Cyber Security Threats and Counter Measures

Cyber security Threats are indicators or bugs in environment or software. Which can cause huge impact the business or an individual. Which will impact business reputation and theft of personal data etc.

Counter Measures are used to mitigate the security issues in Cyber security. Threats like..

• Sniffing
• Dns attacks
• Man in middle attack
• Phishing
• Viruses
• DOS

• Always try to use virtual private network (VPN)  in open network. VPN like cisco any connect provide high encryption and ensure security in network in which you are connected.
• Whenever user try to access websites use the https in search engines in address bar.
• Because whenever you use Http which has a bug all your data will not be encrypted, so if you are logging in through http enabled website which will have unencrypted password and username in Web cache.
• HTTPS is a hyper text transfer protocol secure which will enable encrypted tunnel.
• HTTPS uses SSL (Secure Socket Layer) or TLS security certificates enabled. So all the data in the websites will be encrypted. Even Web cache also encrypted due to session hijacking issues  session I'd also encrypted using https.

SSL (Secure Socket Layer):

• SSL is a socket layer security used in application layer. SSL is a Asymmetric cryptography uses public and private key encryption.

User -> Message(Public Key Encrypt) - >Message (Private Key)->Secret key used to decrypt on destination end.

• AES-Advanced encryption standard algorithm cipher approved by NIST in 2011. 
• Other ciphers includes twofish, Blowfish which used to replace DES algorithm. RC4, 3DES are ciphers with more number of bits.

Transport Layer Security(TLS):

• TLS 1.0 is a very bad idea and unsafe. TLS 1.0 Can be POODLEd, BEASTed and otherwise padding-Oracled Database as well. Lots of other CVE weaknesses still apply which cannot be fixed unless by switching TLS 1.0 off.
• TLS 1.1 is only a bad compromise though it is halfway free from TLS 1.0 Problems (but since both protocols do not provide any modern cipher mode which are essential today, the modern encryption methods do not work here)
• TLS 1.2 with CBC Ciphers ON and also RSA on is kind of a Number play whether your connections are entirely safe or not. Which depends on how the ciphers are implemented on either side of the Connection from Server to Client browser. 
• TLS 1.2 without any CBC Ciphers (that means also plain RSA handshakes off) is safe enough only TLS 1.3 is safer because of its handling improvement and the exclusion of everything that went obsolete since TLS 1.2 came up.
• TLS 1.3 uses all algorithm for key exchange except Deffie-hellman algorithm. TLS 1.3 users certificates in server and Client, hacker unable to modify any information while in handshake. 
• TLS 1.3 also uses RSA-PSS, this RSA-PSS is immune to cryptographic attack. One of the safest method is TLS 1.3.

All other encryption methods are unsafe 64bit including 3DES and RC4 ciphers are already disabled.

• TLS 1.0 was published as RFC 2246 in the year 1996
• TLS 1.1 was published as RFC 4346 in the year 2006
• TLS 1.2 was published as RFC 5246 in the year 2008
• TLS 1.3 was published as proposed standard in RFC 8446 in the year 2018.

Hill Station view :

https://valparaihillsheaven.blogspot.com/2019/?m=1

How to secure devices from cyber threats:

Https://viruscmd.blogspot.com