Traffic Shaping

 Traffic Shaping - Network+

Traffic shaping, or packet shaping, is a network bandwidth management technique that controls data flow into and out of a network. It ensures that critical applications and time-sensitive data are delivered without delay.

Here's how traffic shaping works:

• Categorize traffic: Traffic is categorized according to network policies.
• Queue traffic: Traffic that exceeds the average bit rate is buffered in a queue.
• Delay packets: The transmission of less important packets is slowed so priority applications can be delivered without delay.

Traffic shaping is important because:

• It helps ensure the performance of critical applications
• It helps deliver time-sensitive data
• It helps defend against bandwidth-abusing DDoS attacks
• It's an essential requirement for a network firewall 

USB 2.0, 3.0, & 3.1

 USB Speeds

USB 2.0, also known as Hi-Speed USB, has a maximum data transfer speed of 480 megabits per second (Mbps).

Here are the maximum data transfer speeds for some other USB standards:

USB 1.0/Low-Speed: 1.5 Mbps

USB 1.1/Full-Speed: 12 Mbps

USB 3.0/SuperSpeed: 5 gigabits per second (Gbps) labeled as SS (SuperSpeed) on the PC

USB 3.1/SuperSpeed: 10 Gbps labeled as SS+ on the PC

USB 2.0 devices can also provide a power output of up to 500 milliamps (mA) at 5 volts. 

USB 2.0

USB 3.0 & 3.1

USB 2.0 Type B & Type B Micro are not compatible with 3.0

 Vulnerable Software

Vulnerable software is software that contains a security flaw, glitch, or weakness that an attacker could exploit. These flaws can be caused by a number of things, including coding errors, design oversights, outdated software, unintended interactions between components, and poor management of data or access control settings.

Vulnerabilities can impact software performance and security and compromise the security and functionality of the system, network, or data it interacts with.

Software patches are often released to fix identified vulnerabilities, but some remain unknown (zero days), and others have not been patched. The risk of a vulnerability being exploited depends on its nature and the value of the surrounding system.

Here are some ways to reduce the risk of vulnerable software:

Use third-party software with Code Signing to ensure the component is authentic, trustworthy, and safe.

Regularly scan for vulnerabilities and subscribe to security bulletins.

Fix or upgrade the underlying platform, frameworks, and dependencies promptly.

Secure the components' configurations.

 Threat Vector

A threat vector is a method or path that cybercriminals use to gain access to a network, device, or system. The term is often used interchangeably with "attack vector."

Here are some examples of threat vectors:

• Phishing emails
• Malicious websites
• SQL injection
• Social engineering
• Cross-site scripting
• Denial of service
• Brute force attacks
• Malware
• Exploiting vulnerabilities

Understanding threat vectors is essential for developing effective cybersecurity strategies. Organizations can recognize and track an adversary's attack vectors to better defend against targeted attacks.

 Shadow IT

Shadow IT uses IT systems or software without the knowledge or approval of an organization's IT department. It can include using cloud services, hardware, or software.

Shadow IT can occur in several ways, including:

• Using an unapproved tool to access, store, or share corporate data
• Accessing an approved tool in an unauthorized manner
• Sharing work files on a personal cloud storage account
• Holding meetings through an unauthorized video conferencing platform
• Creating an unofficial group chat without IT approval

Shadow IT can create serious security concerns and costs. Because the IT team is unaware of the use of these services, they are not protected by the organization's cybersecurity solutions or protocols. This can increase the risk of data breaches, noncompliance, and other liabilities.

Organizations can use a data protection solution to detect shadow IT. This solution provides visibility into all data movement and can automatically prioritize security risks based on the context of the file and user.

Nation-State / APT Advanced Persistent Threat

 Nation-State Threat Actor

A nation-state threat actor is a government-affiliated hacker who carries out malicious activities on behalf of a country or nation-state. These actors are often motivated by political or economic interests and can be tasked with a variety of objectives, including:

• Disrupting critical infrastructure
• Stealing industrial secrets
• Gaining access to policy discussions
• Taking down companies that offend leaders
• Conducting disinformation or propaganda campaigns
• Influencing elections
• Disrupting a country's security, economy, or government departments

Nation-state actors are often well-funded and can use sophisticated cyberattacks and advanced persistent threats (APTs) to operate undetected in a victim's network. APTs can be challenging to detect and expensive, allowing threat actors to infiltrate computer systems, steal data, and escalate privileges.

Some examples of nation-state threat actors include:

Camaro Dragon

This threat group from China is also known as the Mustang Panda, Bronze President, Earth Preta, Luminous Moth, Red Delta, and Stately Taurus.

Gamaredon

Also known as Primitive Bear, UNC530, ACTINIUM, Shuckworm, UAC-0010, and Aqua Blizzard, this is a threat group from Russia.

RedHotel

A threat actor reportedly backed by the Chinese government has targeted the space industry and other critical sectors.

 Competitor Threat Actor

Competitors can be threat actors, using malicious strategies to gain access to a company's systems and steal information. Competitors can be a significant threat because they have the resources and sophistication to bring down a company's systems.

Competitors may use a variety of strategies to harm a company, including:

Espionage: Competitors may try to gain access to insider information

Disruption: Competitors may try to disrupt a company's services to cause problems for its customers

Stealing customer information: Competitors may try to steal customer information

Corrupting data: Competitors may try to corrupt a company's data to prevent it from functioning

Shutting down during busy times: Competitors may try to shut down a company during its busiest times