[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]
\nI had a request to change the format of the date in the Subject line to make it easier to sort. So I made the change.<\/p>\n
* The cyber security index is developed by the Estonian e-GovernanceAcademy
\n* 10 Sea-Changing IT Security Trends Of The Last 10 Years
\n* Hackers are bombarding the Fed, and have broken in 50 times over the last 4 years
\n* Tom Hardy reveals his extreme cyber-security measures as he admits to ‘getting hacked all the time’
\n* How \u2018Agile\u2019 Changed Security At Dun & Bradstreet
\n* Tricks that ransomware uses to fool you [Slideshow]
\n* Shoring up trucking\u2019s cyber defenses
\n* Software security podcast library
\n* TAG hosts first Malware Summit
\n* Fighting terrorism: share criminal records of non-EU nationals, too, urge MEPs
\n* Researchers spot 35-fold increase in newly observed ransomware domains
\n* CIOs, CISOs share advice on selling cybersecurity to the C-suite
\n* Improving software security through a data-driven security model
\n* Cyber Security Vulnerabilities Of FTSE 100 Companies Exposed – Threat Intelligence Report From Anomali Pinpoints Significant Security Exposures In The UK’s100 Largest Companies
\n* Data storage legal knowledge in decline, says survey
\n* Research Spotlight: ROPMEMU – A Framework for the Analysis of Complex Code-Reuse Attacks
\n* Infographic \u2013 Deep web illegal activity exceeds approximately $100,000,000<\/p>\n
The cyber security index is developed by the Estonian e-GovernanceAcademy
\nThe e-GovernanceAcademy presented the National Cyber Security Index (NCSI) at the Tallinn e-Governance Conference on 31 May.
\nThe index measures the level of cyber security of countries and defines the fields for the development of cyber security.
\nIt also gives an overview of the preparedness of countries to prevent cyber attacks and crime, and to manage them.
\nThe index can be viewed online at nsci.ega.ee.
\nThe leader of the team that developed the index is Head of National Cyber Security Domain Raul Rikk, who says that the index is a web-based platform that is being further developed in association with other countries. \u201cEvery country that joins the index increases its value and our joint security,\u201d said Raul Rikk.
\nThe index consists of 12 main indicators, which are divided into four groups: 1) General Cyber Security Indicators, 2) Baseline Cyber Security Indicators, 3) Incident and Crisis Management Indicators, and 4) International Incident Indicators.
\nThe 12 main indicators have several sub-indicators and aspects that can be measured in points.
\nThe highest possible point score is 100.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=1a2772c606&e=20056c7556<\/p>\n
10 Sea-Changing IT Security Trends Of The Last 10 Years
\nLike generals fighting a losing battle, security thought leaders and professionals have been forced to change strategies many time over the last decade, often in response to technological and strategic advancements developed by the attackers.
\nWhile IT itself has evolved quickly, the pace of new security threats has continued to move at even faster speeds, often leaving defenders in firefights that change almost daily.
\nAnd defense strategies that were once fundamental to the security industry are now being constantly challenged \u2013 if not outright rejected — by the thinkers who once promoted them.
\nIn this feature, we take a look at some of the fundamental sea changes that have occurred over the last 10 years.
\nPerhaps a look at where we\u2019ve been will give us a hint at where we\u2019re going \u2013 or at least prepare us for more change in the future.
\n– From Sentries To Detectives
\n– The Shrinking Skills Pool
\n– The Erosion Of Layered Security
\n– Cybercrime Boom
\n– Security Goes Public
\n– Out Of The Data Center And Into The Boardroom
\n– The War Between The States
\n– Hacktivism Becomes A Thing
\n– Blacklisting Blacklisting
\n– Encryption Gets Both Good And Bad Names
\nToday\u2019s behavior-based solutions may give way to some new generation of technology.
\nThe current emphasis on forensics and incident response may give way to a new set of prevention tools.
\nThe current emphasis on cyber risk might be offset by a new class of cyber insurance.
\nYour guess is as good as ours.
\nThe one thing that we know for sure is that, when it comes to security, the only constant is change.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=9d3f7b3dd0&e=20056c7556<\/p>\n
Hackers are bombarding the Fed, and have broken in 50 times over the last 4 years
\nWASHINGTON (Reuters) – The U.S.
\nFederal Reserve detected more than 50 cyber breaches between 2011 and 2015, with several incidents described internally as “espionage,” according to Fed records.
\nThe central bank’s staff suspected hackers or spies in many of the incidents, the records show.
\nThe Fed’s computer systems play a critical role in global banking and hold confidential information on discussions about monetary policy that drives financial markets.
\nThe records represent only a slice of all cyber attacks on the Fed because they include only cases involving the Washington-based Board of Governors, a federal agency that is subject to public records laws.
\nReuters did not have access to reports by local cybersecurity teams at the central bank’s 12 privately owned regional branches.
\nHacking attempts were cited in 140 of the 310 reports provided by the Fed’s board.
\nIn some reports, the incidents were not classified in any way.
\nIn eight information breaches between 2011 and 2013 \u2014 a time when the Fed’s trading desk was buying massive amounts of bonds \u2014 Fed staff wrote that the cases involved “malicious code,” referring to software used by hackers.
\nIn all, the Fed’s national team of cybersecurity experts, which operates mostly out of New Jersey, identified 51 cases of “information disclosure” involving the Fed’s board.
\nSeparate reports showed a local team at the board registered four such incidents.
\nSecurity analysts said foreign governments could stand to gain from inside Fed information.
\nChina and Russia, for instance, are major players in the $13.8 trillion federal debt market where Fed policy plays a big role in setting interest rates.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=1fa1fad16a&e=20056c7556<\/p>\n
Tom Hardy reveals his extreme cyber-security measures as he admits to ‘getting hacked all the time’
\nMad Max: Fury Road actor Tom Hardy admitted his family \u201cget hacked all the time\u201d as he revealed how far he goes to avoid the fate of fellow Oscar nominee Jennifer Lawrence.
\nThe 38-year-old, who has two children, revealed he uses \u201dburner\u201d phones \u2013 cheap, pre-paid mobiles that he bins after use \u2013 and \u201cprivate offline servers\u201d for emails as \u201canyone I\u2019m related to\u201d becomes a target.
\nHe spoke at the launch of Sirin Labs\u2019 Android \u201cmilitary grade\u201d encrypted \u00a311,400 Solarin phone alongside his The Revenant co-star Leonardo DiCaprio.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=5f57feaaad&e=20056c7556<\/p>\n
How \u2018Agile\u2019 Changed Security At Dun & Bradstreet
\nChief Security Officer Jon Rose shares the whys and wherefores of integrating agile software development methodology into a traditional security environment.
\nIn this wide-ranging cybersecurity expert interview, Bishop Fox Partner Vincent Liu chats with the CSO of Dun & Bradstreet, Jon Rose.
\nThe two discuss the commercialization of security, the road to becoming a CSO, and how Agile helped his security team take control of day-to-day activities and better manage priorities.
\nWe excerpt highlights below.
\nYou can read the entire interview here.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=756ea3bdca&e=20056c7556<\/p>\n
Tricks that ransomware uses to fool you [Slideshow]
\nJigsaw= Deleting files at regular intervals to increase the urgency to pay ransom faster.
\nPetya= Encrypting entire drives, Petya ransomware encrypts Master File Table.
\nRansomWeb, Kimcilware= Encrypting web servers data.
\nDMA Locker, Locky, Cerber and CryptoFortress= Encrypting data on network drives, even on those that are not mapped.
\nMaktub= Maktub ransomware compresses files first is to speed up the encryption process.
\nNot safe in the cloud= Deleting or overwriting cloud backups.
\nSimpleLocker= Targeting non-Windows platforms.
\nCerber= Using the computer speaker to speak audio messages to the victim.
\nTox= Ransomware as a service is a model offered on underground forums networks.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=663821183c&e=20056c7556<\/p>\n
Shoring up trucking\u2019s cyber defenses
\nAccording to a recent survey of 200 IT professionals conducted by research firm IDG Connect on behalf of security software firm PC Pitstop, some 46% said their organizations experienced malware attacks that severely affected their operations \u2013 despite 88% them spending over $100,000 a year on data security, with 39% spending over $500,000 annually.
\nIDG\u2019s poll also found that few of the organizations participating in the survey rely on a single data security product as a foundation for their cyber defenses.
\nMost supplement endpoint security solutions \u2013 typically those from Microsoft (57%), McAfee (51%) and Symantec (46%) \u2013 with additional network appliances (82%), email appliances (56%) and DDoS protection solutions (55%).
\nSomething to think about as trucking \u2013 as well as the rest of the business world \u2013 is poised to become only more and more digitized down the road.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=20342459e1&e=20056c7556<\/p>\n
Software security podcast library
\nMcGraw hosts this monthly podcast, interviewing various information security practitioners, experts and commentators about software security and other top issues in the world of infosec.
\nSearchSecurity.com is pleased to partner with Gary McGraw to feature his monthly Silver Bullet software security podcasts, which discusses best practices in software security.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=6eba795041&e=20056c7556<\/p>\n
TAG hosts first Malware Summit
\nEarlier today, TAG held its first Malware Summit in New York City, bringing together a small group of industry leaders to discuss the current state of \u2013 and solutions to \u2013 malware and malvertising in digital advertising. (A nice article on the Summit and TAG\u2019s work in this area ran in AdAge today.)
\nWhile the discussions at the Summit were confidential, attendees heard introductory remarks from AppNexus co-founder Brian O\u2019Kelley and an analysis of the current state of malware from The Media Trust CEO Chris Olson.
\nIn addition to learning from one another, attendees also had the opportunity to review case studies on companies in other industries who have faced similar threats.
\nBeyond that intra-industry engagement, the Summit also facilitated a dialogue with representatives from the U.S.
\nDepartment of Homeland Security, FBI, and Department of Justice.
\nThese relationships will be critical in our fight against malware to ensure that our industry can share information with the relevant law enforcement authorities and bring the criminals profiting from malware to justice.
\nComing out of the Summit, the TAG Malware Working Group plans to work quickly toward an information-sharing infrastructure and set of best practices that will allow the industry to take an aggressive role in fighting malware.
\nLater this year, TAG plans to unveil the results of that work and begin to offer companies a TAG anti-malware seal if they comply with those standards.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=f623325687&e=20056c7556<\/p>\n
Fighting terrorism: share criminal records of non-EU nationals, too, urge MEPs
\nThe European Criminal Records Information System (ECRIS), which EU countries use to exchange information on the criminal convictions of EU citizens, should be extended to include non-EU nationals, Civil Liberties Committee MEPs said on Monday.
\nMEPs also want the system to be used to check the criminal records of people seeking to work with children.
\n\u201cWe need to restore public confidence that we are able to monitor who comes into the EU, and to find people who could represent a threat.
\nChecking people against our existing criminal records databases, and making exchanging that information much easier, will go a long way towards showing that we can find those people who mean us harm, amongst the vast majority who do not”, said Parliament’s lead MEP on the file Timothy Kirkhope (ECR, UK).following the vote.
\nMEPs also stress that member states should be able to use the ECRIS system to pass on information relating to terrorist offences or serious crime received bilaterally from a third country.
\nFurthermore, they want the EU\u2019s police cooperation agency Europol and border agency Frontex to be able to access the database, upon request and case by case, to perform their tasks.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a828779d41&e=20056c7556<\/p>\n
Researchers spot 35-fold increase in newly observed ransomware domains
\nInfoblox researchers spotted a record 35-fold increase in newly observed ransomware domains compared to Q4 2015 based on its DNS (domain name system) Threat Index.
\nInfloblox did not give an exact number to reflect the increase, but said its index tracks the creation of malicious DNS infrastructures, through both registration of new domains and hijacking of previously legitimate domains or hosts, and has a baseline of 100 but hit an all time high of 137 in Q1 2016, according to the Infoblox DNS Threat Index Q1 Report.
\nThe report also found the U.S. is still the top host for newly created malware and accounts for 41 percent of malicious domain observations.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c2f1747b83&e=20056c7556<\/p>\n
CIOs, CISOs share advice on selling cybersecurity to the C-suite
\nSpeak their language.
\nDon\u2019t talk too deeply about technology.
\nBut also remember to pitch the innovative ways that investing in security can improve the business, executives from Henry Ford, NIST, PwC, Texas Children\u2019s and others advise.
\nWhen UC Irvine Health CIO Chuck Podesta needed a bigger security budget he walked the hospital\u2019s chief executive through a typical data breach or loss scenario.
\nThe last bullet point: CEO apologizes to the public.
\nRonald Ross, a fellow and computer scientist at the National Institute of Standards and Technology offered advice that infosec professionals can take to the boardroom: It\u2019s always less expensive to invest in security than it is to clean up after data breaches and, what\u2019s more, it\u2019s not always possible to calculate the price of fixing things gone awry.
\nIt can also help to explain that security is basic risk management, including expenditure, insurance, regulatory compliance, all the things companies do to mitigate risk, said Lisa Gallagher, a managing director at PwC.
\nCIOs and CISOs understand they are going to shoulder the burden of ensuring everyone is on the same page.
\nJust don\u2019t neglect innovation.
\nInstead, consider this: With security in place, healthcare organizations can try new apps quickly, literally conducting limited pilot deployments in minutes, instead of taking a year or more testing the app\u2019s security before getting started.
\n\u201cThe biggest cost of not having security is not that you pay for data breaches, it\u2019s that you\u2019re not able to innovate,\u201d said Mohit Tiwari, assistant professor of electrical and computer engineering at the University of Texas at Austin. \u201cInnovation speed is slow and that\u2019s the biggest problem.\u201d
\nPerhaps the most potent selling point: Healthcare organizations that don\u2019t effectively manage the basics cannot win in the evolving threat landscape.
\nAnd he likened information security to the phrase \u201csharks and glaciers\u201d because those are both most dangerous beneath the surface, unseen, until the strike hits and the damage is inflicted.
\n\u201cCybersecurity needs to flow up and down the organization,\u201d Ross explained. \u2018The C-suite has to understand in the core that cyber is critical to the organizations survival in the world we live in today.\u201d
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c606a58467&e=20056c7556<\/p>\n
Improving software security through a data-driven security model
\nThe current software security models, policies, mechanisms, and means of assurance are a relic of the times when software began being developed, and have not evolved along with it, says Google researcher \u00dalfar Erlingsson.
\nPractical security of computer users has, therefore, worsened, even as a plethora of computer security mechanisms have been introduced time and time again.
\nErlingsson proposes a new data-driven software security model to improve user and system security.
\n\u201cPermit only executions that historical evidence shows to be common enough, unless given explicit, special permission.\u201d
\nErlingsson is aware that there may be obstacles to implementing it, and that it hinges on the efficient monitoring of how software is behaving, and that monitoring this behavior should be executed without intruding on users\u2019 privacy.
\nIn his paper, he also details examples of how Google has already managed to successfully perform and\/or implement all three of these steps.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a8308c9147&e=20056c7556<\/p>\n
Cyber Security Vulnerabilities Of FTSE 100 Companies Exposed – Threat Intelligence Report From Anomali Pinpoints Significant Security Exposures In The UK’s100 Largest Companies
\nAnomali, provider of market-leading threat intelligence platforms, has today revealed the prevalence of suspicious brand spoofing and mass compromised credential exposures of the Financial Times Stock Exchange 100 (FTSE 100).
\nOver the last three months, eighty one companies in the FTSE 100 had potentially malicious domain registrations against them, enabling cyber criminals to create dummy websites that can be used to trick users into supplying private data.
\nThe report also discovered that 5,275 employee email and clear text password combinations from FTSE 100 companies were found on a number of sites from which they can be stolen, publicly published or sold.
\nThe report, The FTSE 100: Targeted Brand Attacks and Mass Credential Exposures, reveals the total number of detected malicious domain names registered was 527 over the last three months, an average of five per company.
\nThese are instances in which a cyber attacker has created a domain name that is only slightly different from a company\u2019s official domain name…
\nAdditionally, the report discovered:
\nMost of the suspicious domains were registered using a Chinese address.
\nThe second most were from the US and the third most were from Panama.
\nThe vertical hardest hit with suspicious domain registrations is financial services with 376, followed by retail at 175 and critical infrastructure at 75
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=5555da480e&e=20056c7556<\/p>\n
Data storage legal knowledge in decline, says survey
\nA declining number of C-suite executives are aware of the laws around storing confidential data, according to a survey.
\nLittle more than half of executives (52 per cent) questioned in this year\u2019s Shred-it Security Tracker claimed to be \u2018very aware\u2019 of the legal requirements concerning the storage and disposal of confidential data, compared with 67 per cent last year.
\nOnly 46 per cent of C-suite executives were aware there was a financial cost associated with a data breach.
\nThirty nine per cent of respondents from large organisations said that additional legislation would put pressure on their organisation to change their information security policies.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=40ef49b6b9&e=20056c7556<\/p>\n
Research Spotlight: ROPMEMU – A Framework for the Analysis of Complex Code-Reuse Attacks
\nAttacks have grown more and more complex over the years.
\nThe evolution of the threat landscape has demonstrated this where adversaries have had to modify their tactics to bypass mitigations and compromise systems in response to better mitigations.
\nCode-reuse attacks, such as return-oriented programming (ROP), are part of this evolution and currently present a challenge to defenders as it is an area of research that has not been studied in depth.
\nToday, Talos releases ROPMEMU, a framework to analyze complex code-reuse attacks.
\nIn this blog post, we will identify and discuss the challenges and importance of reverse engineering these code-reuse instances.
\nWe will also present the techniques and the components of the framework to dissect these attacks and simplify analysis.
\nCode-reuse attacks are not new or novel.
\nThey’ve been around since 1997 when the first ret2libc attack was demonstrated.
\nSince then, adversaries have been moving towards code-reuse attacks as code injection scenarios have gotten much more difficult to successfully leverage due to the increasing number of software and hardware mitigations.
\nImproved defenses have resulted in more complex attacks being developed to bypass them.
\nIn recent years, malware writers have also started to adopt return-oriented programming (ROP) paradigms to hide malicious functionality and hinder analysis.
\nFor readers who are not familiar with ROP and want to learn more, we invite you to please read Shacham’s formulation.
\nCode-reuse attacks are not new or novel.
\nThey’ve been around since 1997 when the first ret2libc attack was demonstrated.
\nSince then, adversaries have been moving towards code-reuse attacks as code injection scenarios have gotten much more difficult to successfully leverage due to the increasing number of software and hardware mitigations.
\nImproved defenses have resulted in more complex attacks being developed to bypass them.
\nIn recent years, malware writers have also started to adopt return-oriented programming (ROP) paradigms to hide malicious functionality and hinder analysis.
\nFor readers who are not familiar with ROP and want to learn more, we invite you to please read Shacham’s formulation.
\nROPMEMU is the first step in enabling the automated analysis of code-reuse attacks.
\nAs this is an ongoing area of research and ROPMEMU is research prototype, it does lack some functionality to operate on generic inputs and to cope with all possible code-reuse instances.
\nHowever, we believe it can be a valuable tool during investigations dealing with such threats as we continue to research and develop this framework further.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=fd45c3332a&e=20056c7556<\/p>\n
Infographic \u2013 Deep web illegal activity exceeds approximately $100,000,000
\nA recent survey conducted by the U.S. government found that over half of all American internet users have cut back on their online activity due to cyber security concerns.
\nIn particular, many of these concerns related to identity theft as tens of millions of people have lost private information over the past few years.
\nThe infographic shared below, which was created by Norwich University\u2019s Online Masters Degree in Information Assurance program, highlights deep web crime and identity theft by noting a number of astonishing statistics, such as that the yearly revenue of deep web illegal activity exceeds approximately $100,000,000.
\nFor more information, check out the full visual resource below.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2d55655503&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: Subscribe to this list (http:\/\/paulgdavis.us3.list-manage1.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage1.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=f7278b2269)<\/p>\n
Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ] I had a request to change the format of the date in the Subject line to make it easier to sort. So I made the change. * The cyber security index is…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1232","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1232","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1232"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1232\/revisions"}],"predecessor-version":[{"id":3719,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1232\/revisions\/3719"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1232"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1232"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1232"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}