Tag Archive for: What’s

Addressing cybersecurity challenges: What’s the best anti-virus advice?

/in


Hacks have increased through the pandemic and the war in Ukraine – © AFP/File Noel Celis

A cybersecurity expert has explained to Digital Journal about the six signs that indicate if you have a computer virus. The advice then expands on how to remove the virus from your device.

In 2022, there were over 1.3 billion malware programmes in existence and 10 percent of these were computer viruses, according to research from the AV-Test Institute. A computer virus may spread from one device to another, take over your software and steal information that can be held at ransom.

Spam emails, instant messaging, file-sharing devices, fake antivirus downloads, unpatched software and infected hardware are the ways in which viruses can infect your computer.

The new advice comes from VPN Overview and it reveals six common symptoms of having a computer virus and how to remove it.

Slow performance

Observing computer performance is one of the first tell-tale signs in terms of whether there is a virus at play. Malicious code typically hijacks computing power and may lead to unbearably slow performance.

Freeze-ups and crashing

There are multiple reasons why a laptop might be crashing. It may be time to restart it, close down one of the many windows you have open or buy a new one – but it could also be a sign your computer has a virus.

Missing files

Malware has been known to delete important data. Once it has infiltrated your device, you may receive multiple pop-ups and notice your files are missing. Do not ignore this – it is a tell-tale sign of a virus that should be taken seriously.

New files appear

In addition to missing files, you may also notice new files mysteriously appearing. Viruses can replace your files with encrypted ones, although these are likely malicious and will only further harm your device if you click on them.

Problems with hardware

Viruses have been known to cause system changes that affect external hardware and accessories. If you can’t get that USB drive and wireless mouse to connect properly or work as it should, for example, it could be a sign of a virus.

Computer operating by itself

Computers are complex machines, but they shouldn’t be executing demands without your…

Source…

Your RSA Security Is On Its Last Legs. What’s Next?

/in


Vince Berk is the Chief Strategist at Quantum Xchange, a post-quantum crypto-agility provider. Ph.D. in AI/ML, founder of FlowTraq.

A recent paper from Chinese researchers claiming that they can break traditional RSA encryption initially sparked an uproar. Calmer voices have cited flaws in the research, so the panic has died down a bit. Yet it portends a future that, in reality, may not be too far away.

RSA and the Diffie-Hellman key exchange are two closely related mathematical cryptographic methods that underlie all modern data encryption used today. So what happens when RSA is completely broken, when cryptography as we’ve known it for the last 40-plus years is defeated?

It’s next to impossible to quantify the risk and the impact of that day. But we must prepare for it.

One of the things that make that preparation difficult is the way in which current cryptography is integrated into computing systems.

Cryptography has traditionally been treated as a stalwart and trustworthy part of software and hardware. Cryptographic libraries get compiled directly into software applications, operating systems and server containers. It’s baked blindly into each and every application, not shared across the hundreds or even thousands of applications deployed in a global organization and nigh on impossible to maintain consistently.

Even a global corporate chief information security officer (CISO) or infrastructure and networking leader has virtually no control over this. For the most part, they can’t choose which cryptographic security technology is used. And there’s little they can do if it’s broken. They have to wait for the application or hardware provider to send over an update.

The entire concept of cryptography has been abstracted away. CISOs have no idea what cryptography is being used, how it’s being used, or if what they want to be encrypted is actually encrypted. They are forced to just accept the crypto on their servers, their VPNs, their video conferencing app—without even knowing what they have and, thus, what the risks may be in the event of a failure.

The really scary part is that while a quantum computer (such as the one referenced in the Chinese…

Source…

What’s New in Node.Js 19?

/in


Here are the new updates of node js 19:

The HTTP(S)/1.1 KeepAlive:

The KeepAlive header field is an experimental web technology whose use can be considered a workaround for the lack of persistent connections in HTTP/1.1 servers and has been obsoleted by more recent specifications. The HTTP/2 protocol supports persistent connections, a major improvement over HTTP/1.1. However, one HTTP feature that has been a long-standing request from the community is to add the ability to send KeepAlive headers in the opposite direction.

This would allow clients to keep connections open between requests without having to do any special work on the server side to achieve it. This is especially useful for mobile applications with intermittent connectivity issues, and your app needs to keep working even when temporarily unavailable. The KeepAlive header field defines a mechanism to allow clients to request multiple requests without sending requests repeatedly. The client can send the first request, which the server will forward, and then, later on, it can send additional requests without waiting for the previous one to finish.

Experimental Node:

In the experimental Node, you can use the keepalive option to specify the number of seconds that keep-alive connections should be maintained. The value is specified in seconds and must be between 1 and 10 seconds.

The experimental feature allows you to specify a maximum number of connections to open on the server, which can improve performance for your application if there are more clients than available connections. The default value for this option is 10 seconds, which means that all connections will use a timeout of 10 seconds before being closed by the server. The minimum value is 1 second and the maximum value is 10 seconds.

Stable WebCrypto (WCF):

Node.js 19 will officially support WCF (Windows Communication Foundation) and its new stable web crypto implementation, which allows the browser to communicate securely with the server without sending any sensitive data in clear text, even over HTTP. WebCrypto (WCF) is the new IIS feature that allows you to encrypt and decrypt data securely. WebCrypto is a WCF feature that enables encryption and decryption…

Source…

Spoofing vs hacking: What’s the difference?

/in


SIOUX FALLS, S.D. (KELO) — On January 23, 2023, South Dakota Gov. Kristi Noem announced via news release that her personal cell phone had been “hacked.” The release in question states: “Governor Noem’s personal cell phone number has been hacked and used to make hoax calls.”

It is unclear from the release whether Noem’s personal device itself has been compromised, which would constitute a “hack”, or whether someone has simply posed as Noem using her number, which would not.

A request for clarification on the nature of the “hack” described in the release was not answered by the Governor’s Office. Regardless of this specific situation, what is the main difference between hacking into a device and simply using someone else’s phone number, an act known as ‘spoofing’?

To find out, we spoke with Arica Kulm, Director of Digital Forensic Services at Dakota State University.

“It’s kind of two different things,” said Kulm. “Your identity can be compromised — we put our information out there on social media; we put our information out there online in a lot of different forms — it’s really hard to protect all of your information.”

Kulm says that data breaches can reveal your birth date, phone number, social security number or other identifying info, all of which can be packaged and sold online.

“The other side of that is your phone can be compromised,” Kulm continued. She says this can be the result of downloading an app, clicking on a link or using unsecured internet connections.

The key difference between spoofing and hacking comes down to this: “If your device is compromised, that would be considered your device has been hacked — if it’s your identity that has been compromised, you’ve been spoofed or impersonated,” said Kulm. “If I make a phone call and use your phone number, I haven’t compromised your phone — I’m spoofing your phone number.”

Spoofing, it turns out, isn’t difficult. “There’s online services you can use to do that,” Kulm said. “There’s ways to make prank phone calls doing that — businesses use that…

Source…