Today marks the 22nd anniversary of Kargil Vijay Diwas, which is being observed across the country. On Kargil Vijay Diwas, the nation remembers its war heroes and pays respect to Martyrs.
The day commemorates the success of Indian military forces in Operation Vijay in 1999, when they drove infiltrators supported by the Pakistani army out of high positions in the Kargil area.
President Ram Nath Kovind will visit the Kargil War Memorial in Drass, Ladakh, today to pay tribute to the Indian Armed Forces’ unwavering heroism and sacrifice during the Kargil Conflict in 1999.
The Prime Minister also shared a clip from All India Radio’s Mann Ki Baat show from last year. He stated that India will never forget the circumstances surrounding the Kargil conflict.
On the occasion of Kargil Vijay Diwas, Defence Minister Rajnath Singh today paid tribute to the Indian Army’s unwavering courage and sacrifice. Prime Minister Narendra Modi paid tribute to all those who died while defending our country. President of India Ram Nath Kovind will attend the 22nd anniversary of the Kargil War.
He will be the first President to visit the Kargil War Memorial in Drass and take part in the festivities. Air Force Chief Air Chief Marshal R K S Bhadauria and Navy Vice Chief Vice Admiral G Ashok Kumar also expressed their condolences.
“Operation Vijay was a perfect combination of strong and resolute political, military, and diplomatic efforts that helped us to turn an unfavourable situation into a military and diplomatic victory,” wrote General VP Malik, the Indian Army Chief during the Kargil War, in a 2002 essay.
The Kargil War in 1999 was the world’s first and only conflict between two nuclear-armed states. Every year on Kargil Vijay Diwas, India commemorates the heroism of its defence troops, headed by the Indian Army, which pulled off numerous notable successes in the line of fire.
Despite strategic disadvantages and hostile weather, India successfully pushed back the enemy after a nearly three-month operation that included intense warfare, synchronised political and militaristic pressure, and, most importantly, the sacrifices of many lionhearted patriots who will be remembered for the rest of their lives.
Masquerade is used when a person is hiding their true self.
Masquerade is also used instead of the words to hide something
Eg
1.) All this time, her true goal was hidden behind that masquerade of a smile.
2.) Adam masqueraded as a loving friend, just to gain control over Josh’s life.
Additional fact – masquerade balls have been quite famous in Britain and Europe since ancient times. In these balls, all participants wear a mask or an ornament which covers most of their faces.
– There are two ways that byte addresses can be assigned across words.
→ computer store data in Memory
→Formating at the byte level of the data which is called endianness which refer to ordering of bytes.
→The name big-endian is used when lower byte addresses are used for the more Significant bytes (Left most)
→The little-endian is used for the opposite ordering where lower byte address are used for the less significant bytes (Right most)
Endianness refers to the way bytes are ordered when a data item with a site bigger than 1 Byte is placed in memory / transferred over a communication interface.
Two type of endianness:-
Little endian- The bytes are ordered with the LSB placed at the low and address.
Big endian- The bytes are ordered with the MSB placed at the lowest address.
Amnesty International calls the results of the Pegasus Project “false rumours.” Amnesty International stated on Thursday that it supports the Pegasus Project’s conclusions and that the data is “irrefutably connected” to possible targets of NSO Group’s Pegasus malware.
According to the human rights organisation, Amnesty never said that the leaked list precisely includes the numbers of people who were targeted by the Pegasus malware.
It stated that the “false rumours” being circulated on social media are meant to divert attention away from the Pegasus Project’s revelations of widespread illegal targeting of journalists, activists, and others.
“Amnesty International unequivocally supports the Pegasus Project’s conclusions, and believes that the data is inextricably connected to possible targets of NSO Group’s Pegasus malware. The false rumours being circulated on social media are designed to divert attention away from the extensive illegal targeting of journalists, activists, and others exposed by the Pegasus Project “According to a statement issued by Amnesty International.
A worldwide investigation published last week by 17 media organisations alleged that NSO-developed Israeli malware was used to target the phones of politicians, journalists, government officials, and human rights activists.
Forbidden Stories, a Paris-based journalistic charity, and Amnesty International headed the partnership. According to The Wire, a member of the international consortium, the leaked list of “potential targets” for hacking included many prominent Indian names, including former Congress chief Rahul Gandhi, BJP ministers Ashwini Vaishnaw and Prahlad Singh Patel, former election commissioner Ashok Lavasa, and poll strategist Prashant Kishor.
To begin with the most apparent, security awareness training aids in the prevention of breaches. It is impossible to estimate the exact number of breaches that security awareness training avoids. In an ideal world, we’d be able to conduct a randomised controlled experiment comparing individuals who got instruction to those who did not.
This might be a step too far for most organisations. However, this does not exclude us from demonstrating the ROI of security awareness software. It is feasible to compare the number of occurrences prior to and following awareness efforts. The measurements that arise can be utilised to calculate ROI. Data breaches may cost millions of dollars. Meanwhile, security awareness training is reasonably priced. It doesn’t take much to generate significant profits.
2. Establishing a security culture
A security culture has long been seen as the holy grail for chief information security officers (CISOs). Similarly, such a culture is widely regarded as infamously difficult to develop. Some are moving in the right path with the help of security awareness training.
Creating a security culture entails incorporating security ideals into the fabric of your organisation. Training that includes situational awareness (why someone could be at danger), as well as job and home-life advantages, is an effective approach to get people on board. Advanced training tools may assist in monitoring and developing a security culture, making people your first line of defence.
3. Strengthening technical defences
Technological defences are an effective tool for preventing intrusions. However, technological defences require human input. Firewalls must be enabled. Security alerts must be acknowledged. Software must be upgraded. Few firms nowadays would dare to operate without technical safeguards. Nonetheless, technology defences cannot reach their full effectiveness without security awareness training. Today’s attackers rarely bother attempting to target firms only through technical methods. Today’s attackers generally target individuals since they are viewed as a simple route into secure networks.
4. To instil trust in your consumers
Consumers are becoming more conscious of cyberthreats. They want to feel protected and secure as clients. A company that takes steps to strengthen cyber security will have a greater chance of gaining customer trust. And a trustworthy company is one that retains its consumers.
This isn’t a wild guess. According to a recent Arcserve poll, 70% of customers feel businesses are not doing enough to protect cyber security. Almost two out of every three consumers would avoid doing business with a company that had been the victim of a cyberattack in the previous year. Customers clearly care about security credentials. Customers regard you as more responsible when you implement security awareness training. That can only be a positive thing.
5. To ensure compliance
To be clear, introducing security awareness training for the sake of compliance is not sufficient. Those that implement training merely to meet regulatory requirements risk doing the bare minimum. Nonetheless, an increasing number of agencies are requiring that particular businesses undergo security awareness training.
“Firms of all sizes must establish a ‘security culture,’ starting with the board and working their way down to every employee. Cyber security is a shared responsibility, and we adopt a collaborative approach to combating this danger, collaborating with the government, other regulators, and stakeholders on a national and worldwide scale.”
Compliance can be a pleasant side effect of security awareness training. Those that use it improve their security and, in many cases, satisfy regulatory obligations.
6. Being a socially responsible business
Cyberattacks may spread quickly, as WannaCry and NotPetya proved in 2017. The more compromised networks there are, the more vulnerable other networks become. And the vulnerability of one network raises the total risk for others.
The lack of security awareness training in one organisation exposes other organisations to risk. It’s a little like leaving your front door unlocked with the keys to the next door inside.
Security awareness training is beneficial to more than just you. It benefits your customers, suppliers, and everyone else who is connected to your network.
7. To boost staff morale
It is generally established that happy individuals are more productive. So, it’s important to realise that security awareness training accomplishes more than merely keep employees safe at work. It also keeps them safe in their personal lives.
This specific benefit, for the most part, goes unnoticed. If security awareness training serves its purpose, it is more than just an employer perk. It’s also a perk for employees.
Solaris sparc(32-bit): – Intel has given a name to their solar-powered CPU, which was originally shown at IDF 2011 a few days ago. The CPU, codenamed Claremont, is based on an outdated Socket 7 Pentium design but has been tweaked to consume less than 10mW at peak power. Currently, ultra-low voltage CPUs require 15W or more, which is about 1,500 times as much power.
AVR – It is a microcontroller family created by Atmel in 1996. These are modified Harvard architecture 8-bit RISC single-chip microcontrollers. The pin size varies depending on the AVR, for example, tiny AVR has 9-32 pins, mega AVR has 28-100 pins, and so on.
MIPS- It is a reduced instruction set computer (RISC) instruction set architecture (ISA) created in the United States by MIPS Computer Systems, now MIPS Technologies. MIPS architectures were initially 32-bit; 64-bit variants were later created. It comes in a variety of variants, including MIPS I, MIPS II, MIPS III, and so on.
Intel 8086: – The 8086 (also known as the iAPX 86) is a 16-bit microprocessor chip created by Intel between early 1976 and its introduction on June 8, 1978. The 8086 architectures gave birth to the x86 architecture, which went on to become Intel’s most successful processor series. It is offered as a DIP chip with 40 pins. It operates on a 5V DC power supply.
ARM- It is a series of reduced instruction set computing (RISC) architectures for computer processors that may be customized for different situations. The original ARM1 featured a 32-bit internal structure but a 26-bit address space, limiting its main memory to 64 MB. This restriction was lifted with the ARMv3 series, which has a 32-bit address space, and numerous subsequent generations up to ARMv7 stayed 32-bit. It features about 32 pins, 28 of which may be utilized as general purpose bidirectional I/O pins. Pin P0. 31 is a single-output pin.
AMD- Advanced Micro Devices, Inc. (AMD) is a global semiconductor firm headquartered in Santa Clara, California, that produces computer processors and related technologies for the commercial and consumer sectors. AMD unveils its Opteron and Athlon 64 processor lines, which are based on the AMD64 architecture, the first x86-based 64-bit CPU architecture.
-The activity in computers is governed by Instruction.
-To perform a given tosk, a set of instructions (program) is stored in memory.
→ Individual instructions are brought from the memory into the processor, which execute the specific operation.
– Data to be used of operands are also stored in memory
Example
The instruction reined the several steps
1) The instruction is fetched from the memory into the processor.
2)Then operand at LOCA is fetched and added to the content of RO.
3)Resulting Sum is stored in RO.
→ The Add instruction comling a memory access operation with an ALU operation
Henceforth these two types of operation are performed by separate instruction for performance Reasons
Load LOCA, R₁ ; LOCA→R₁
ADD R, Ro ; R₁+Ro→Ro
1)The First instruction transfer the contents of memory location LOCA into processor Register R₁
2)The second instruction add Ro & R₁ content and place the sum at Ro.
* Transfer between memory and the processor are sorted by sending the address of the memory location to be accessed to the memory unit and issuing appropriate control signals. Then data transfers from memory
A list of the most dangerous, effective, and most well-known malware strains that have been developed by the cyber-security units of various countries’ intelligence and military branches.
Regin
Regin, widely regarded as the most powerful malware family ever produced by a nation-state actor, was created by the NSA and shared with some of its Five Eyes allies (primarily with the GCHQ). Its existence was made public in 2014, however the first samples date back to 2011, with some suspecting that the virus was produced as early as 2003. Regin has been used in the wild in incidents involving Belgian telecom Belgacom, the German authorities, and, most recently, Russian search firm Yandex.
On a technological level, security researchers consider Regin to be the most complex malware framework to date, with modules covering tens of features, the majority of which are designed to perform surveillance activities and remain unnoticed on infected systems.
Flame
Flame was found in 2012, but security experts did not use the term “malware” to characterise it. Flame was so sophisticated at the time that the phrase “attack toolkit” was used to characterise its structure, which resembled that of its larger brother, Regin. Flame, as previously stated, is a collection of modules that function on top of the Flame architecture and are installed based on the capabilities that operators want. It was identified in 2012 by the MAHER Center of the Iranian National CERT in attacks on government entities in the nation. The finding emerged two years after the Stuxnet virus assaults and was instantly connected to the Equation Group, a codename for the US National Security Agency. It was eventually detected in attacks on other Middle Eastern governments as well. Flame’s Wikipedia page currently has the greatest summary of all Flame-related findings.
Stuxnet
Stuxnet is the only malware on this list with its own documentary film. The malware was co-developed in the 2000s by a joint effort between the US NSA and Israel’s Unit 8200, the Israeli military’s cyber division. It was deployed in 2010 in Iran, as part of a joint effort between the two countries to sabotage Iran’s nuclear program.
Stuxnet, which is said to have used four different zero-days at the time it was unleashed, had been specifically coded to target industrial control systems. Its role was to modify the settings of centrifuges used for nuclear enrichment operations by raising and lowering rotor speeds, with the purpose of inducing vibrations and destroying the machines. The malware was successful, and is said to have infected over 200,000 computers, and eventually ended up destroying nearly 1,000 centrifuges at Iran’s Natanz nuclear facility.
Shamoon
The first non-US developed malware on this list is Shamoon, a malware strain developed by Iran’s state hackers. It was first deployed in 2012 on the network of Saudi Aramco, Saudi Arabia’s largest oil producer. The malware, a data wiper, destroyed over 30,000 computers in the 2012 attack. It was deployed in a second attack in 2016, against the same target. Most recently, it’s been deployed against Italian oil and gas contractor Saipem, allegedly destroying 10% of the company’s PC fleet.
Triton
A more recent addition to this list is Triton (also known as Trisis). This malware is believed to have been developed by a Russian research laboratory. It was deployed in 2017. It was specifically engineered to interact with Schneider Electric’s Triconex Safety Instrumented System (SIS) controllers. According to technical reports from FireEye, Dragos, and Symantec, Triton was designed to either shut down a production process or allow TriconSIS-controlled machinery to work in an unsafe state. The malware’s code leaked and was eventually published on GitHub.
Industroyer
The Industroyer malware, also known as Crashoverride, is a malware framework developed by Russian state hackers and deployed in December 2016, in the cyber-attacks against Ukraine’s power grid.
The attack was successful and cut the power to a part of Kyiv, Ukraine’s capital, for an hour. The malware is considered an evolution of previous strains like Havex and BlackEnergy, which had also been used in attacks against Ukraine’s power grid. However, unlike Havex and BlackEnergy, which were more like generic Windows malware deployed against systems managing industrial systems, Industroyer contained components specifically designed to interact with Siemens power grid equipment.
Duqu
Believed to be the creation of Israel’s infamous Unit 8200 military cyber-unit, Duqu was discovered by Hungarian security researchers in 2011. A second version was discovered in 2015, and was codenamed Duqu 2.0. The first version was deployed to aid Stuxnet attacks, while the second was used to compromise the network of Russian antivirus firm Kaspersky Lab. Duqu 2.0 was also found on computers in hotels in Austria and Switzerland where the international negotiations between the US/EU and Iran took place, over its nuclear program and economic sanctions.
PlugX
PlugX is a remote access trojan (RAT) that was first seen in 2012, in attacks attributed to Chinese nation-state hackers. Since its discovery, Chinese hackers appear to have shared the malware with each other, and now it’s being widely used by most Chinese nation-state groups, making attribution to one group incredibly difficult. A good technical report on PlugX is available here.
Winnti
Winnti is very similar to PlugX. It’s another Chinese-made APT malware strain that was initially used by one group but was then shared among all the Chinese APTs as time went by. The malware has been around since 2011 and is described as a modular backdoor trojan. Security researchers recently discovered a Linux variant.
Uroburos
Uroburos was the rootkit developed by the Turla group, one of the world’s most advanced nation-state hacker groups, linked to the Russian government. According to a G DATA report, “the rootkit is able to take control of an infected machine, execute arbitrary commands and hide system activities.”
Uroburos (also referred to as the Turla or Snake rootkit) was widely deployed and was very efficient for the limited purpose it was being used for — to gain boot persistence and download other malware strains. It was the central piece of Turla APT attacks and had been seen on infected computers in Europe, the US, and the Middle East, as early as 2008. Targets usually included government entities. It was seen in 45 countries. A Linux variant was also discovered in 2014.
ICEFOG
Yet another piece of Chinese malware that was once used by one group, but was later shared and re-used by others. ICEFOG, first spotted in 2013, made a comeback in the last two years, with new variants, and even a Mac version.
WARRIOR PRIDE
The only mobile malware on this list, WARRIOR PRIDE is a tool jointly developed by the US’ NSA and the UK’s GCHQ. It works both on Android and iPhones and news of its existence came to be in 2014, during the Snowden leaks. As for capabilities, the iPhone variant was far more advanced than the Android one. It could retrieve any content from infected hosts, listen to nearby conversations by silently enabling the microphone, and could work even when the phone was in sleep mode.
Olympic Destroyer
The Olympic Destroyer malware was deployed in an attack that crippled internet connections during the Pyeongchang 2018 Winter Olympics opening ceremony. TV stations and journalists were the ones mostly impacted by the attack. The malware was supposedly created by Russian hackers and deployed as payback for the International Olympic Committee banning Russian athletes from the Winter Olympics on doping charges or prohibiting someone from competing under the Russian flag.
The malware itself was an information stealer that dumped app passwords on infected systems, which hackers later used to escalate their access to other systems, from where they later triggered a data-wiping attack that brought down some servers and routers. New Olympic Destroyer versions were spotted in June 2018, months after the initial attacks.
VPNFilter
The only APT-developed malware on this list created to infect routers is VPNFilter. Developed by Russian state-hackers, the malware had been deployed in advance of the 2018 Champions League final that was being held in Kyiv, Ukraine. Supposed plans were to deploy the malware and damage routers during the live final’s live transmissions, similar to how the Olympic Destroyer malware was used to cripple internet connections during the opening ceremony at the Pyeongchang 2018 Winter Olympics.
Fortunately, security researchers from Cisco Talos saw the VPNFilter botnet being assembled, and took it down with the help of the FBI. The malware was supposedly created by the Fancy Bear APT, according to the FBI.
WannaCry
All the three ransomware outbreaks of 2017 were malware strains developed by nation-state hackers, albeit for different reasons.
The first of these, the WannaCry ransomware, was developed by North Korean state hackers, for the sole purpose of infecting victims and collecting ransoms for the Pyongyang regime, which at the time, was under heavy economic sanctions. To lighten the impact of these sanctions, the regime was using state hackers to rob banks, mine cryptocurrency, or run ransomware operations to collect funds. However, errors in the WannaCry code made it so that instead of spreading to local networks only, the ransomware’s internal self-replicating (worm) component went haywire and infected everything in sight, causing a global outbreak.
NotPetya
Two months after WannaCry, a second ransomware outbreak hit the world. Called NotPetya, this ransomware was coded by Russia’s Fancy Bear (APT28) group, and was initially deployed only in Ukraine. However, due to shared networks and enterprise VPNs, the ransomware spread globally, akin to WannaCry, causing billions in damages. Just like WannaCry, NotPetya used the EternalBlue exploit as the centerpiece of its worm component. (see the last slide for more info on EternalBlue)
Bad Rabbit
The last global ransomware outbreak of 2017, was the work of state hackers. Just like NotPetya, Bad Rabbit was the work of Russian hackers, who similarly deployed it in Ukraine, but the ransomware spread worldwide, albeit with a smaller impact when compared to the first two, WannaCry and NotPetya. Unlike NotPetya, it didn’t use EternalBlue as its primary spreading mechanism, and also included lots of Game of Thrones references.
EternalBlue
EternalBlue may not be malware per-se, in the classical meaning of the word, being more of an exploit, but it was still developed by a nation-state entity and should fit on this list. It was created by the NSA and became public in April 2017, when a group of mysterious hackers known as The Shadow Brokers published the code online.
After its release, it was first used in cryptocurrency mining campaigns, but it truly became a widely-known and recognizable term after it was embedded in the code of the three ransomware outbreaks of 2017, namely WannaCry, NetPetya, and Bad Rabbit. Since then, EternalBlue has refused to die and has been widely used by all sorts of cyber-criminal operations, all of whom use it as a mechanism for spreading to other systems inside compromised networks, by exploiting misconfigured SMBv1 clients on Windows computers.
On July 18, 1861, Kadambini Bose was born in Bhagalpur, British India (modern-day Bangladesh). She was born during the Bengali renaissance, a period of religious, social, and educational developments in the Bengal area from the nineteenth to the early twentieth centuries. This cultural revolution had a direct influence on Kadambini since her father was a prominent member of the Hindu reformation movement Brahmo Samaj, as well as co-founder of India’s first women’s rights group, Bhagalpur Mahila Samiti. And, despite the fact that educational options for Indian women were limited at the time, Kadambini’s father, the headmaster of Bhagalpur School, recognised the value of education and enabled Kadambini to attend.
Kadambini married Dwarkanath Ganguly, her mentor and instructor at Bethune College, after graduation. Dwarkanath, an outspoken advocate for women’s rights in India, urged his wife to seek a medical degree.Calcutta Medical College declined to enrol Kadambini, but the couple persisted, and she was finally admitted as the college’s first female medical student. Despite continuous opposition from instructors and staff, Kadambini received her Graduate of Bengal Medical College degree in Calcutta in 1886, becoming the first Indian-educated female doctor.(Anandi Gopal Joshi was the first female Indian doctor, although she received her education in America.)
Kadambini had only been practising medicine for a few months when a hardline Hindu news publication published an article questioning her doctorate credentials and referring to her in derogatory terms. Kadambini took the case to court, and after a lengthy legal struggle, the article’s editor was convicted to six months in jail for libel. Conservatives opposed to female emancipation could not stop her, and Kadambini chose to pursue the highest possible medical qualification; she flew to the United Kingdom in 1892 and obtained three additional doctorate certificates. She returned to India and worked as a gynaecologist at Lady Dufferin Hospital before opening her own private practise.
Kadambini’s hectic life as a doctor and mother of eight children did not prevent her from playing a part in India’s women’s rights movement. She was one of six delegates in the first female delegation to the Indian National Congress in 1889, and she helped organise the Women’s Conference in Calcutta in 1906. She was also quite involved in a number of other campaigns, such as one that sought to better working conditions for female Eastern Indian coal workers.
Francisco Benjamn López Toledo was born on this day in 1940 in Juchitán, Oaxaca, the centre of the Indigenous Zapotec culture. His exceptional ability for sketching was discovered when he was just 9 years old, and by the age of 19, he had staged his first solo show. Francisco Toledo was a painter, sculptor, and graphic artist from Mexico. Toledo’s paintings mirror Mexican mythology and frequently show the influence of Surrealism and Paul Klee’s whimsical style. This is seen in his work Hidden Scorpion (1996), in which the artist uses curling fractals to suggest a scorpion’s body.
“What I do is a mash-up of things,” he added, “but the pre-Hispanic world has been a source of inspiration.” “There are certain decorative solutions that originate from pre-Hispanic art, and there is a lot of primitive art that is polished or basic but yet quite modern.” Toledo, self-described as a grillo (cricket) who thought his work reflected the restless Oaxacan spirit, travelled to Paris in the 1960s to study sculpture, painting, and printing. But he soon ached for the simpler life he had left behind. In 1965, he went to Oaxaca, where his skill and activism played an important part in the development of the southern Mexican state into a centre of the worldwide art community.
During this period, Toledo first gained worldwide popularity with a watercolour series of animal-human hybrids that formed his distinctive style steeped in Indigenous art traditions, Zapotec mythology, and influence from artists such as Francisco Goya. For over seven decades, Toledo experimented with every visual media imaginable, creating around 9,000 pieces ranging from a scorpion sculpture made of turtle shells to cloth puppets. His legacy lives on through the libraries, cultural institutes, and museums he created in Oaxaca, many of which are open to the public.
Data management is the process of absorbing, storing, organising, and managing an organization’s data. Effective data management is a critical component of implementing IT systems that operate business applications and offer analytical information to enable corporate executives, business managers, and other end users to drive operational decision-making and strategic planning. The data management process ensures that data in business systems is correct, available, and accessible. The majority of the needed work is performed by IT and data management teams, while business users are involved in some aspects of the process. This thorough reference explains what it is and offers information on the various fields it encompasses.
History and Evolution
The early blooming of data management was primarily driven by IT experts who concentrated on tackling the problem of garbage in, garbage out in the earliest computers after discovering that the machines drew incorrect conclusions due to erroneous or inadequate data. Beginning in the 1960s, industry groups and professional organisations pushed optimal data management practises, particularly in terms of professional training and data quality criteria. That decade also saw the introduction of mainframe-based hierarchical databases.
The data warehouse concept was created in the late 1980s, and early adopters started using them in the mid-1990s. Relational software was the dominating technology in the early 2000s, with a virtual monopoly on database deployments. Organizations now have a wider range of data management options because of the emergence of big data and NoSQL alternatives.
Benefits of data management
By increasing operational performance and allowing improved decision-making, a well-executed data management strategy may help firms acquire potential competitive advantages over their business rivals. Organizations with well-managed data may also become more flexible, allowing them to more rapidly detect market trends and seize new business possibilities.
Effective data management may also assist businesses in avoiding data breaches, data privacy issues, and regulatory compliance difficulties that might harm their brand, add unanticipated expenses, and put them in legal trouble. Finally, the most significant benefit that a sound data management strategy can give is improved company performance.
Importance of data management
Data is increasingly being viewed as a corporate asset that can be utilised to make better business choices, enhance marketing efforts, streamline operations, and save expenses, all with the objective of boosting revenue and profits. However, a lack of appropriate data management may leave businesses with incompatible data silos, inconsistent data sets, and data quality issues, limiting their capacity to operate business intelligence (BI) and analytics applications — or, worse, leading to erroneous conclusions. As organisations are subjected to a growing number of regulatory compliance obligations, including data privacy and protection legislation such as GDPR and the California Consumer Privacy Act, data management has become increasingly important. Furthermore, organisations are gathering ever-increasing amounts of data and a broader range of data kinds, both of which are trademarks of the big data platforms that many have implemented. Without proper data management, such settings may become cumbersome and difficult to traverse.
Tasks and duties in data management
The data management process necessitates a wide range of activities, responsibilities, and abilities. Individual workers in tiny firms with less resources may take on several responsibilities. Data management professionals, in general, include data architects, data modellers, database administrators (DBAs), database developers, data quality analysts and engineers, data integration developers, data governance managers, data stewards, and data engineers, who collaborate with analytics teams to build data pipelines and prepare data for analysis.
Data scientists and other data analysts may also undertake certain data management activities on their own, particularly in large data systems containing raw data that must be filtered and processed for specific applications. Similarly, application developers frequently assist in the deployment and management of big data environments, which necessitate the acquisition of new skills in comparison to relational database systems. As a result, businesses may need to acquire new employees or retrain established DBAs in order to fulfil their big data management requirements.
The computer organisation and architecture (COA) course is one of the most essential and comprehensive subjects since it contains many basic concepts and information required in the design of a computer system.
The COA is also the most essential component of the syllabus for all computer science degrees at all institutions, as well as for many competitive tests.This lesson is specifically created for absolute novices to understand all important subjects connected to computer organisation and architecture. All fundamental concepts such as computer system functional units, processor, microarchitecture, programme instructions, instruction formats, addressing modes, instruction pipelining, memory organisation, instruction cycle, interrupts, and other important related topics are covered in the COA important topics.
Computer Architecture
Let us first define architecture in order to comprehend the phrase computer architecture. Architecture is described as the art and science of designing a thing. Because the building is one of the most frequent objects in the human world, we typically associate the term architecture with it. The architecture aids in the definition of functional, physical, and performance criteria for any item.
Every item in the actual world is supported by some form of architecture. An architect, for example, will define the building in terms of architectural drawings and specifications for various construction components.Similarly, the system architecture specifies the computer system’s numerous functional components and how these units are linked. It specifies the performance parameters for the system and what the system should achieve in terms of performance.
The computer architecture is a high level design specification that does not specify details of the hardware components. The computer architecture gives an abstracted view of the structure of various functional units and its behaviour. In order to build a computer system, the first step is to design and develop the system architecture. The next step in the process is to finalize the computer organization details.
Computer Organization
Let us first define the term “organisation” in the context of computers. The term organisation is defined as organising and categorising things rationally in order to enhance practical convenience.
Computer architecture serves as the foundation for computer organisation. The system architecture is implemented by the computer organisation. Simply defined, the computer organisation is concerned with arranging various system hardware components and how these components are interrelated. The computer organisation describes the numerous hardware components associated with the various functional units found in the system.
The computer organisation is concerned with the layout of various system hardware components as well as the function of the components. The presence of distinct functional units and their components is defined by computer organisation. It also specifies how distinct functional components interact with one another.The structure and behaviour of digital computers are defined by computer organisation. The primary goal of the computer organisation is to comprehend the various computer hardware components and their interactions.
Shoulder surfing is a word that refers to someone looking at another person’s computer or mobile device screen and keyboard in order to collect sensitive information. Direct observation can be accomplished by simply glancing over someone’s shoulder – a practice known as shoulder surfing – or by employing binoculars, hidden or apparent video cameras, and other optical equipment.
Example
Shoulder surfing at ATMs is an example of a crime in which a suspect looks over your shoulder while you enter in your PIN number.
Several recent incidents have resulted in police issuing warnings, announcing arrests, and even conducting sting operations:
Milpitas (California) – On Jan. 2, 2015, a bank employee spotted a lady monitoring ATM clients. Police investigated and discovered that money had been illegally stolen from numerous consumers’ accounts.
Concept
Shoulder surfing is the act of directly observing someone to gain personal or private information. Shoulder surfing is the practice of peeking over someone’s shoulder to acquire information while the victim is unaware. This is particularly useful in congested areas if someone is using a computer, smartphone, or ATM. Shoulder surfing gets suspect fast if it occurs while there are few people around. Depending on the area and scenario, binoculars, video cameras, and vision-enhancing equipment are also employed.
Personal security keys, such as username and password combinations, are important personal and private data protections in our data and identity-driven world. Unfortunately, hackers do not necessarily require technical knowledge to obtain information. Credit card numbers, personal identification numbers (PINs), crucial personal information (such as middle names and birth dates required in password recovery) and usernames/passwords are the most often stolen data by shoulder surfing. In the case of bank accounts, this sort of information might be used to log into accounts and steal additional information, such as money.
Dumpster diving
A dumpster diving attack is a type of cyber attack made possible by searching through the victim’s trash.
While you may imagine a dirty and disgusting scene in which someone jumps into a trash, the reality is far less filthy. Threat actors might be in and out of the dumpster in minutes during a dumpster diving attack. They may, however, already have a box full of sensitive papers, storage devices, and workstations.
Example
Jerry Schneider, who established a wholesale telephone equipment firm while still in high school in 1968, is one of the most well-known trash divers. The inspiration originated from a dumpster, especially Pacific Telephone’s garbage, which contained paperwork, instructions, and bills related to the order and delivery system.
Needless to say, Schneider got in trouble and served 40 days in a security facility. He then founded a security consulting company.
Concept
Dumpster diving is the act of searching through an organization’s trash for information that may be used to gain access to its network. Companies frequently discard sensitive data, such as system manuals, which attackers exploit to gain access to information systems. Un-erased and complete hard drives with extremely sensitive information are dumped in certain circumstances, allowing a dumpster diver to easily boot up and get information.
In many cases, dumpster diving involves getting data about a user in order to impersonate that user and gain access to his or her user profiles or other restricted areas of the Internet or a local network. Dumpster diving can mean looking through physical trash for such information, or searching discarded digital data. In either case, security experts warn users to leave a clean trail to prevent identity theft and avoid other consequences that can stem from a successful dumpster diving operation.
Businesses and other large entities have developed practical ways to discourage dumpster diving, such as shredding paperwork and locking waste bins. Other security measures include the use of firewalls and other precautions to stop dumpster divers from getting access to discarded or loose data, such as ensuring that data is wiped off of old hard drives and destroying old storage media.
Social engineering
Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information.
Example
$100 Million Google and Facebook Spear Phishing Scam
The biggest social engineering attack of all time (as far as we know) was perpetrated by Lithuanian national Evaldas Rimasauskas against two of the world’s biggest companies: Google and Facebook.
Rimasauskas and his team set up a fake company, pretending to be a computer manufacturer that worked with Google and Facebook. Rimsauskas also set up bank accounts in the company’s name.
The scammers then sent phishing emails to specific Google and Facebook employees, invoicing them for goods and services that the manufacturer had genuinely provided — but directing them to deposit money into their fraudulent accounts.
Between 2013 and 2015, Rimasauskas and his associates cheated the two tech giants out of over $100 million.
Concept
Spear phishing is a common social engineering technique. For example, a phisher may send an email to addresses at a target company asking a user to verify security information. The email is made to appear legitimate and from the IT staff or senior management, along with a warning for major consequences if the required information is not provided. As with a regular phishing attack, the victim clicks a link that goes to a site the hacker sets up to gather the sensitive information, generally with the look and feel of the real website. After obtaining the info, the hacker has the ability to access the company’s network by using a legitimate login.
Social engineering is as dangerous and harmful as any other technical attack. In fact, you could argue that social engineering is more serious than other threats, as humans are always in a vulnerable state. It is not that tough to properly configure a firewall. It is very difficult to train new staff about the dangers of social engineering exploits.
Data privacy, also known as information privacy, is a subset of data protection that deals with the proper handling of sensitive data, such as personal data but also other confidential data like financial data and intellectual property data, in order to comply with regulatory requirements while maintaining the data’s confidentiality and immutability. When it comes to protecting data from external and internal dangers, as well as defining what digitally stored data may be shared and with whom, security becomes crucial. In practise, data privacy refers to components of the data sharing process, including how and where that data is maintained, as well as the particular rules that apply to those procedures.
Data Sovereignty
Digital data that is subject to the laws of the country in which it is stored is referred to as data sovereignty.
Many nations have enacted new legislation requiring data to be retained inside the country in which the client resides, in response to the growing use of cloud data services and a perceived lack of security. Governments are currently concerned about data sovereignty because they want to prevent data from being stored outside of the original country’s borders. It might be difficult to ensure that data is exclusively stored in the host nation, and it frequently relies on the details supplied in the Service Level Agreement with the Cloud Service Provider.
Data Privacy Importance
Business Asset Management: Data is, without a doubt, a company’s most valuable asset. We live in a data economy, where businesses place a high value on gathering, sharing, and analysing data on their customers and users, particularly from social media. Transparency in how companies obtain consent to preserve personal data, adhere to their privacy rules, and handle the data they gather is critical to establishing confidence with consumers who regard privacy as a basic human right.
Regulatory Compliance: Data management for regulatory compliance is arguably much more critical. Noncompliance with regulatory obligations on how a company collects, stores, and processes personal data might result in hefty penalties. If the company is hacked or ransomware is used, the implications in terms of lost income and consumer confidence may be considerably greater.
Elements of Data Privacy
Data privacy, often known as information privacy, is made up of three components:
Individuals have the right to privacy and control over their personal data.
Procedures for managing, processing, collecting, and exchanging personal data in an appropriate manner
Data protection rules are followed.
Technologies and Practices for Data Protection that Can Assist You in Protecting User Data
There are numerous storage and management choices to select from when it comes to securing your data. You may use solutions to control access, monitor activities, and respond to threats. Some of the most widely utilised practises and technologies are as follows:
Data loss prevention (DLP) is a set of techniques and technologies for preventing data from being stolen, lost, or destroyed by accident. Several techniques to defend against and recover from data loss are frequently included in data loss prevention systems.
Storage with built-in data protection—modern storage technology has disc clustering and redundancy as standard features. Cloudian’s Hyperstore, for example, offers up to 14 nines of durability, low cost storage of huge amounts of data, and quick access for low RTO/RPO.
Firewalls are tools for monitoring and filtering network traffic. Firewalls can be used to guarantee that only authorised users can access or transmit data.
Authentication and authorization—controls that aid in the verification of credentials and the proper application of user privileges. These restrictions are generally used in conjunction with role-based access controls as part of an identity and access management (IAM) system (RBAC).
Encryption modifies data content using a method that can only be undone with the correct encryption key. Even if your data is taken, encryption protects it against unwanted access by rendering it unreadable.
Endpoint protection safeguards your network’s entry points, such as ports, routers, and connected devices. Endpoint security software generally allows you to monitor and filter traffic at the network perimeter as needed.
Data erasure reduces responsibility by removing information that is no longer required. This can be done after the data has been processed and evaluated, or it can be done on a regular basis when the data is no longer useful. Many compliance laws, such as GDPR, demand the deletion of unneeded data.
Argentina defeated Brazil 1-0 in the Copa America final on Saturday, winning the tournament for the first time in 28 years and giving Lionel Messi his first major international prize. Rodrigo de Paul’s long ball to Angel di Maria resulted in Argentina’s winning goal at the Maracana Stadium in Rio de Janeiro in the 22nd minute. To gain control and lob it past goalkeeper Ederson, the 33-year-old veteran attacker relied on some poor defence from left-back Renan Lodi. Brazil has only conceded three goals in the competition. With dribbles and passes, Neymar tried hard, but the Selecao hardly troubled Argentina goalkeeper Emiliano Martinez.
Messi’s first international trophy
On Saturday night, Lionel Messi completed his spectacular soccer career by guiding Argentina to a 1-0 victory against host Brazil in the Copa América final in Rio de Janeiro. After a succession of terrible, torturous, and infuriating failures, including probably the most humiliating setback of his career — against Germany in the World Cup final — within the same stadium, Rio’s towering Maracan, in 2014, Messi finally got his first championship with Argentina. When the final whistle rang, Messi sank to his knees and was instantly mobbed by his teammates, his relief apparent. They were lifting him above their shoulders and flinging him in the air moments later.
According to The Associated Press, Messi stated after the celebrations in the locker room, “I wanted to remove the thorn of not being able to achieve something with the national team.” “I’d come close in previous years, and I knew it was going to happen this year. I thank God for providing me with this opportunity, both against and inside Brazil. This was a time I was reserving for myself.”
Eduindex News 
You must be logged in to post a comment.