Cybercomp Technology Solutions

Deploy our hotel management software and take control of your hotel at a cheaper cost.
It's features are great, It is suitable for all kinds of hotel.

FOR ENQUIRY:
Whatsapp: +23481699675 1, Call: +2349025693239, +2348069149908

"Education is the backbone of sustainable development, Information Technology(IT) has the key to mordernise and refining education sector".

Watch out for our innovative educational solution software.

Information Technology (IT) A Panacea To Nigerias' Problems. A Vivid Discussion On Solution To Major Problems Nigeria As A Country Is Facing. Coming Soon........

Be mindful of your browser's extension!

http://thehackernews.com/2016/11/web-of-trust-addon.html

'Web Of Trust' Browser Add-On Caught Selling Users' Data — Uninstall It Now Web Of Trust (WOT) Browser Add-On Caught Selling User Data

We are in the era where the world economy greatly relies on the information and communication Technology, ranging from Education, Health, Business, Entertainment, Media and advertising, Banking and Finance, and Management; Information Technology is not just the driver of the world economy but also enhances speedy development of any nation through its uses in Science and Technology.

As significant as information technology is, the developing nations such as Nigeria and other African countries is seriously far behind, few people actually knows or cares for the relevance of this invaluable technology.
We at Cybercomp Technology Solutions have chosen to be of usefulness in providing, Cyber security, Networking, Data recovery planning and services, Hardware Maintenace, and Software services that will be less cost and productive, ranging from Education software, accounting software, HRM software, CRM software, Agricultural software, e.t.c

in a short period we will announce to you our new software called "Skoolbase", this software will come with a lot of functionality and features ranging from e-learning, e-Library, School Information Management System and e-bursary system.

Cybercomp Technology Solutions has developed a school financial management system (SFMS) it is an e-bursary web based software. This innovative software is to replace the old paper based system of bursary in the school system.
The software has a lot of features ranging from integrated online payment system, payroll, accounting and financial management.
The software is currently under review and security check to be sure of it's efficiency, performance and security.

Enigma coding machine auction boosted by bidding war - BBC News A telephone bidding war between two parties helps an Enigma coding machine sell for more than double its estimated price.

Darkode hacking forum forced offline - BBC News An internet forum used by Lizard Squad and other hackers has been forced offline following arrests in the US, UK and other countries.

The Dinosaurs Of Cybersecurity Are Planes, Power Grids And Hospitals :

As we continue down the path toward complete connectivity — in which all devices, appliances and networks connect to each other and the Internet — it is evident that much of our longstanding technology can no longer keep up.

And it’s not an issue affecting only tech companies and web-connected devices, it’s affecting systems and infrastructures that most would expect to be the safest in the world. Even airplanes are at risk, and the recent breach of the Office of Personnel Management demonstrates that government networks can be breached as easily as those in the private sector.

Even though recent incidents may have been a surprise to the general public, it wasn’t for my team or me. The only surprise is that we are not hearing about these attacks more often. It’s no secret that companies are hacked way more often than they report (or even realize). These systems have always been vulnerable; it is only now, when “cybersecurity” has become top-of-mind for leadership in government and enterprises alike, that the incidents happening every day are garnering broader awareness.

Shiny new features and network connectivity are what customers are demanding in products; with security simply as an assumption. We layer new connected capabilities atop aged infrastructures and machines grounded in old technology, only to introduce huge risks that previously never existed. Vendors of critical systems and infrastructures are used to their systems being operated in isolated environments, far away from hostile network traffic.

We are risking the possibility of experiencing true damage to our core infrastructure.

But now, regardless of the environment, companies use off-the-shelf software and hardware wherever possible for the sake of agility and cost, when time and again we’ve discovered that they aren’t secure. The problem is further exacerbated by slow patch rollouts that, once they’re available, are not implemented for the sake of avoiding the risk of downtime.

It’s time to stop using a patch’s level of severity or complexity as an excuse for taking little to no action. Threats are rapidly evolving, and organizations are falling behind as they fail to employ the right security measures. We are risking the possibility of experiencing true damage to our core infrastructure. Everything — power grids, oil rigs, airplanes, hospitals — will remain vulnerable to cybercriminals until we make changes.
Today’s Dinosaurs

Examples of this longstanding problem are abundant. Late last year, it was discovered that malware known as BlackEnergy had been targeting industrial control systems — specifically, human-machine interface (HMI) products — of companies in the utilities sector and installing backdoors beginning in 2011. Despite an advisory from the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), patches were slow to be created, taking months, and some were not available until recently.

This is concerning. But more concerning is the fact that it will be many more months or even years before most companies apply these patches to their systems, if they do at all. This is just a reflection of the fact that industrial systems have never been designed for the constant updates and patches that the modern world requires to continually secure systems.

Perhaps the best example of how far these systems lag behind modern security requirements is the fact that none of the widely used industrial control protocols even support authentication, let alone encryption. This all ultimately means that once attackers are in a network, they can remain in systems for years, as illustrated by the BlackEnergy campaign. It would be simple for attackers to remotely execute commands to massively disrupt critical organizations such as energy providers once already in the network.

Healthcare organizations are also a prime target. With the industry’s wide and comparatively open infrastructure, new connected devices are constantly bridging the gap for attackers to infiltrate secure networks. Even when integrated into healthcare industry-standard security suites, these devices are still the source of attacks and where attackers pivot to compromise healthcare systems.

The IT staff at hospitals have no insight into what software is actually running on medical equipment. Understandably, the equipment manufacturers do not want unintended changes made to the configurations of these devices. But this essentially results in opaque devices, which customers are unable to verify while manufacturers label them as “fully secure.” In reality, the only reason these devices are still considered secure is the fact that no one has tried to compromise them. Yet.

Airplanes are a great example of this last point. Until recently, the average person would not even consider that “hacking” an airplane was possible. Yet, when Chris Roberts ended up in the news for making a plane fly sideways (or so the FBI seems to claim), security researchers began to examine all the ways someone might actually be able to interface with aircraft systems.

Companies are saving time and money by using off-the-shelf solutions, but they aren’t investing in proper security measures.

Airplanes increasingly have satellite or cellular communications links to the ground, and there is a rapidly growing trend of airlines offering some form of in-flight Wi-Fi, whether for access to the Internet or general in-flight entertainment systems. While it remains to be seen whether any of those communications paths could actually result in a successful attack on critical flight systems, they are all possible attack vectors that did not exist even a few years ago.

Moreover, almost all of the avionics systems connected in these communications paths run a combination of off-the-shelf and proprietary software. Like industrial or medical systems, patches are rarely made available and, when they are, it can take months or years until they are applied. It is only a matter of time until we start finding malware at 30,000 feet.

So what can we do to avoid and overcome these problems as devices, gateways and software solutions permeate older infrastructures and become avenues for attack?
A New World For Infrastructure

All the security challenges and problems that currently exist for infrastructure aren’t really anything new, but there is no need for critical infrastructure industries to reinvent the wheel.

Microsoft, for example, has begun to make changes to its security update process, eliminating patch rollouts with automatic updates that concentrate on critical security issues as they arise. It’s a new method (though not for browsers and applications) that stands in stark contrast to how patch rollouts are currently applied to critical infrastructures.

Unfortunately, there is a vast amount of security research, practices and products available that these “dinosaurs” simply aren’t using. Even improvements from companies like Microsoft have to overcome the hurdle of implementation.

Why? When things do go wrong, it is easy to blame the manufacturers of the infrastructure systems for their security shortcomings. But in all of the mentioned industries, the issue is really a matter of customers wanting to have their cake and eat it too. Companies are saving time and money by using off-the-shelf solutions, but they aren’t investing in proper security measures.

Being proactive is especially important for organizations with large legacy code bases and systems that are unlikely to be ripped and replaced. Bolt-on solutions and the latest “next-gen” technologies are not going to solve inherent design flaws in these systems. Instead, companies need to realistically consider the risks of connectivity, continually test their systems and only allow it if the risks can actually be mitigated. Additionally, they should demand systems that meet modern security standards, and refuse ones that do not, so manufacturers have a reason to build securely.

Each week brings news of another possible case of cyberespionage, feasible plane hacking, real critical infrastructure vulnerabilities and much more. In this light, security must be considered just as important as functionality and safety, so that our most important systems are secure from cyber threats. The alternative is to go the way of the dinosaur.

Top Security Experts Say Government Limits On Encryption Present Risks:

A group of top cybersecurity experts reported today that giving law enforcement special access to encrypted data for investigations would pose “major security risks.”

The Massachusetts Institute of Technology’s Computer Science and Artificial Intelligence Lab report included input from cryptography expert Bruce Schneier and researchers from MIT, Stanford University, Columbia University, Cambridge University, Johns Hopkins University, Microsoft Research, SRI International and Worcester Polytechnic Institute.

Since October, U.S. law enforcement officials have called for a special door that would allow government agencies to access encrypted data that could help them in investigations. The report tells us that a backdoor for the government and law enforcement also provides an opening that could be exploited by hackers.

The experts argue such special access points “pose far more grave security risks, imperil innovation on which the world’s economies depend, and raise more thorny policy issues than we could have imagined when the Internet was in its infancy.”

“At a time when we are struggling to make the Internet more secure, these proposals would take a step backward by building weakness into our infrastructure,” MIT principal research scientist Daniel Weitzner says. “It’s like leaving your house keys under the doormat: Sure, it may be convenient, but it creates the opportunity for anyone to walk in the door.”

The report comes just one day before Federal Bureau of Investigation director James Comey appears at back-to-back hearings on the Hill to make his case that the agency should have backdoor access to encrypted data so that it can complete investigations. Comey has been calling for action on this issue since October, when Apple first released an operating system with encryption enabled. Public discourse on the issue was reignited a week ago when Prime Minister David Cameron said he would ban encryption, a lofty and unpopular goal.

The White House has notably remained silent as public discourse has mounted. The Washington Post reported aids were compiling a report on encryption in the spring, but a spokesman said the White House has nothing to announce at this time.

Comey took to the popular security blog Lawfare to make his case yesterday.

“There is simply no doubt that bad people can communicate with impunity in a world of universal strong encryption,” Comey wrote. “I really am not a maniac (or at least my family says so). But my job is to try to keep people safe. In universal strong encryption, I see something that is with us already and growing every day that will inexorably affect my ability to do that job.”

The debate over privacy and security is as old as the Fourth Amendment. One can reasonably understand that at times law enforcement, with the appropriate oversight, may need access to private information.

But today’s report goes beyond theoretical debates about civil liberties and asserts the action legislators are considering is not even possible. According to the CSAI Lab experts, we do not currently have a technical capability to create a door for law enforcement that could not be exploited by others.

Many of the issues at play hark back to a Clinton-era discourse over what was known as the Clipper chip. With the rise of the Internet, the National Security Agency was searching for a way to protect its electronic surveillance abilities. The Clipper Chip was a microcircuit that would “encrypt” data but also give the government access to the keys needed to unlock the data. The chip faced backlash from the public and was never adopted, setting an important precedent for encrypted communications.

The CSAI Lab experts report requiring such an access point almost 20 years later poses even more of a threat today due to the comparatively larger role computers play in our economy and daily lives. With more hackers with more advanced capabilities than ever before, it’s not the time to limit our devices’ security mechanisms.

The group’s conclusions mirror what private sector companies, who have been ramping up encryption efforts in the wake of the Edward Snowden revelations, have said for months.

U.S. law enforcement is finding itself in a bind of its own construction. If the government had not engaged in such broad and arguably overreaching surveillance tactics, it’s likely companies like Apple would not have had such a business incentive to release encrypted operating systems so quickly.

The debate over encryption and law enforcement is one that is essential to our democracy. Tomorrow Comey will be the only witness in a rare open hearing of the Senate Intelligence Committee. As Congress considers action on this issue, it must include the perspectives of the top experts at MIT and the tech companies.

As more high profile breaches come to light everyday, it’s important to remember the cost of special access may outweigh its benefits.