andytang.com Report : Visit Site

Technical data of the andytang.com

Geo IP provides you such as latitude, longitude and ISP (Internet Service Provider) etc. informations. Our GeoIP service found where is host andytang.com. Currently, hosted in United Kingdom and its service provider is Iomart .

fecl.com 

HTTP Header Analysis

HTTP Header information is a part of HTTP protocol that a user's browser sends to called GSE containing the details of what the browser wants and will accept back from the web server.

DNS

HtmlToText

welcome to the blog of andrew tang, security practice lead for mti technology. a cyber security professional in the uk, who currently holds eu gdpr practitioner, cissp, mcse: security and mcts certifications. friday, 15 september 2017 vmworld europe 2017 - general session keynote i attended my second vmworld this year, which you may find odd as i rarely blog about virtualisation or vmware. vmware is changing and security is now more apparent in the solutions and roadmap. on tuesday 12th september, we had a general session keynote from pat gelsinger - vmware ceo. the vmware vision was similar to the previous year, but there are new partnerships with telcos, moving the telco networks closer to cloud, as well as the growth of iot. gelsinger talked about the mix of devices, applications, and platforms causing the core challenge. there needs to be anywhere access for people to the applications, but it's complicated. there is a mass of devices, applications, services and security. he is only reiterating the challenges securities have been facing for a number of years, with the increase in shadow it, less complimentary but highly connected applications, and uncertainty of any associated security. workspace one is the solution, grown from airwatch to supporting ios, to work with many more operating systems, including google chrome. mdm (mobile device management) solutions have had to grow into emm (enterprise mobility management) solutions, w here it's no longer just the management of the device, but also the applications, the content, the availability and in my world, the identity and security. gelsinger moved to security, highlighting the target has moved form just applications and data, to user infrastructure, including users and devices, but also cloud infrastructure of the network and compute, as these are seemingly under the control of the security team. the gasps when some of the audience was shocked with this slide, where the security guys have been working with and understanding a number of different areas. security people know that security spend is increasing, but the cost of breaches are increasing even quicker. as gelsinger says, "your spending more and falling further behind", "something is broken" and "we the tech industry have failed you the customers". "we need a new approach" there needs to be move from infrastructure to secure infrastructure. security needs to be built in, not an after thought, as i have been saying for a number of years. there needs to be an integrated ecosystem, leveraging quality solutions and products, where you do not excel. all of this with cyber hygiene regime. i'm glad that a tech giant like vmware is embracing cyber security and embracing the areas, i believe are the most important. the pillars of cyber hygiene are important for every environment. least privilege, micro-segmentation, encryption, multi-factor authentication and patching, have been evangelised by security experts for a number of years. so great to these elements are now considered mainstream. as expected the eu general data protection regulation (eu gdpr) came up in the keynote, and of course vmware are able to support the regulation by securing the data, automating governance and secure operations. gelsinger introduced vmware appdefense and how it helps the security challenge able to capture, detect and respond. vmware approach is looking at the security challenges of a business, without the business itself becoming a security expert. i think it's a very exciting time for a security person to be looking at vmware, and i'm glad i was at vmworld europe 2017 to see this for myself. for those unable to attend, the general session is available to watch here: https://www.vmworld.com/en/europe/video/general-sessions.html (where i also got the screen grabs, as the photos didn't come out so well) posted by andrew tang at 20:18 no comments: email this blogthis! share to twitter share to facebook share to pinterest labels: cyber security , encryption , gdpr , general data protection regulation , least privilege , micro-segmentation , multi-factor authentication , patch management , patching , security , virtualisation , vmware , vmworld wednesday, 30 august 2017 phishing and passwords - 3 years on nearly three years ago, i wrote a blog piece about the compromise of icloud accounts aka "the fappening". in the last 3 years there have been little improvement to the users interacting with phishing attacks, and it's disappointing to hear of the fappening 2017 . phishing i've been guilty in the past to blame users for not checking the constructs of an email, and detecting incorrect domain names, etc, but with the technology available today, this shouldn't be the job of an email users. using a mainstream web-based email solution, these checks are done for you: in a commercial environment, there are email filtering solutions to prevent the user from ever seeing these in the first place. passwords the previous advice around regularly changing passwords may not have been the best, as people will just increment numbers, and typically the password will become weaker. the advice now is to use stronger passwords and use a password manager to secure these passwords. 2-step verification many websites, including facebook, linkedin, twitter, whatsapp and many more, support the use of 2-step verification. this is a process where you log into one of these websites with your username/email address and your password. before you can gain access to the site or application, it will text your nominated mobile number with a code, which will need to be entered into the website before you can gain access. even if your login details were compromised, a hacker would be unable to gain access to the site or application without access to your mobile phone. these solutions are provided free of charge, so it would make sense to enable this wherever possible. so what? so some people's icloud accounts were compromised due to falling for a phishing attack... so what? well looking at security and the principles in play, this also makes corporate networks susceptible to these sorts of hacks. phishing attacks happen to gain access to corporate credentials, in fact worse so, as there are also spearphishing attacks. phishing attacks are typically broad brush attacks, spreading the net (excuse the pun) wide. spearphishing is targeting an individual, such as a member of the senior management team, or someone with administrative credentials, enabling access to personal information. privileged access management the priority for any organisation, is the protection of administrative passwords, typically known as privileged access. depending on the analyst's reports you read, 80-100% of data exfilration compromises have required administrative credentials. privileged access management is a technology to grant administrative access to a user, without them knowing the password. the technology will securely store the password, and is also able to change the password once the user is done with that session. what could be more secure than a user unaware of the administrator password? some other benefits include the ability to record the screen of the user session, as well as in depth analytics. securing passwords whether you are a home user, or a corporate user, passwords have always been important, but password security is more important than ever. whatever the situation, there are ways to secure the password and minimise the damage a hacker can do. posted by andrew tang at 11:23 no comments: email this blogthis! share to twitter share to facebook share to pinterest labels: 2fa , authentication , passwords , privilege management , privileged access , two factor authentication , two step verification friday, 26 may 2017 pull the budget and suffer the consequences: the nhs ransomware attack [link: information age] i was asked to help source an article about wannacry on the nhs. here is the article that was publis

URL analysis for andytang.com

https://blog.andytang.com/2012/02/
https://blog.andytang.com/2014/07/
https://blog.andytang.com/search/label/vmware
https://blog.andytang.com/2015/01/
https://blog.andytang.com/search/label/dlp
https://blog.andytang.com/search/label/cpe
https://blog.andytang.com/search/label/privilege%20management
https://blog.andytang.com/2016/08/
https://blog.andytang.com/search/label/gemalto
https://blog.andytang.com/2017/05/wannacrywcry-20-what-do-we-know.html#comment-form
https://blog.andytang.com/search/label/ebay
https://blog.andytang.com/2011/11/
https://blog.andytang.com/2017/09/
https://blog.andytang.com/search/label/wannacry
https://blog.andytang.com/2013/
commsbusiness.co.uk
bbc.co.uk

Whois Information

Whois is a protocol that is access to registering information. You can reach when the website was registered, when it will be expire, what is contact details of the site with the following informations. In a nutshell, it includes these informations;

Domain Name: ANDYTANG.COM
Registry Domain ID: 20050942_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.net-chinese.com.tw
Registrar URL: http://www.net-chinese.com.tw
Updated Date: 2016-02-03T17:06:59Z
Creation Date: 2000-02-17T17:07:33Z
Registry Expiry Date: 2021-02-17T17:07:33Z
Registrar: Net-Chinese Co., Ltd.
Registrar IANA ID: 1336
Registrar Abuse Contact Email: [email protected]
Registrar Abuse Contact Phone: +886.225319696
Domain Status: ok https://icann.org/epp#ok
Name Server: NS1.NAMECITY.COM
Name Server: NS2.NAMECITY.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2017-10-01T08:15:24Z <<<

For more information on Whois status codes, please visit https://icann.org/epp

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar. Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability. VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.

  REGISTRAR Net-Chinese Co., Ltd.

SERVERS

  SERVER com.whois-servers.net

  ARGS domain =andytang.com

  PORT 43

  TYPE domain

DOMAIN

  NAME andytang.com

  CHANGED 2016-02-03

  CREATED 2000-02-17

STATUS
ok https://icann.org/epp#ok

NSERVER

  NS1.NAMECITY.COM 62.128.193.35

  NS2.NAMECITY.COM 84.22.161.171

  REGISTERED yes

Mistakes

The following list shows you to spelling mistakes possible of the internet users for the website searched .