…
-
2). Intro to NFV (Network Functions Virtualization) Basic Concepts–NFV Architecture [VIDEO]
Network functions virtualization (NFV) Network functions virtualization (NFV) is a procedure that increases and improves network function by managing networks. NFV is an architectural framework providing a reference model where network functions are delivered through software…. The NFV framework was first developed by the ETSI (European Telecom Standards Institute) NFV Industry Specification Group set up in 2012. [1] There’s a lot of info on the internet about NFV and we culled together some sources through this post. Also, included is a great series of videos on YouTube giving a quick intro to telecommunication cloud basics. The videos feature Vikas Shokeen and are available in short 4-video series, with the second…
-
How to Get Into Cybersecurity with No Experience [Video]
I came across a great YouTube video titled, “How to Get Into Cybersecurity with No Experience” by Gerald “Gerry” Auger (Twitter, LinkedIn) of Simply Cyber. With Cybersecurity being in the headlines more and more, especially as companies and individuals grapple with the new Covid-economy, the demand for well-trained information security professionals continues to grow, exponentially. It is consistently listed in career/job outlook forecasts as one of the top sectors to watch in the coming years. So it comes as no surprise that the interest in this sector is growing and many are looking for ways to break into the field. Cybersecurity is especially interesting in that there seems to be…
