Joseph Ochieng

Joseph Ochieng’was born and raised in Kisumu, Kenya. He studied civil engineering as first degree and later on pursued bachelors in information technology from the technical university of Kenya. His educational background has given him the broad base from which to approach topics such as cybersecurity, civil and structural engineering. When he is not reading or writing about the various loopholes in cyber defense, the he is probably doing structural design or watching la Casa de Papel . You can connect with Joseph via twitter @engodundo or email him via josephodundoh@gmail.com for email about new article releases”
Biometrics and Cybersecurity

Biometrics and Cybersecurity

by

Biometrics is an element ingredient of cybersecurity. Technology makes things more comfortable, but rapid advancements come with new flaws and challenges. This makes security a primary concern. Protection of cyber-space from identity theft, theft of data, or even computer resources is referred to as cybersecurity. Hackers are continually evolving. As technology advances, they also take advantage of the new tools and skills and set security systems, making passwords inefficient as a protective mechanism. Because of such reasons, biometric security is fast gaining widespread adoption among companies, organizations, and individuals as the preferred way to safeguard cyber-space from hackers and other … Read more

what cybercriminals do to make money

What Cybercriminals do to Make Money

by

What cybercriminals do to make money is based on an analysis of what works.  Hackers experiment with different types of cybercrime to understand the types of cybercrime that are most profitable. Most hackers rely on extortion as the primary technique for monetizing their stolen information. Extortion has been a successful form of cybercrime for years. But there are many other ways that hackers can make money besides extortion.  We examine and explain many of these methods. Some people hack for the thrill, but the primary intent of malicious hacking for financial gain. With the right skills, any hacker can earn … Read more

How cybercriminals plan attacks

How Cybercriminals Plan Attacks

by

How cybercriminals plan attacks is a basic question that every cybersecurity expert needs to know. Cybercriminals use various tools and techniques to identify the vulnerabilities of their target victims. The target can either be an individual or an organization. Most cyber-attacks aim at stealing valuable information or breaching systems. Criminals plan active and passive attacks. Active attacks actively aim to alter the targeted system. On the other hand, passive attacks only attempt to acquire as much information as possible about their target. Active attacks may affect the integrity, authenticity, and availability of data, whereas passive attacks lead to breaches of … Read more

What-do-phishing-emails-have-in-common

What do Virtually all Phishing Emails have in Common?

by

What do virtually all Phishing Emails have in common?  By understanding what Phishing Emails have in common, you can quickly identify them and avoid these threats. What is phishing? Phishing is a method used by hackers to collect personal information using deceptive e-mails and websites. It’s a form of attack that uses disguised email as a weapon. The main objective is to trick the target into believing that the message is legitimate. It could be crafted to look like a note from a senior employee within their firm. Sometimes they are made to look like a request from their bank. … Read more

how does email get hacked

How does email get hacked?

by

How does email get hacked? There are several techniques used to gain access to an email account using a password or backdoors. With the rate of technological advancements, new technologies such as deep machine learning and strong artificial intelligence have led to more sophisticated ways of hacking emails. No email is immune to hacking.  Therefore, every company must educate its workforce on common hacking techniques and how to prevent them. In this article, I’ll walk you through the main techniques hackers use to access your email. By the end of this article, you will be well-informed of the hackers’ techniques … Read more

Security Awareness Covid19

Security Awareness During the Covid-19 Crisis

by

Security incidents have increased as criminals seek to take advantage of the coronavirus pandemic. The crisis has led to a surge in the number of cyber-attacks, malicious activities, and phishing scams, making cybersecurity awareness more significant than ever before for corporations, organizations, and other business entities. In a bid to curb the virus, employers had to implement a work from home policy. The change in the working environment has provided hackers with new opportunities to exploit. Black-hats see remote workers as a weak link that can be utilized to gain access to corporate networks and steal sensitive information, install ransomware, … Read more

Automation in Cybersecurity

Automation and Integration in Cybersecurity

by

Automation is one of the trending topics in cybersecurity. The primary reason for automating mundane and repeatable tasks is to allow people to shift focus to problem-solving activities. From a cybersecurity perspective, organizations can become more resilient to cyber-attacks by directing all the resources to these problem-solving activities. Technological advancements also bring with it more sophisticated malicious attackers. Therefore Cybersecurity programs must be prepared to adopt automated cybersecurity solutions. Globally, enterprises seek methods to improve their efficiency and profitability from their general activities like smart warehousing to automation and IT and cybersecurity integration. Integrating automation in an existing infrastructure comes … Read more

5G Cybersecurity

Why 5G Requires New Approaches to Cybersecurity

by

A brief history of Wireless Networks The University of Hawaii first developed the professional wireless network in 1969. The first commercial wireless network, WaveLAN product, was developed in 1986 by NCR. The second generation of wireless networks known as GSM was deployed in 1992. New standards were adopted every nine years, and in 2001, various 3G standards started popping up with equally competing deployments. After another nine-year cycle, wireless service providers deployed 4GLITE wireless technology, and it soon became the dominant technology. The fifth-generation technology for cellular networks, 5G, was deployed in 2019 and is currently expected to dominate the … Read more

Incident Response

Incident Response – A Complete Guide

by

Incident response is an organized approach addressing and managing the aftermath of a security breach or cyber-attack, also known as a security incident, computer incident, or IT incident. A cyber-attack such as a data breach can cause havoc to an organization and, therefore, should be handled to limit damage and reduce associated costs and recovery time. A comprehensive investigation is done about the given incident to prepare for the future. Advancement in technology has led to an increase in the number of security incidents. As technology becomes better, black hats also enhance their skills and techniques, implying that organizations are … Read more

Ethical Hacking

Ethical Hacking – A Complete Guide

by

Ethical hacking is the science of testing your computers and networks for security vulnerabilities and plugging the loopholes you find before guys with malicious intentions get a chance to exploit them. Ethical, for the sake of professional security testing techniques covered in this article, has been used to mean conforming to accepted professional standards of conduct. All the tests included in this text require obtaining written permission from the owner(s) of the system. Defining Hacker Traditionally, a hacker is someone who likes to tinker with electronic systems, software, or computers. Hackers enjoy learning and exploring new techniques on how to … Read more

Virtualization Security

Virtualization Security – A Complete Guide

by

Despite being a concept born fifty years ago, virtualization has advanced and can satisfy complex applications currently being developed. Half of all servers run on Virtual Machines (VMs), and the IDC predicts that close to 70% of entire computer workloads will run on VMs by 2024. As virtualization components increase and the virtualized environment expands, the main concern becomes how to maintain safe security levels and integrity.  Below is a brief look into some of the differences, issues, challenges, and risks caused by virtualization. This paper also provides some recommendations to ensure that the network is secure to the required … Read more

Cyber Threat Hunting

Cyber Threat Hunting – A Complete Guide

by

Cyber threat hunting is the process of proactively hunting for attackers or malware that are lurking in your network system and may have laid undetected. Just like real-life hunting, cyber threat hunting can be quite challenging and requires a uniquely trained professional with considerable patience, creativity, critical thinking, and a keen eye for sporting out the target prey. The prey may be quietly listening for confidential information, patiently siphoning off data, or working their way toward significant data, which can help them access crucial information or assets. Every organization needs additional cyber protections in addition to commercial cybersecurity solutions. This … Read more

Network Security Policy - A Complete Guide

Network Security Policy – A Complete Guide

by

The organization’s network security policy is an official document that lays out the organization’s security expectations.  The Network Security Policy outlines the security processes and the sanctions faced by those who fail to comply with the stated doctrines. Lack of a well-defined network security policy may lead to a loss of resources and opportunities for the organization. An ill-defined policy lacks any usefulness to the organization and only makes security an ad hoc process governed by the person in charge at that given moment. Loosely, a security policy is a formal set of rules that those who are granted access … Read more

IT Audit

IT Auditing – Planning the IT Audit

by

Introduction to IT Auditing The constant advancement of technology has dramatically changed how most organizations operate. The developments have seen pen and paper transactions replaced with computerized online data entry application, instead of keys and locks for filing cabinets, strong passwords and identification codes are being used to restrict access to electronic files. Implementation of innovative technology has magnificently improved business efficiency within most organizations, in terms of data processing and transmission capacity. Still, it has also created and introduced new vulnerabilities that need to be addressed and mitigated. Each vulnerability needs to be controlled, which implies the need for … Read more

computer forensics

Computer Forensics – A Complete Guide

by

Introduction to Computer Forensics  Computer Forensics is used to answer two of the most commonly asked questions about hacking attempts and data breaches: How did the attack happen? Is there a possibility of recurrence, and can such threats be prevented from ever happening again in the future?  There are no specific answers to these questions as it depends on the level of severity or rather the complexity of the cyber-attack. The process of identifying how the attack happened and whether it can happen again in the future can take weeks or even months. For an in-depth analysis of the origin … Read more

cyber threat analysis

Cyber Threat Analysis – A Complete Guide

by

Cyber threat analysis is the process of assessing the cyber activities and capabilities of unknown intelligence entities or criminals. A cybersecurity threat or “cyber threat” can be defined as a malicious act that seeks to disrupt digital life.  This act could be the disruption of a communication pathway, the damage of data, or stealing data. Hackers target enterprises, governments, institutions, or even individuals with valuable information. Threats posed by cyber-attacks include denial of service attacks (DoS), computer viruses, malware, phishing emails, and others. The attacks target anyone with an online presence.  Cyber-attacks can lead to electrical blackouts, breaches of government … Read more