Module 11
In Module 11 we learn about the IDS intrusion detection system and IPS intrusion prevention systems. The systems are designed to help defend the network from know as well as unknown threats. The signature-based systems will search for the signature pattern which if discovered will fire alert in IDS and if IPS is enabled then the connection will be drooped or quarantined. More sophisticated IDS/IPS is built on network or user behavior, this system uses IA to learn the network/user patterns it will alert on any anomalies. These systems will be much more useful than regular IDS/IPS since using machine learning can spot a needle in a haystack. However if not properly tuned can produce a lot of false/positive.
I found an interesting article about ZOOM user names and passwords sell on the dark web. After many zoom bombing attacks, companies have risen some of the security settings attackers are now posting and selling videoconferencing credentials online.
https://www.darkreading.com/threat-intelligence/criminals-selling-videoconferencing-credentials-on-dark-web/d/d-id/1337539?&web_view=true
No comments:
Post a Comment