Compliance

Why HIPAA and GDPR cannot replace each other

Why HIPAA and GDPR cannot replace each other? Its a misconception that GDPR and HIPAA can replace each other. Many companies misconstrue both the compliances. They think that HIPAA is USA, GDPR is EU and both talk about personal information. They further think that implementing one, means automatically implementing the other. Unfortunately that is not…

VAPT

Is that mobile app safe to use?

Would you readily give your residential address to a stranger? No? Aren’t you extra cautious while opening an email from an unknown sender? Yes? Good! How about extending the same sense of protection to your smart phone while downloading apps? In both these instances, you are necessarily safeguarding your home and yourself from prying eyes….

IoT Security

Penetesting Industry 4.0 IoT Prototype – 4

Must have security measures for Industry 4.0 Firmware integrity and secure boot: Secure boot uses cryptographic code signing techniques, assures that a device only executes code generated by the device OEM or another trusted party. Use of protected boot technology restricts hackers from changing firmware with malicious instruction sets, thereby avoiding attacks. Unfortunately, not all…

IoT Security

Penetesting Industry 4.0 IoT Prototype – 2

Remotely Hacking into Raspberry Pi Step 1: Creating a TCP Tunnel The first step to hack into any device on a different network is to create a TCP tunnel. This can be done using a freely available application called ‘ngrok’. Open https://ngrok.com/download in browser and login/signup (Refer Fig 3). Fig 3: ngrok website Then download…

IoT Security

Penetesting Industry 4.0 IoT Prototype – 1

Penetesting Industry 4.0 IoT Prototype Why we did this? Valency Networks is established into VAPT market but walking path of making IoT based industries secure. There is a great deal of confusions around IoT and Industry 4.0, in terms of how those interact, what are their security challenges, what methods need to be followed etc….