This paper provides new insights into establishing Incident Handling procedures for dealing with various types of malware. It also aims to give a detailed perspective into the various types of malware or malicious software and their propagation mechanisms. Malware needs to be handled in a certain way depending on its type and to do that, the different malware types and their handling procedures need to be understood. A clear handling procedure will help security personnel to quickly and efficiently handle the malware threat and reduce the impact/business disruption to the corporate users.
This paper is part of a community effort to help home users and students secure their personal computers. Due to lack of security awareness, a large number of users face multiple risks including virus infection, hacking, phishing, social engineering, identity theft and various other attacks. Well known security software (ones that are commonly advertised) that can protect the computers usually require some financial investment (before use and mostly have yearly recurring license cost) and certain amount of technical proficiency to use the software for protecting the system. Many users either aren't aware or may not be able to afford (students) investing in various security products. This makes them an easy target for cyber criminals and usually ends up as victims of identity theft and fraud. This paper tries to make the user aware about why and how he/she needs to protect the system they are using. It discusses methods to protect the system using freely available software and create a minimum security baseline. A brief introduction about the basic technologies involved is discussed followed by the construction of a secure network using the technologies discussed. It is concluded by giving some of the best practices that a user having personal computer(s) can follow to stay safe online and be a responsible computer user.
A short presentation about SSLAuditor (v4.0). It discusses about the various checks that are performed and the report generated.
In this presentation, the focus is cryptography which is the basis for the various security solutions in use. We will be looking at block ciphers, stream ciphers and the ciphers used in asymmetric cryptography including elliptical curve cryptography. We will then look at hash functions and MAC. The presentation ends with a description of digital signatures and envelopes.
In this presentation, the focus is on key management. We will be looking at the different types of keys, key life cycle and transitions and the X509 certificate format.
In this presentation, the focus is on architecture models and revocation types. We will be looking at the various trust models that exist and the different revocation methods that are in use.