Ashish Chhatani WRITINGS

In 2013, Cryptolocker ransomware came into the light and set the world of cyber security on fire. It was recognized as the modern age ransomware. Later on, more lethal and more dangerous ransomware followed Cryptolocker and raised some serious questions to organizations’ security. The best part of these ransomware attacks was the awareness. The world became more aware about cyber security and there was universal agreement made that security is the essential ingredient now a days to protect the organizations data and assets. In the recent years, there are so many ransomware identified which shook the world and the impact it had was phenomenal and got the eyeballs of every single organization. It doesn’t matter what’s the volume of your organization or what kind of data you are dealing with on a daily basis, ransomware is not gonna spare you. Period! Cybersecurity ventures has revealed some interesting and threatening facts in their annual report regarding ransomware impact. -

Time does require the change. Isn’t it? We’ll talk about the importance of securely software development life cycle in this story. We all know what exactly SDLC is? SDLC stands for Software Development Life Cycle. The developers builds the applications for certain purpose. The SDLC process has got certain pre-defined phases.  Requirement Gathering: What is the purpose and what’s it going to take for building the application. Plan and Design: Plan the phases of development. Prioritize the modules and finalize the design suitable. Implementation: Start implementing the modules. Coding takes place. Testing: Test the modules which are built Deploy: Deploy the application once the application is tested properly. Maintain: Check whether the application behaves exactly in the same way it was meant to. Eliminate the vulnerabilities identified if any. This is how the traditional SDLC process works. There are certain models to accomplish the pr

One more security incident was reported recently. This time the victim was popular code hosting site- GitHub. GitHub was hit down with massive record-breaking DDoS attack which has crossed all the past numbers of attack intensity. The attack was peaked at record 1.35 Tbps-126.9 million packets per second if we believe the numbers. This was 51000 times more than the actual request serving capacity of the site. Woah! The number describes the intensity of the attack. Usually the botnet- a group of infected system is used to carry out the successful DDoS attacks. There is one leader/attacker which controls all the actions in the network like manipulating the IP address, change the attack payloads and other random customized activities. The notable thing in this recent attack was that there was no use of botnet reported. It was the Memcached servers which were targeted this time to escalate the DDoS attack. How the attack was performed? A forged request to the targeted Memcras