online Archives - Up For Anything

What you should know about the Meltdown and Spectre Bugs

January 24, 2018 By admin 2 Comments

2018 isn’t off to great start when it comes to cybersecurity. At the beginning of the year, a couple of vulnerabilities for CPUs were found that can have potentially devastating effects. The Meltdown and Spectre Bugs have not only increased security risks for computers, but also for tablets and smartphones. Applying fixes can reverse the security risk, but at the cost of processing speed. For example, you can find the Meltdown and Spectre Debian patches here.

What is Meltdown

This vulnerability allows for access of private memory in the Kernel, which can contain passwords and other secrets of the operating system, including other programs. This can leave you open to attacks, as malicious programs can easily find every password from the kernel’s private memory zone. Even running JavaScript from a website is a security risk when using an unpatched CPU.

Luckily, there are system updates that can fix this, as well, since Microsoft, Apple, and Google have rolled updates to fix the bugs, as well as the developers of several Linux Distributions.

What is Spectre

Even though Spectre also deals with kernel memory, it’s slightly different than Meltdown. Instead of directly accessing the private memory zone, Spectre allows a malicious program to trick another process to run on the same system in order to leak private information. This means that it can trick programs like your browser to reveal all currently used passwords.

This vulnerability is not exclusive to Intel, but it also affects AMD and ARM devices. In other words, practically any device, including tablets and smartphones. Spectre is difficult to patch, but also difficult to exploit, and currently, there are ongoing struggles to permanently patch the bug.

Intel was probably aware of Meltdown

As per Intel’s statement, even with Meltdown, everything is working as intended. Intel executives have also been accused of insider trading, and the engineers working to develop the chips had to sign NDAs that forbid them from talking about the bugs that can have excessive security risks.

Even Linus Torvalds – the creator of Linux – has accused Intel of not willing to provide a fix. The debacle resulted in a drop in Intel’s share prices, while AMD’s have gone up.

Protection against the exploits

Since this is a high-risk situation, there isn’t much to do than waiting for the updates to roll in. If you haven’t updated your system, this is a good time as any, since that’s the best way to protect your device from the bugs. Most, if not all, Linux distros should’ve already gotten the updates, and if not, they’ll get the fix soon.

Updating the browsers is also a must, because they pose a security risk too.

This has been a horrible event for security. Even if Intel wanted to appear to have faster CPUs than AMD, users shouldn’t be left vulnerable to exploits and bugs. Patching the bugs will slow down your CPUs significantly, from 10-30% so Intel users should be more careful when purchasing an Intel CPU next time.

What Is UEBA and Why Does it Matter

August 1, 2017 By admin Leave a Comment

Have you heard of user and entity behavior analytics (UEBA)? If not, then it is time you got on board with it! Basically, it is a technology that helps you to identify attempted security breaches before they actually make it through. It does this by developing a baseline of activity, something that it classes as “normal”, and that instantly identifies anything that moves away from this norm. It is used alongside other forms of technology and works particularly well in organizations that produce and store a lot of big data.

Why Does UEBA Matter?

We live in a world where attackers have almost made a game of trying to breach through various defenses. Web gateways, intrusion prevention systems, and firewalls are all important, but they simply aren’t enough anymore. Today, organizations, and particularly large ones, have such a vast, jagged, and porous IT perimeter that it has become almost unmanageable. Security experts, managers, and executives, therefore, are having to look at it from a different perspective. No longer can they focus only on prevention, they must focus on detection.

The tools and technology that are available today are important and powerful, creating logs and alerts, but they are also significantly lacking. This is because they focus on strict and simple rules of correlation, and experienced hackers can easily evade these. This is because existing systems focus on real time actions, when today’s attacks often take several months to complete. A good UEBA, by contrast, doesn’t rely on rules or signatures. Instead, it uses a variety of risk scoring methodologies and algorithms to figure out what is really happening.

Understanding the Behavior Graph

UEBA is a completely unique approach to security as it uses what is known as a “behavioral graph”. This creates a visual picture that enables people to track and detect threats. This ensures security analysts can always see their entire IT environment and what it should look like, so that they can easily spot any anomalies. This makes it more accurate than any other solution has been able to achieve to date. This is interesting, since UEBAs were originally developed to gain a greater understanding of consumer behavior, not to provide a security feature.

One of the key things that UEBAs do, is to generate a risk score and to create these for a range of different types of entities. These findings are then instantly communicated to the relevant analyst. They look at individual entities, but also collections of entities and, in so doing, they can determine how big a risk actually is, so that a security expert isn’t contacted every time someone accidentally allows a popup on their computer, for instance. Rather, it will highlight potential lateral movements, malicious beaconing, data exfiltration, and data staging instead. Those are key signals that something is actually going wrong and, by providing security experts with those signals as and when they appear, there is a far greater chance of plugging a potential hole in the security before someone actually manages to get through.

Making Extra Money – By Using The Internet

August 19, 2016 By admin 2 Comments

Source

If you’re looking for ways to make some money on the side, look no further. Here we have put together a few of the best ways to make money online that are gaining popularity around the world making it easier than ever to help you save for those gadgets or holidays you’re looking at. Take a look and see if any of these sound like the perfect answer to your money saving wonders.

Freelancing

If you have a fantastic skill such as writing, graphic design, website coding or even marketing, this can be the perfect way to pump up the cash. With websites like Upwork, People Per Hour and Fiverr busting into the online work marketplace these days, almost anyone with any kind of skill can make that skill work for them. So go check out one of these websites and see if you have anything that fits the bill to make some extra money on the side.

Tutor Online

If you have education in a specific area such as teaching, Math, English or History you can put this to work for you online by offering your skills in specialised subjects to students who are in need of a tutor. These days, online tutoring can be preferable as both students and tutors don’t need to meet at a pre-arranged location, saving both parties time and potentially money. Additionally, online tutors can offer their services for cheaper than traditional in-home or in-class tutors, which opens the market up wide for regular people to get in on the ground floor with this potential money maker.

Playing Games

You might think this sounds too good to be true, but by playing simple lottery games such as the US Powerball and other US lotteries can help you win some small sums of money, and with it being easy to play by subscription, it means you can always have a ticket in the next draw for potentially huge winnings. These results can be checked and subscribed to online meaning you will never miss a draw. You can also even get a few friends into a group ticket to lessen the costs for more potential numbers.

Recycling

This may sound a bit strange – but in actual fact there is a lot of money to be made in recycling old possessions such as mobile phones, DVD’s, CD’s, video games and the like. There are a few websites out there that offer cash for things of this nature – the newer the better, but will still take the odd old piece for a good price. Books and things are often accepted too, with some unique lines of books being quite lucrative. So check around the house and see if there’s anything collecting dust that could instead be used to collect dollars.

So as you can see there are a few ways to make some extra money, without giving up free time or having to get an extra job on the side. So check out a few of these examples today and see just how you can put your free time to work for you so you can get back to enjoying your work/life balance!