WordPress by the numbers - Jan Loeffler, CTO WebPros, CloudFest 2024
Click or Not to Click (Cyber Security Awareness )
1. Secure Your Social Network
Jobayer Almahmud Hossain RHCA-L3
Member Secretory ICT Cell, IDEB
Managing Director & CTO Banglanet Technologies Ltd
2. About Me
Jobayer Almahmud Hossain
RHCSA, RHCE, RHCSS, RHCDS, RHCA-L3
Managing Director & CTO Banglanet Technologies Ltd
Member Secretory, IDEB ICT & Innovation Division, IDEB
https://www.facebook.com/jobayer.RHCA
https://www.facebook.com/RHCA.JOBAYER
Started my career with Akij Computer Ltd. (2003-2004)
Worked at Akij Online Ltd. (ISP) (2004-2005)
Worked at Asia Infosys Ltd. (ISP) (2005-2008)
Worked at Grameen Solutions Ltd. (2008-2010)
Worked at BRAC (2010-2018) (NGO)
5. Sometime Happiness goes away
When we are in a trouble
Because Social Media become our Identity
6. Need to be Careful in Social Media
• Identity Theft
• Viral (Wrong Information)
• Fallen in Cyber Crime
• Scams
7. What can I do if I've been phished on
Facebook?
• What is phishing?
– Phishing is when someone tries to get access to your
Facebook account by sending you a suspicious message or
link that asks for your personal information
• I think I've been phished. What can I do?
– If you are able to log in to your account, resetting your
password
• How do I avoid getting phished?
– Look out for suspicious emails or messages
– Don't click suspicious links
– Get alerts
10. Facebook Security Features and Tips
• Protect your password
• Never share your login information
• Log out of Facebook when you use a computer
(you can log out remotely).
• Never click suspicious links, even if they
appear to come from a friend or a company
you know
• Set get alert about unrecognized login
11. Facebook Security Features and Tips
• Avoid Spam and Scams
– Romance scams, Lottery scams
– Access Token Theft
– People claiming to be a friend or relative in an
emergency.
• Review account activity and remove any spam
• Avoided Using Funny Apps
12. Will Facebook ever ask me for my
Password?
• Facebook will never ask you for your password
in an email or Facebook message
13. Ethics of Using Social Media
• Careful about Picture
• Don’t click the video link found on text
• Inform friends if your account generating
malware effected text
• Keep in mind the content on internet always
will not true
• Guide your Friends & family how they can stay
safe
14. Cyber Law in Bangladesh
Information &
Communication and
Technology Act 2006 (ICT)
Subsequently, the
government amended the
Act in 2009 and in 2013
Section 54 to 67 of the ICT
Act 2006 illustrate the
cybercrimes both civil and
criminal matters.
17. Some example of Punishment
under 57 of ICT act
Two person was found guilty under this act and
punished 3 years and fined 10,000 BDT and 7
years for the comment against Honorable Prim
minister - 2011
One NGO Leader was arrested for making
offensive comments about Muslim hajj on
facebook
18. Cyber Security threats is a Global
Concern
Now a days Internet become a part of our daily life
We can order food, cloths, or even grocery through
Internet
Our Collage or University admission process almost
Internet based
Social Media like Facebook creates our own virtual
world
19. Top Cyber Security Facts
Facts 1 :
Cyber crime damage costs
to hit $6 trillion annually by
2021. $3 trillion were just a
year ago.
Facts 2 :
Cyber Security spending to
exceed $1 trillion from 2017
to 2021.
30. Top Cyber Security Facts
The number of vacant
Cyber Security jobs, which
is predicted to reach 3.5
million by 2021
31. Cyber Security Experts Career Path
• 4 Cybersecurity Career Paths (And the Training
to Get You There)
• Security Architect
• Security Consultant
• Penetration Tester/Ethical Hacker
• Chief Information Security Officer (CISO)
32. How to Start Your Cybersecurity Career
• Systems administrator
• Database administrator
• Web administrator
• Web developer
• Network administrator
• IT technician
• Security administrator
• Network engineer
• Computer software engineer
There is no one linear path to a successful
career in cybersecurity.
33. Security Architect Career Path
• Plan, research and design durable security
architectures for various IT projects.
• Develop requirements for networks, firewalls,
routers and related network devices.
• Perform vulnerability testing, security
assessments and risk analysis.
• Research and implement the latest security
standards, systems and best practices.
34. Penetration Tester/Ethical Hacker
• Perform penetration tests on web
applications, networks and computer systems
• Uncover security holes and pinpoint the
methods attackers could use to exploit system
weaknesses
• Design and implement new penetration tools
and tests
35. Cyber Security Experts
• Certified Ethical Hacker (CEH)
– EC-Council
• CISSP
– (ISC)²
Ethical Hacker
An Ethical Hacker, also known as
a whitehat hacker, is a security
professional who applies their
hacking skills for defensive purposes.
36. WordPress Security Tips
• Don’t Use Nulled Themes
• Install a WordPress Security Plugin
• Use a Strong Password
• Disable File Editing
• Install SSL Certificate
• Change your WP-login URL
• Limit Login Attempts
• Hide wp-config.php and .htaccess files
• Update your WordPress version
37. Linux Server Security
• Turn off root logins to improve Linux server
security
• Alter the SSH port
• Generate an SSH key pair
• Deactivate network ports when not in use
• Update Software for better Linux Server Security
• Linux security – set up a firewall
• Use SFTP, not FTP
• Backup regularly
• Stop anonymous FTP uploads
• Use a strong password
38. Secure Your Mobile Phone
• Buy smartphones from vendors
who release Android patches
quickly.
– LG, Motorola, HTC, Sony, Xiaomi,
OnePlus, and Samsung.
• Lock your phone.
– PIN remains the safest way
– don't use 1-2-3-4, as your PIN
• Only use apps from the Google
Play Store.
• Use device encryption.
Spam is one of the more common methods of both sending information out and collecting it from unsuspecting people.
The mass distribution of unsolicited messages, advertising or pornography to addresses which can be easily found on the Internet through things like social networking sites, company websites and personal blogs.
Phishing is used most often by cyber criminals because it's easy to execute and can produce the results they're looking for with very little effort.
Fake emails, text messages and websites created to look like they're from authentic companies. They're sent by criminals to steal personal and financial information from you. This is also known as “spoofing”.
Trick you into giving them information by asking you to update, validate or confirm your account. It is often presented in a manner than seems official and intimidating, to encourage you to take action.
Provides cyber criminals with your username and passwords so that they can access your accounts (your online bank account, shopping accounts, etc.) and steal your credit card numbers.
This technique is often used in conjunction with phishing in an attempt to steal your information.
A website or email address that is created to look like it comes from a legitimate source. An email address may even include your own name, or the name of someone you know, making it difficult to discern whether or not the sender is real.
Spends spam using your email address, or a variation of your email address, to your contact list.
Recreates websites that closely resemble the authentic site. This could be a financial institution or other site that requires login or other personal information.