YOU
CAN'T
HACK
biometrics
When it comes to protecting your internet business, You don't want to be on
the ignorance is bliss only to Find Out The Hard Way Side
Grab The "Am I CyberSafe in the digital space?"
Phone App CyberSecurity Guide
And You Won't Have To...
When it comes to protecting your internet business, You don't want to be on
the ignorance is bliss only to Find Out The Hard Way Side
Register for The "Securista CyberSquad Workshops" Today
And You Won't Have To...
FROM THE CYBERSECURITY EXPERT WHO FOUND THE 1ST SOCIAL MEDIA MALWARE
Layered
Home
Phone
Business
defense
As A Woman Entrepreneur, Protecting Everything, Especially Your business Revenue + Profit, is critical.
let's Protect your digital life & Business Social Media
Your Data Is Your's
Text Message Opt-in
I confirm that I want to receive automated reminders and promotional messages from this company using any contact information I provide. I also agree to your terms of service and Privacy Policy. This agreement isn't a condition of any purchase. Msg & Data rates may apply. Reply STOP to end or HELP for help.
Here's a peek at What I Know
The Lockdown
Lesson for Today: CVEs
What are CVEs?
CVE stands for Common Vulnerability and Exposures
NVD stands for National Vulnerability Database
Currently, there are over 200,000 CVE records available in the NVD
CVEs are given a rating using the Common Vulnerability Scoring System (CVSS). The base score is composed of six metrics which can be used to calculate a severity score of 0-10. These metrics are:
Access vector – The way in which a vulnerability can be exploited (e.g., locally or remotely). Remotely ranks higher.
Attack complexity – How difficult a vulnerability is to exploit. The more difficult, the lower the score.
Authentication – How many times an attacker has to use authentication credentials to exploit the vulnerability. The higher the number, the lower the score.
Confidentiality – How much sensitive data an attacker can access after exploiting the vulnerability. Access large amounts, the higher the score.
Integrity – How much and how many files can be modified as a result of exploiting the vulnerability. The more modified, the higher the score.
Availability – How much damage exploiting the vulnerability does to the target system (e.g. reduced performance/functionality). The more damage, the higher the score.
With the most dangerous CVEs, the metric most often used is not the CVSS score, but rather how commonly a CVE has been exploited. Or what is more commonly called “Out In The Wild” which means the exploit was used before patch updates could happen. Remember, most Zero-Day CVEs are caught before they're ever deployed to the public.
Because there have been vulnerabilities exploited in the wild, the Cybersecurity and Infrastructure Security Agency (CISA) now maintains a Known Exploited Vulnerabilities (KEV) catalog. The KEV catalog currently contains over 800 entries.
Why are they important?
CVEs are not malicious code created by bad actors.
CVEs are vulnerabilities within legitimate code used in any computing software. Often, CVEs occur in source code or fundamental coding blocks.
The most recent two that ranked high on the NVD scale was CVE-2023-4863 and CVE-2023-44487.
CVE-2023-4863: Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)
and
CVE-2023-44487: The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly.
While patching has been ongoing, it could take years for all the patching work to be completed.
Here's a peek at What I'm Up To
online DefendHer
01
Securista Cybersquad workshops+ CyberSafe Popup Facebook Group
I've got a three series workshop in the works. AND they're totally free. We'll start with the first layer of defense... securing your home. Then we'll tackle how to shield your phone... out in the wild. Finally, learn the favorite techniques and products security experts use to shut down access to those all important social apps.
02
CyberSecure squad security Coaching and community
I created the CyberSecure Squad Facebook group to bring cutting edge business women up-to-date security info and how to protect against malicious attacks. It's private group of seriously kickass smart entrepreneurs, ready to protect what's theirs. We'll cover AI, Web3, and even blockchain technologies in easy to understand every day language.
03
Consulting: security strategy and training
We call the vulnerable point of attack an endpoint. We'll start with a security audit and create a strategy of recommended products and services you can tailor to your business needs. Then we'll start building a security culture in your company with bite-sized gamified training on the latest attack trends and how to stop them saves time and money.
If I like you, I'll tell you about the Billion $ heist
Meet Your Securista!
Oh Hello! I’m Angela "Ange Gos" Payton - The Securista. I've reverse-engineered malware and as the tech copywriter, I made tech jargon understandable for everyday people. Retiring from the Security and Response team at Symantec didn't end my cybersecurity life.
My corporate copywriting clients, top competitors of my former company, wanted less technobabble in their marketing info, anchoring and keeping me deep in cybersecurity for years.
So what is a Securista? Like a barista, I help you craft your strongest security against hackers.
Why pivot to cybersecurity, now? I watched a "cybersecurity expert" with zero threat experience provide outdated information... so outdated, I knew I needed to help entrepreneurs, like yesterday because I have a wealth of knowledge and How-To's people need.
So here we are.
I live in a California Wine Country. It's a good Life!
Ready to Give A Phisher The Phinger?
Imagine keeping your family, home, AND business safe. Simply and easily.
What We Do...
what Others are saying...
“A really strong testimonial that confirms the transformation that is waiting.”
Lorem ipsum dolor sit amet, consectetur adipisicing elit. Autem dolore, alias, numquam enim ab voluptate id quam harum ducimus cupiditate similique quisquam et deserunt, recusandae. Lorem ipsum dolor sit amet, consectetur adipisicing elit. Autem dolore, alias, numquam.
Jane Awesome, ABC Co.
THE VALUE DOESN'T STOP THERE You'll Also Get These Benefits...
01
Guest speakers/trainers
Get To Know Some Seriously Smart People
I haz friends. I've already started inviting experts to come and talk about security trends and what's next. There may even be some history stories about how some threats were found. Group lives in Facebook and an exclusive members-only private podcast firing up the end of June 2023 will inform and entertain.
02
The categorical list o'things
Apps, Tools, & SaaS Worth Considering
In the member's area, we'll have a dedicated set of lists for apps, tools, & SaaS (both Software as a Service and Security as a Service). We'll cover who's behind them and what they cover.
03
of course!
Security Isn't Sexy Until It Saves Your Ass
An ounce of prevention... yada, yada. But really, think of how cool it will feel to know the latest social phishing scams and shutting it down. That's where our courses come in. Based on the Categorical Lists O'Security, we break down the how so you can decide if it'll work great for your or keep your $$. We'll also offer courses that will the protection protocols you'll use often.
