Amar Bhattarai

Cryptojacking is a growing threat in 2018 and there are several ways to prevent this threat. Few of the methods to prevent this emerging online threat are discussed below. Installing browsing extension Most of the crypto mining malware works from the web browser so we can stop that malware by installing a browser extension. There are few browser extensions like ublock origin & Malwarebytes that will help to block any cryptojacking scripts. If we have these extensions installed on the browser, they will automatically stop those scripts from running on the browser which will prevent the browser from running the mining code. Those extensions are available for free and they regularly update their signature. Since they will automatically filter the mining codes we don’t need to check them manually. Therefore, installing a proper extension will help to get rid of cryptojacking malware. Installing only trusted applications Another big source of crypto mining malware is untrusted ap

There are several ways to identify the hidden crypto mining malware on our computer. We can either detect and identify that malware manually or by using the third-party antivirus or antimalware tools. These are the few ways to identify the cryptojacking malware on our computer. Monitoring CPU usage If we see unusual CPU usage behavior then our computer might be infected with cryptojacking malware. Usually, there won’t be much CPU usage when the computer is idle. We only see a spike in CPU usage when we are using heavy programs, so if we see high CPU usage on our computer when we are not using any programs on the computer then this might be the result of cryptojacking malware. We can manually monitor the CPU usage of our computer when we open any web browser or open any website. If the CPU usage is increasing when we open any website then there might be cryptojacking code on the website, we can then block those websites from being loaded on our computer. If we see high CPU u

Cryptojacking is an online threat where a hacker uses the machine's resources of the victim to mine online currencies called cryptocurrency without their consent. Cryptojacking is one of the growing online security threat of 2018. According to the report of McAfee Labs, there is 629 percent growth in cryptojacking threat in 2018 Q1. Cryptojacking will hijack the processing power of the computer and mobile devices and uses it for mining. Mining cryptocurrency will need dedicated hardware with good CPU or GPU so that it can calculate the hash required for mining. Setting up this hardware and making it run is costly. Therefore, for cryptojacking hackers will use many infected computers for the hash calculation so that they don't need to use their own hardware and resources for the mining. According to Check Point Software Technologies, 40 percent of the top 10 malware are crypto mining malware. We can see many websites hosting crypto mining code for their profit and it is esti

Technology has changed the way we do business and it has become an essential part of modern commerce. Technology has become the need of every business. Not only they are using technology for marketing their product and providing the better support they are also expanding their presence to the digital world with e-commerce. For communication, business is using latest technologies like VoIP which provide more functionality to the organization and is more easier and faster than traditional communication system. Since every employee needs a computer for their job in the organization, some companies are also promoting Bring Your Own Device (BYOD) on their organization, as it can reduce the cost of buying a new device and increase efficiency since employee are working on their own machine. Although these new technologies have made the job easier and faster they possess several threats to the business. We can see smart IoT devices being installed on the organization to monitor the envi

These days business operation can't take place without using the technology and internet. Business must use computer network and system to perform their operations. Traditional methods of handling data and performing the job are already obsolete and workstation are digitalized. Information of an organization are being stored in the cloud and the type of information that any organization collects is increasing. Since, technology has become the part of business operation new strategy means more data, more information and more use of technology. If the organization is collecting more information and storing the data, then the responsibly to keep that information security will increase. The organization must understand the current state of information security and potential risk to information after implementing the new business strategy. All the technical components like hardware, software, network configurations, must be reviewed to get information about security issues. Flaw o

Now many companies have started knowing about the potential of blockchain to develop their applications. The need for secure identity management system has become very important because currently, US retailers are losing about $32 billion because of fraud. All of this is happening because of the poor identification system that is currently existing. Migrating the identity management entirely in the blockchain is not going to happen overnight but we need a system that protects the identity information and the authentication process. Multi-factor authentication was introduced to solve the current issues but enabling multi-factor authentication with blockchain will help to make it more secure and will add an extra layer of security to the application. Authentication using blockchain will be as easy as taking a picture because for the entire authentication process user must scan the QR code only with the application. To use the authentication using blockchain one must be using an appl

The blockchain is distributed ledger of digital events that have occurred between different nodes on the network. Each transaction or event on the blockchain is verified by consensus of most nodes on the network. Once the information is stored on the block it can never be modified or deleted. Blockchain contains the information of each event on the network and the information is shared with all the nodes of the blockchain. Bitcoin was the first major innovation of blockchain. It was created in 2008 by Satoshi Nakamoto as an experimental digital currency which is now worth more than $100 billion. Bitcoin is the most controversial technology because of anonymous transactions nature. However, the technology behind bitcoin i.e. blockchain is not controversial and lots of innovative applications have been developed on the blockchain. Marc Andreessen, the doyen of Silicon Valley’s capitalists, listed the blockchain distributed consensus model as the most important invention since the

Although there are lots of method and devices available for authentication, each of the authentication that we use has their own limitations. Below are the authentication systems that we are using and their limitations: Password ID and password are the most common and widely used authentication method. Although it is one of the widely used methods it carries huge security risk. One of the biggest problems with this system is that anyone can guess the password and can be shared knowingly or unknowingly. Also, the no. of the password will increase with the no. of service that user uses. It is insecure to use a single password for all the websites, so it is recommended to create a unique password for each website. Users cannot remember all the passwords that they have, and they might write it somewhere, which can later be leaked. The password can easily be stolen online by using phishing sites and can be stolen with keyloggers. We can create a strong password by using long charac

Identity management is the process of authenticating users to find the access that they have. It will help the individual to get access to the system which they are authorized. Identity management is focused on authentication. Computers these days are capable of handling multiple users at a single time. Data of multiple users are stored on a single database and they are managed with proper access control. The process of verifying the identity of users by matching the credential provided is called authentication.  The main function of authentication is to grant the right access to the right person at the right time so that there will not be any unauthorized access on the system. Different people in any organization will have different role and functions so they will have different access right and identity management is to ensure that the users only get access to the system that is assigned to them. Authentication works by providing the proof of its identity to the server by a cli

In my previous article , I posted about the phishing attacks and different types of phishing attacks. On this article, I will write about the best practices that will help us to control the phishing. Phishing can be prevented somehow if we do follow best practices for anti-phishing. Some of the best practices for anti-phishing are listed below. Maintaining Firewall & IDs It is mandatory to maintain proper security infrastructure by installing and maintaining firewall and intrusion detection system. It should also provide security against malware. Awareness Awareness is one of the major things that we need to mitigate the phishing attack. New Intel Security study demonstrates that 97% of individuals can’t recognize phishing messages. Therefore, it is very important to make people aware of phishing. Updating Web Browser The web browser is one of the application software where users spend most of their time online, therefore, it must be regularly updated, and security

Phishing is a method used by fraudster for stealing valuable personal data from a user. It is generally done by sending emails or creating fake websites. One of the most common attacks that we see on cyberspace is phishing and it is rapidly growing cyber threat. To get the personal information from people attacker send a fraud email to large no. of people and few might fall for the scam. The attacker will ask the victim to provide their sensitive information like credit card information, social security number or username, and password. Phishing is one of the most common cyber-attack it is very easy to do, and it also doesn't require much resources and time. Most of the phishing act are automated and the done in a bulk and they wait for the victim to put their information.  The attacker will create a fake login form, malicious files or personalized message and send the victim to take the action on their email. If it reaches up to the victim, then they might think that the email is