Like a Cheetah chasing a Chiron

February 18, 2024

image “How do you make a Click-Jack work?” by using a Mouse! Hey people, This is the part-24 of our series, How’s the Sunday going? please don’t tell me that you’re getting the Sunday blues, If you do, I have the right prescription, get out of your bed and take a different route which leads to nowhere. A place you haven’t been before, It’d surely make you happy. Let’s get into our topics.

  • Strong Password Policy When It comes to good password management, we tend to forget the most important things, complexity of the password and uniqueness. A password must contain a mix of upper+lower case alphabets, special characters, numerals and in such a way that a normal attacker cannot guess. I know that in daily life we cannot remember a complex password, in those cases we have to use some secure password manager(Most of them are paid, so think about it probably < a week worth of biryanis), these passwords managers can save us big time, don’t worry they follow zero trust security(mostly) and have enough security implementations which can withstand a series of cyberattacks. So, don’t use password such as “yourname@777, yourDOB, yourGFname143, yourBFname, Happy2024! etc. These are literally 2 decades old and are the first ones to get compromised, have a look at RockYou.txt and tell me what you think. Then create passwords better than those in it. 2. Firmware Behavior Analysis So, what’s this firmware? firmware is a set of code which is placed into the hardware parts of electronic devices, to control their functions. Coming to their behavior, they can act odd and sketchy sometimes, firmware creates the interaction between the hardware components and user’s devices. The devices which are connected to the internet can face a lot of threats. They can be compromised using specific malware tailored to that particular device. The behavior includes common lagging, sudden crashes, abnormal logs and details in connected apps.
  1. Message Authentication Message authentication works by making sure of who has the access to read certain messages, be in a company’s infrastructure or outside. Without authentication the login fields/sources might be abused from attackers, they can even do it for the sole purpose of service disruption not even for the compromise.
  2. Message Encryption Message Encryption works by integrating encrypting techniques and using them, this can make the interaction between two parties secure and robust. These encryption methods can be irreversible, that makes the thing a good-to-go!
  3. Homoglyph detection It includes detection for characters that look a-like and seems as normal for the average user. These are important to mitigate because an attacker trick unsuspecting victims and make him click malicious URLs often containing malware. If you remember, I’ve once discussed about acrylic characters which look a-like to normal alphabets in the beginning articles. That’s it for today, I’ll try being more specific in next post, hopefully. I’ll see you tomorrow!