Simple network Management Protocol(SNMP) runs UDP port 161 and 162 and is a widely deployed protocol used to monitor and Manage network Devices: to obtain information on and even configure various network devices remotely. It runs on any network device from hubs to routers and network printers to servers. SNMP clients also run in many workstations and Personal Computers. SNMP is also used in most of the network management packages for information gathering. Thought type and amount of data that can be accessed via SNMP depends upon the device on which it runs, it generally provides details of the...
Ransomware
Ransomware is a type of malware that blocks access to computer system either by locking the systems screen or by encrypting files and folders usually demanding a ransom to unlock. For most of the new variants of ransomware, prevention has become the only guard since data recovery after attack is almost impossible.Though no huge harm has been done in Bhutan till date by Ransomware, personnel drives and PCs have been found infected and the trends elsewhere could soon be in. Statistics from Microsoft depicting Ransomware trends from December 2015 to May 2016 is as below: Source: https://www.microsoft.com/en-us/security/portal/mmpc/shared/ransomware.aspx#what Most of...
DoS/DDoS Attacks
DoS/DDoS Attacks Denial of Service (DoS) is an attempt to make resources like web site/ services/ App/network etc. unavailable to its legitimate user by exhausting the resource to provide service, with too many request (or related manipulations). DoS is performed by single user or using single device, which makes it difficult for attacker with increasing strength of Servers. DDoS(Distributed Denial of Service) works on the same fundamental as DoS but combines strength of multiple compromised machines to attack single victim, thus completely crashing down or gaining complete control of the system resulting to hosted services being unavailable to legitimate...
SQL INJECTION
SQL INJECTION SQL vulnerability ranks at top of the list in our government constituency. It has, therefore, become quite paramount for the team to come up with an article to help ourselves protect our priceless application from getting victimized in the Internet space. SQL(Structured Query Language) Injection is a technique where malicious code is injected into an SQL statement from web page input that can alter SQL statement compromising the security of a web application. This happens when user inputs are not validated. Mitigation of this vulnerability is much more complex than just applying the Security patch, since it...
Protecting Privacy on the Internet
Bhutan is undergoing a major shift with regards to its technological infrastructure. With the advent of mobile technology and subsequently 3g services, the number of online users have skyrocketed in recent times. However, the general public at large are unaware of basic steps to ensure privacy online. The Global Cyber Security Centre (Capacity Centre) at the University of Oxford had partnered with the World Bank to provide an assessment of the existing level of cyber-security capacity in the country in 2015. The assessment conducted reveals cyber-security capacity within Bhutan especially in the area of privacy online is still at...