Cybersecurity

Hello All, New here but looking for advise/chatter about the Manufacturing landscape what changes or risks are everyone seeing out there in the Covid world we are navigating?

Today more and more banking clients are using mobile devices to do their transactions. By doing so the risk for the banks itself grow of being hacked. If customer data is lost or the bank account of the customer is breached this will lead to a loss in reputation besides the financial risks. What may…

Hello all, Question that I would like some feedback on if possible. If you are part of an organisation that has no real top management sponsorship for your cyber security framework and has little appetite for budget commitment, how do you drive engagement to achieve this?

Dear All Seniors, I need your advise for my career. I have around 10 years of experience in IT including testing and development. I did my computer engineering. I want to build my career in cyber security but i'm bit confused that how to start, which courses/ certification. Can anyone clarifying my below questions? 1)…

What is pci pin & its scope & certification process?

Times have changed, we are now in the 21-century, yet we're still using the age old password system, hackers now have state-of-the-art tools to steal our passwords, we also need better ways to protect ourselves, we need to be a few steps ahead of the hackers. The fact that accounts with traditional passwords will be…

Is there some place to find a list of verified motherboards for PCs planned to be used in a secure lab that may have to connect to the internet periodically? I see various hardware vulnerabilities are out there and so I'm looking for the best hardware/firmware that doesn't have any known issues like these examples:…

Hi everyone, I wanted to deal with a topic that I consider very delicate and particular, which can have several interesting ideas. I will tell you about a situation that happened to me, working for a large company in the financial sector, receiving the request from its TLC structure, to whitelist some vendor IP addresses…

Hello everyone. I'm a student majoring in information security. I want to know more about this job sector, since I'm about to graduate and want to be prepared for when I apply.I just want to ask these questions to anyone who works in a related field: 1. What is the advancement in this field? What…

Whenever we inject our php code in any environment file or some log file in local file inclusion,and then we load that page then how does it executes that php code inside that file. If it were some javascript code as in XSS then I understand how it is executed but,how does loading a log…

Internally perform management assessment and testing for risk management readiness.

What is the best approach for windows 10 machine hardening and what it is required?

Cross-site Scripting (XSS) Attack: Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application. XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of invalidated…

Question: I know that when wiping a hard drive, the DoD has a recommended level of erasure to protect the privacy of your data. Does the DoD have a comparable recommendation in terms of how a private citizen can protect their online browsing?

https://www.weforum.org/agenda/2020/05/principles-for-effective-cybersecurity-leadership-covid-19-coronavirus-pandemic-cyberattacks-cyber-risk-security-cloud-technology/

I am trying to create an IT Incident response plan for a non profit org with virtually no in house server workload and all critical applications hosted on different SaaS providers' infrastructure. I wonder if anyone has the experience on how to approach this. Thanks for your input.

We are living in an age of rapid technological change with potential growth and innovation in AI-ML-Robotics. The very use of internet with a reach to billions of people around the globe, and the current impact of digital transformation is phenomenal with an exponential growth in technological advancement and innovation in the area of behavioral…

Hi, i am creating this forum to understand the best & safest mode of data tansfer between PC to PC. which is better to transfer data between ICS & IT network use of USB or CD/DVD & why?

In order to follow best practices, a knowledge base fed by community and academic expertise, a systematic and structured approach to consider and propose options for controls to prevent, detect, respond and recover to cyber security incidents involving an organization system, data or network, which control frameworks have worked better for you?

My organization has 2 mirrored server systems in separate locations and we subscribe to a cloud-based storage system as well. What else would you recommend for our infrastructure to ensure we are as protected as we can be?