National Cyber Drill 2021

November 10, 2021February 1, 2022 admin

Day 1 (November 24, 2021 ): National Cyber Drill 2021 (Day 1)

Day 2 (November 25, 2021): National Cyber Drill 2021 (Day 2)

The Department of Information and Communications Technology (DICT)-Cybersecurity Bureau will be conducting the fourth leg of its annual National Cyber Drill Exercise on 24 to 25 November 2021, with the theme, “Cybersecurity Starts with You: Building a CyberSecured Society.”

The conduct of this activity is part of the mandate of the Philippines National Computer Emergency Response Team (CERT-PH) as stated in the DICT Department Circular 003 series of 2020.

Through the CERT-PH initiative, this year’s cyber drill will focus on enhancing public awareness and assessing the public’s perspective on cybersecurity and their capacity to protect themselves from cyber threats and cyberattacks.

CERT-PH believes that a more holistic and inclusive approach in implementing the annual cyber drill is a step forward to creating a more proactive approach in addressing various cybersecurity threats in the country.

The two-day exercise will include a series of activities that will help assess and improve the participating organizations and individuals’ incident response capabilities to mitigate cybersecurity risks.

The first drill, conducted on the first day of the two-day activity, will be open to the public regardless of their age and background. The primary purpose of this activity is to make the public more involved to develop a better understanding of cybersecurity as a public concern.

On the other hand, the second part will cater to individuals and organizations with advanced cybersecurity knowledge. Like the previous years, the drill will also include simulations of cyberattacks and IT security incidents to test the participants’ readiness and capabilities to respond to various risks and threats.

CERT-PH highlighted that familiarity with the given situations would strengthen each participants’ preparedness in solving issues relating to cybersecurity. This approach will also help them better understand how to handle the incidents in a specific case and be part of the cyber solution.

Participants who wish to be part of the National Cyber Drill 2021 will have to register separately for the two-day event.

Registration is OPEN from November 5 until November 17, 2021.
This is a FREE event. E-Certificates will be provided upon completion of the drill.

For inquiries, send us an email to drill.cert-ph@dict.gov.ph.

Learn Tips & Tricks on Basic Principles of Design

June 29, 2021June 29, 2021 admin

Learn Tips & Tricks on Basic Principles of Design in this webinar for Graphic Designers on June 29, 2021 at 2:00PM through the collaboration of DICT Luzon Cluster 1 and Hackthenorth.ph!

Click this link to join: http://bit.ly/TipsTricks4GraphicDesigners

We Agree. Business should have a digital Strategy. Talk to us about it!

January 22, 2021January 22, 2021 admin

BNS awarded a Certificate for Cybersecurity Conference 2020

January 5, 2021May 24, 2021 admin

The MOST Valuable Pieces of Digital Real

December 30, 2020December 30, 2020 admin

“Your website is one of the MOST valuable pieces of digital real estate that you own” – Brad Batesole, Marketing Thought Leader, Chief Learning officer at Madecraft.

Kalihim ng DICT Gringo Honasan bumisita sa Lingayen para sa paglagda sa MOA patungkol sa data connectivity para sa iba’t ibang sektor

December 2, 2020December 2, 2020 admin

Bumisita ang kalihim ng DICT Gringo Honasan sa Lingayen ngayong araw (ika-2 ng Desyembre, 2020) sa ganap na alas diyes ng umaga para sa paglagda sa MOA kasama ang opisyales ng DICT Pangasinan at inimbitahan na dumalo ang UPICT sa naturang pagtitipon. Isang karangalan na nakasama ang BNS na nirepresenta ni JC James Jihay na nakadalo at nabigyan ng pagkakataon na makasama si Sec. Honasan.

BNS Featured by websiteplanet.com

November 5, 2020November 23, 2020 admin

BNSHosting is delighted to be featured by international webhosting review site, websiteplanet.com. Check out the interview: https://www.websiteplanet.com/blog/bnshosting-interview/

BNS Featured by WebsiteHosting.co.uk

October 21, 2020October 21, 2020 admin

BNSHosting is delighted to be featured by international webhosting review site, Websitehosting.co.uk. Check out the interview: https://www.top10-websitehosting.co.uk/bns-hosting-review-and-interview/

DANGER: Unpatched Microsoft DNS servers

July 16, 2020November 23, 2020 admin

Source: https://www.engadget.com/check-point-sigred-microsoft-dns-exploit-200027095.html

Microsoft is patching a dangerous Windows DNS Server exploit

SigRed is a dangerous flaw that should be patched immediately.Security researchers have discovered a serious flaw in Windows’ Domain Name System software that users must patch immediately. Sagi Tzaik from Check Point found a way to run malicious code which can be used to hijack websites, intercept emails, steal private information and take sites offline. Microsoft has already acknowledged the issue and has issued a fix in today’s Patch Tuesday update, which it urges all users to download immediately.

The vulnerability has been codenamed SigRed and Check Point says it affects Windows Server versions from 2003 to 2019. Microsoft said that the flaw is “wormable,” enabling hackers to take over multiple machines at once and causing large amounts of damage. That’s especially a risk for big corporate customers that run their own platforms, especially since the exploit is fairly easy to take advantage of.

A suggested quick Registry edit is as follows:
https://support.microsoft.com/en-us/help/4569509/windows-dns-server-remote-code-execution-vulnerability

Workaround

Important
Follow the steps in this section carefully. Serious problems might occur if you modify the registry incorrectly. Before you modify it, back up the registry for restoration in case problems occur.

To work around this vulnerability, make the following registry change to restrict the size of the largest inbound TCP-based DNS response packet that’s allowed:

Subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DNS\Parameters

Value: TcpReceivePacketSize

Type: DWORD

Value data: 0xFF00

Notes

The default (also maximum) Value data = 0xFFFF.
The recommended Value data = 0xFF00 (255 bytes less than the maximum).
You must restart the DNS Service for the registry change to take effect. To do this, run the following command at an elevated command prompt:

net stop dns && net start dns

After the workaround is implemented, a Windows DNS server will be unable to resolve DNS names for its clients if the DNS response from the upstream server is larger than 65,280 bytes.

Important information about this workaround

TCP-based DNS response packets that exceed the recommended value will be dropped without error. Therefore, it is possible that some queries might not be answered. This could cause an unanticipated failure. A DNS server will be negatively impacted by this workaround only if it receives valid TCP responses that are greater than allowed in the previous mitigation (more than 65,280 bytes).

The reduced value is unlikely to affect standard deployments or recursive queries. However, a non-standard use-case may exist in a given environment. To determine whether the server implementation will be adversely affected by this workaround, you should enable diagnostic logging, and capture a sample set that is representative of your typical business flow. Then, you will have to review the log files to identify the presence of anomalously large TCP response packets

Using Googles 2 Factor Authentication to Increase Web Security

July 16, 2020May 24, 2021 admin

After registering, you will receive a confirmation email containing information about joining the meeting.