EEPICA's BLOG.shA little bit of everything but with emoticons! :)
As you may be aware, the last couple of weeks in cybersecurity have being quite interesting (for non-victims). Big discussions around how Intel have managed their most recent vulnerability, how to protect yourself from being a victim and obviously the frustration a lot of people and companies felt when they noticed there was nothing they could do to fix it! But, Intel was vanished from the scene due to the exploitation of a social engineering attack: Ransomware (WannaCryptor).
Ransomware as many of you may know is a malicious software (malware) that once it's gained a new victim, encrypts all their files and then demands a payment in order to decrypt them again. In most cases victims do not get their files back, even though they are already down hundreds or maybe thousands of dollars.
On the last 12th of May Telefonica (Spain), the NHS (UK) and some other companies/ countries were affected by a Ransomware attack. Disruption of operations and the necessity of reverting to good “old-style” (pen and paper) was the most notorious impact. To date none of the victims have made any announcement regarding data loss.
Since these events have been well covered, I'd like to share a few cybersecurity tips that might just help prevent such devastation in the future for you or the company/ organisation you work for.
Let’s start by saying that Ransomware attacks are a combination of social engineering attacks and the exploitation of a (known) vulnerability. Social engineering attacks can also be a combination of technical and social networking techniques, in which the objective is to gain someone’s trust with a view to obtaining some reward (money, information, access to something). Social engineering attacks are not something to be managed through “technical” components, instead are a combination of education, profiling, detection and prevention techniques. So, here we go:
Security awareness: Educate yourself, your family, friends, colleagues, everyone. Don’t take me wrong, but current scandals and media actions have definitely put the Ransomware’s name on everyone’s head. This is indeed, the best moment to talk about what social engineering attacks are, how much cybersecurity matters and how to protect our data (Link to my presentation and blogpost).
Do not rely on your users: No, it is not the user’s fault and you cannot rely on them. Everyone plays an important role in today’s interconnected world, and apart from knowing the basics of cybersecurity, the only ones obligated to be experts at it… are the “cybersecurity experts” (BTW, such a thing does not exist). So, if you cannot rely on security awareness programs nor trust your users; what’s next?
Software updates: Vulnerability management processes and good practices are the two winners in this category. An up-to-date system makes us somehow “immune” to known vulnerabilities. It is important to classify the likelihood vs impact of a vulnerability and prioritise them. (Telfonica's case shows how a patch released in March is still causing damage in May).
Tools and policies: Cybersecurity is not a “one-tool” solution, rather it is a combination of policies, good practices and yes, well configured tools. Below is a list of some tips and recommendations for small-medium companies and why not, home:
- Least privilege: This is not a tool, but a policy in which the purpose is to limit user’s actions to their roles, i.e. if a user does not require admin privileges, then they should not have them
- Network segregation: Depending on the size of your network, this may or may not be possible. Anyway, there are some special kinds of malware with a core purpose of spreading themselves in an exponential manner. In the case of internal networks and/ or interconnected networks, segregation is important as it may limit the malware’s area of operation
- Intrusion detection/ prevention systems (IDS/ IPS): Within this category it's possible to find signature and behavioural based IDS/ IPS. Signature-based IDS/ IPS identify intrusions (illegal actions) depending on their signatures contained within the database. Behavioural-based IDS/ IPS create a profile of a host or network, to then identify anomaly activities by comparing them with the expected normal activity. A combination of both is ideal
- Integrity checkers: Tools that allow you to identify when a file/ platform has experienced unexpected changes
- Log management: Combination of tools and processes. The idea is to collect logs from day by day tools (Word processors, browsers, etc) in order to identify unexpected behaviour. Of course, to identify these it is necessary to analyse the logs… there are many log analysis tools readily available on the Internet
- Perimeter tools (firewalls, ACLs, etc): Their main purpose is not to identify vulnerabilities, but to give you the option to apply the least privilege policy to your systems/ platforms. In other words, they sit at the perimeter of your system/ platform allowing or denying traffic depending on certain kinds of rules which should be defined according to business necessities instead of using the default settings
- Antivirus, anti-spam, anti-spyware, anti-everything: Their names speak for themselves. These kind of tools (when kept up to date) help you to identify and prevent the execution of viruses, spam messages, spyware, etc. Note: They are signature based, therefore can only identify previously identified behaviours
I hope you enjoyed reading this post.
Ps: Microsoft has release a guidance for WannaCrypt attacks, as well as emergency patches for obsolete systems. For more information check their website here.
Women Techmaker is a Google initiative that intends to make women's participation in STEM (Science, Technology, Engineering and Mathematics) more visible. Yes, the problem is not just that our numbers in STEM fields are low; part of the problem is that women within them are not being noticed.
My story starts a couple of days after the Woman's International Day (my commemorative post here), when Claire Burn an ex-colleague, friend, master mind of Women Who Code Belfast and organiser of the Women Techmaker Belfast invited me to participate as speaker.
The event had 20 people on the scene, 19 women and 1 male equality defender who spoke eloquently about inclusion. And no, 19 women were not talking about wine (we drank wine), nor dresses, shoes or make-up (we couldn't have looked better!). We were talking about technology... virtual reality, development, business, healthcare, cryptography, cybersecurity and obviously about how to get more women into technology and how to retain the ones we already have. The women I got to meet are researchers, scientists, coders, mothers and fighters! An overview of the schedule is embedded in the tweet below:
Thank you to all our awesome speakers! Such fascinating, technical talks by so many #RoleModels #Shero #inspiration #womenintech pic.twitter.com/zeSbF6r24s
— WTM Belfast (@WTMBelfast) April 29, 2017
Regarding my talk, it was about Privacy and Cybersecurity; and how our incessant need to interact and share information through social networks on the Internet is causing us damage. This might be because of some data breach or we just shared the wrong information needlessly. The Internet is like real life, it is in fact an extension of it in which we have friends, attend events, share memories and sadly, every now and then become victims of some kind of scam/ trap.
The Internet is full of risks. Thousands of websites appear to be something they are not, some others have been hacked and are now unwittingly delivering malicious software, and finally but no less importantly there are also people that use the Internet to gain our trust to then use it against us.
Risk is defined as the likelihood of something bad happening, and just like in real life it depends on how much we are exposing ourselves to it.
Good news is, not everything is about risks and what not to do. The Internet can be a safe, enjoyable place in which meeting with friends and good memories can be revived. Simple tips to improve our Internet presence can be considered:
- Share with care: Do not reveal personal information unnecessarily
- Anonymise Internet use: Don't share your location, use VPNs and stop using third party software just because they have funny emoticons ;)
- End to end encryption: HTTPS everywhere; VPNs; PGP; etc.
- Classification of data: Work/ home; me/ partner/ children; health/ education; private/ public
- Remove/ uninstall unnecessary services/ programs: Default software and extra add-ons may not just be consuming your precious disk space, but also collecting information anonymously while slowing down your devices too!
- Security Awareness: Educate yourself and then everyone around you
If you'd like to see the official presentation you can find it on SlideShare.
If you have any questions or remarks, please don't think twice to get in touch through the Contact me page or by leaving me a comment below. :)
Image credit: Sarah Hannity - @Thatgirlcodes
Happy "Women's day"!
- Models cannot be smart
- Smart girls cannot be pretty
- Pretty girls cannot be single
- In-relationship women should not go out alone
- Married women should get husband's approval for everything
- Mums should stay at home and look after their children
- All the above should wear appropriate clothes and behave
Today on International Women's Day nothing more important to talk about than Emma Watson's tits and how women (like) be quiet and reserved if the want to be taken seriously.
Today is the commemoration of an endless fight, that slowly but tirelessly has being helping women to win little battles in order to claim their human rights. Women are not equal to men. Women are not even equal within the "women gender".
Women are different and that is the challenge of this fight. Some women have decided to become mothers, some others to be pet owners. Some like to wear make-up and sexy skirts while others jeans and converse. Some prefer scary movies and I may need to admit I am one of those who prefer the lovely animated Pixar ones. In the same way, there are some men that want to have children, like to wear pink or be "old style romantics".
Feminism is about the rights that women and men have as human beings. It is about the differences that not just physically, but emotionally differentiate us. We are not equal, "feminism" and "feminist(s)" are not boxes in which we all have to fit. Opinions do not make us nazis. Louder voices do not make us important.
Finally as a woman I would like to remind you that feminism is not just about women, nor just for women. It is for us, for women and men, for those whom are being boxed, catcalled and sexualized. Furthermore I would like to invite you, equal women and men, to open your eyes to the differences that the world presents to you, to embrace the world for all that it is, but never at the cost of oppression.
It wasn’t my first summer, nor my first autumn, winter or spring, but it was my very first time seeing all these guys arriving, developing and delivering one after the next. It was my first time seeing the seasons passing, “the trees going to sleep and waking up once more”.
Where I come from, we don’t have seasons as you are maybe used to, we have a rainy and a dry season, the first one lasting approximately 4 months and the second one 8 months. These numbers vary depending on the seasons north and south of the globe.
If you are feeling curious, I am from Colombia. The door to South America. One of the few countries surrounded by the Atlantic and Pacific oceans. A country which also has a couple of jungles, deserts, snowy mountains and canyons in the same unique borderline. I'm from the equator where all the sunrises are around 6am and sunsets around 6pm and that's my main reason for writing this post. I've seen the days become shorter and longer, the leaves falling and the temperature changing to the literal point of shock. It is all however accompanied with a lot of memories and the realisation that I may never get used to "the seasons"!
It was during summer last year when I moved to Ireland, the days where quite long and for me, it was nearly impossible to get any sleep as my brain was used to a full 12 hours of darkness. In the end though, I got used to enjoying those long days, having a couple of beers at night and welcoming the daylight to know the city, traveling around and making new friends. It was the perfect time for me to arrive. Everything was “manageable” and I was able to use my bike to go anywhere.
Then, without even noticing, my jet lag was “getting better”, and I was able to sleep until 6 or 7am and fall asleep at reasonable times… The days were becoming shorter, and quite similar to “my standards”.
Autumn arrived in the blink of an eye and I only noticed when I found myself dumbfounded. The trees around me were turning yellow, the beauty of the streets covered by crunchy golden leaves and the swirling wind! It was beautiful, weird, funny and also quite dangerous while riding my bike, but I loved it! Still I can remember walking the streets of Belfast; Botanic Gardens, Eglantine Avenue and along the Lagan River just to “check” on my trees, on how many yellow or green leaves they had and how rustled the streets were. Sadly it didn’t last for long. The trees started to look poor and sad, the days were becoming even shorter, and I just noticed it was winter when the automatic clocks had a different time to the manual ones… the sunset happened while I was having lunch and everything around me looked like the terror part of a Disney movie (dark, cold and kinda scary).
Winter arrived and once again I was caught unaware! It's not that I didn't know it was coming, but for sure didn’t expect the changes to be so drastic, nor did I have any idea the clocks were going to change. However, winter was here and another consequence of that is the necessity of clothes shopping. No longer were my tropical, cool t-shirts and jeans enough, I was freezing!
The solution to this problem was my first winter hat, thermal pants, a heavy winter coat but most importantly; my first ugly sweater! Winter also came with something really new and irritating to me, I had to understand the heating system. I used it constantly to keep my apartment at a reasonable temperature and also had to close all the doors and windows. This was very frustrating and almost seemed impossible to me. I love the feeling of fresh air in my home and also hate different smells mixing together into what I like to call “a smelly jail”… However, adorned with my new wardrobe and having conquered the fantastical gas fired central heating, I was ready to face the harshness of the season.
Winter was quite dramatic, the darkness made me feel insecure and with the lack of sun a little bit depressed. This is actually a real thing in the northern hemisphere, it's called the "Seasonal Affective Disorder" (S.A.D.). Thankfully, as it happened with the first two seasons, winter didn’t last too long and almost without noticing (once again) the days were becoming longer. Then one Sunday while walking around the river I saw the first yellow flower in months! which turned out to be a hardy bush on the banks of the river, a.k.a a bad weed. Great, my first Spring flower was a weed! ! Regardless, I jumped for happiness and even shed a tear for that weed. Predictably, I took a couple of pictures and basically started walking everywhere looking for more flowers and green things. Spring had finally arrived!
The coming of Spring had quickly yielded a new routine, walking around all the “green places” I could find, looking and following the progress of all the trees, observing how many “baby leaves” (buds) they had, how many flowers and the different shades of green being born with the passing of the days. Major climate change, temperature was constantly increasing and plummeting just as quickly, I got a lot of headaches and had a couple of fights with the heating because it was practically impossible to find that sweet spot in the apartment I had established for the winter, and lets not talk about me wearing “spring clothes” on a really cold and rainy day ¬_¬. I sensed another trip to the shops was imminent. The beginning of spring was really confusing, but after a couple of weeks everything calmed down and things became predictable again. My trees were becoming greener and greener, there were flowers everywhere and the temperature didn’t force me to wear extra clothes. Ohh! The cherry blossoms have stolen my heart! Such a beautiful scene!
Spring was ending, so the days of my first big, but not last adventure.
Hola a todos :)
La entrada de hoy es sencilla y como dirían por ahí "iré directo al grano": Tips que he buscado, probado, recibido, leído en internet, etc. No son infalibles, e incluso podría asegurar que a pesar de haber intentado seguirlos, he fallado vilmente en repetidas ocasiones (eso de las zonas horarias no es lo mío y suelo darme cuenta de lo tarde que voy... cuando es casi demasiado tarde). En fin, acá les dejo algunos tips por si están pensando en cambiarse de ciudad definitiva o temporalmente.
Antes de viajar y tan pronto llegues:
- Evalúa y compara tu ciudad actual con la ciudad a la que llegarás. Hey! No se trata de comparar para criticar, sino por el contrario, para que tu cerebro e instintos (humanos/animales) empiecen a saber con qué se encontrarán. Para esto les recomiendo revisar un poco Numbeo. A través de esta página pueden realizar comparaciones entre el costo de vida (vivienda, mercado, transporte, impuestos, etc), calidad de vida, tráfico, polución y ufff!! Mi punto es, revisen un poco esto, porque ya sea por estudio, trabajo o vacaciones, es importantísimo saber cuánto dinero necesitarás para "vivir bien".
- Utiliza las redes sociales para "pre-socializar", hazte un plan, no esperes a llegar para pensar/revisar qué puedes hacer... por otra parte, tampoco trates de hacer "todo" recién llegas... en otras palabras, no te quedes encerrado, ni llegues sin planes.
- "Googlea" la plaza o mercado local, mercados de cadena, parques para ir a caminar, museos, bares y mercados chinos o indúes (es algo que catalogaría como reciente descubirmiento, pero en este tipo de mercados seguramente encontrarás cosas mucho más económicas, cosas nuevas para probar/cocinar y si tienes suerte quizá también encontrarás productos que te harán sentir "como en casa").
- "Haz amigos", sí, ya sé, los amigos o se hacen de la noche a la mañana, pero trata de conocer personas nuevas, habla con los locales, pregunta al chico/a del bar/restaurante por el plato recomendado... y bueno, si lo que quieres es ir directo a conocer "gentes nuevas", podrías echarte una pasadita por InterNations, CouchSurfing o cualquier otra aplicación que se te ocurra.
- Si eres de gustos exquisitos no olvides consultar la Guía Michellin. Pd: También pueden encontrar atracciones y otras actividades recomendadas.
- Revisa la zona horaria y prepárate para el viaje. Cada vez que revises un tiquete recuerda que la hora indicada allí es la hora local, NO la hora de tu lugar de salida, NO la hora de tu lugar destino... es la hora local, y eso sí, tan pronto te bajes del avión consulta en alguna pantalla o con algún asesor por el lugar, puerta, hora local y hora de salida de tu vuelo.
- Renta/Compra una bici. <3 :D
A la hora de empacar, ten en cuenta lo siguiente:
- La mayoría de las aerolíneas permiten hasta dos maletas de 23kg cada una en bodega.
- La mayoría de las aerolíneas permiten dos maletas en cabina, una de máximo 10kg (irá en los maleteros superiores) y una pequeña que irá frente bajo la silla frente a ti.
- Prepárate para una "emergencia" con tu equipaje, ten un kit de emergencia en cada maleta, como ya saben bastante normal que las maletas "se pierdan" o "tarden en llegar", y bueno, a pesar de que la aerolínea te vaya a compensar por ello, no es divertido quedarte sin ropa y cosas personales, ni tampoco invertir el dinero que tienes destinado a diversión en comprar ropa y cositas de aseo personal. Por cierto, hablando de esto, no depositen su confianza en su maleta de cabina (la de 10kg), algunas aerolíneas ya sea por políticas, tamaño del avión, etc, no te dejarán llevar tu "maleta de cabina" en cabina, sino que te la ingresarán a bodega cuando estés haciendo tu proceso para ingresar al avión... y ya me pasó que debido a una emergencia en un aeropuerto, me quedé sin dicha maleta.
- El equipaje de cabina, a pesar de representar un par de kilos más en cosas, también será algo que deberemos cargar y someter a revisión en cada aeropuerto, también, si eres alto te quitará espacio para estirar tus piesitos (yo no sufro por esto, pero ajá, ahí les dejo el tip).
- No te olvides de llevar bolsas ziploc, en algunos aeropuertos te pedirán que empaques allí tus medicamentos y frascos con líquidos (tamaño permitido), etc.
- Lleva un lápicero.
- Apunta la dirección del sitio a dónde llegarás y uno que otro teléfono de emergencia.
- Empaca un libro/juego.
- Personalmente me gusta tener una "riñonera", "canguro", bum bag y/o bolso pequeño que me permita tener todos mis documentos a la mano.
- Empaca lo "necesario" (pantalones, camisetas, medias, ropa interior, medicamentos y cargadores), si te queda espacio, empaca las cosas que te hagan sentir más en casa... Ahhh, y no te preocupes si olvidaste algo, ya lo conseguirás en tu primer paseo. ;-)
- ¿Recuerdan lo del peso de las maletas? Bueno... pesen las maletas, si estas tienen sobrepeso, así sean tan sólo 100gr, no serán aceptadas.
Para finalizarsólo me queda dejar algunas de mis frases cliché favoritas:
- “Viajar es una brutalidad. Te obliga a confiar en extraños y a perder de vista todo lo que te resulta familiar y confortable de tus amigos y tu casa. Estás todo el tiempo en desequilibrio. Nada es tuyo excepto lo más esencial: el aire, las horas de descanso, los sueños, el mar, el cielo; todas aquellas cosas que tienden hacia lo eterno o hacia lo que imaginamos como tal”. – Cesare Pavese
- “De la manera que yo lo veo, la recompensa y el lujo más grande de viajar es, cada día, poder experimentar cosas como si fuera la primera vez, estar en una posición en la que casi nada nos es tan familiar como para darlo por sentado”. – Bill Bryson
- “Si rechazas la comida, ignoras la vestimenta, temes la religión y evitas a las personas, quizás sea mejor que te quedes en casa” – James Michener
- “Cuando viajas, recuerda que los países extranjeros no están diseñados para que te sientas cómodo. Están diseñados para que su propia gente se sienta cómoda”. – Clifton Fadiman
- “Un viajero sabio nunca desprecia a su propio país”. – Carlo Goldoni
- “Todos los viajes tienen sus ventajas. Si el viajero visita países que están en mejores condiciones, él puede aprender cómo mejorar el propio. Y si la fortuna lo lleva hacia peores lugares, quizás aprenda a disfrutar de lo que tiene en casa”. – Samuel Johnson
- “No hay nada como volver a un lugar que no ha cambiado, para darte cuenta de cuanto has cambiado tu” (Nelson Mandela)
- No soy la misma habiendo visto la luna o el otro lado del mundo.-Mary Anne Radmacher.
Abrazos y nos vemos acá por las Europas. :D