Security Articles

Learn DDE Injection Attack in 7 Steps!

Learn DDE Injection Attack in 7 Steps!

Dynamic Data Exchange (DDE) is a protocol widely used by applications to exchange data between themselves. This protocol uses a client/server model to communicate where the application asking for the data acts as the client and the application that fulfills the request acts as the server. DDE practices inter-process communication (IPC) using a common shared memory to exchange data and provides a specific set of commands and message formats for the applications to interact among themselves. DDE is very popular among applications like Microsoft Word, Excel, Lotus 1-2-3, Visual Basic, AmiPro, Quattro Pro etc.

Security Incidents And It's Handling

Security Incidents And It's Handling

Nowadays, there has been a striking increase in electronic communication between people and this increased communication between people and machines is affecting every industry. Information systems are very critical assets in any organization and vulnerabilities in those systems can be exploited by attackers or malicious users to cause an incident threatening the security. In this scenario, there has been an increase in computer security incidents threatening confidentiality, availability, and integrity of information.  Such incidents can be made to occur deliberately with malicious intent or can be caused unintentionally.

Security Incident

An incident can be defined as any unexpected action, event or an occurrence that has an immediate or potential effect. A security incident hampers the security and stability of information systems. There are several definitions of security incidents.

Learn The Difference Between Injection and Cross-Site Scripting Attacks!

Injection and cross-site scripting are the most common attacks amongst top 10 OWASP.

Cross-site Scripting (XSS) refers to client-side code injection attack wherein an attacker can execute malicious scripts (also commonly referred to as a malicious payload) into a legitimate website or web application. XSS is amongst the most rampant of web application vulnerabilities and occurs when a web application makes use of un-validated or un-encoded user input within the output it generates.

By leveraging XSS, an attacker does not target a victim directly. Instead, an attacker would exploit a vulnerability within a website or web application that the victim would visit, essentially using the vulnerable website as a vehicle to deliver a malicious script to the victim’s browser.

There are three types of cross-site scripting attacks:

Want to Learn About SSL Certifcate: Here Is Everything You Need To Know!

Want to Learn About SSL Certifcate: Here Is Everything You Need To Know!

Nowadays online shopping has become a million dollar business and a place for fraudsters and hackers to swindle money from consumer's account. The data that is transferred in plain-text form or in non-encrypted format can be intercepted, compromised or stolen. For this reason, having a Secure Socket Layer (SSL) certificate is a boon in this fast-changing trend of security. Therefore, organizations should use this certificate for securing their site, if they wish to take online payments or expect their visitors to submit confidential information. So this article basically describes what and how along with the disadvantages of SSL.

Dark Web: What is TOR and How Does it Work?

Dark Web: What is TOR and How Does it Work?

When we hear the word Dark Web, we immediately associate it with something illegal. But what is a Dark web and how it works?

To understand it, we need to start from the surface.

Surface Web-

Surface web is the visible web. It primarily consists of static web pages which can be indexed by common search engines like Google, Yahoo, and Bing etc. So how this works? Basically, the search engines crawl and index various links present in the web application while searching for contents. The retrieved information is mostly present in the form of HTML files. But this searching technique misses a lot of contents where a web page uses dynamic web pages and database for their data. To get this information, we need to dig a bit deeper.

Deep Web-

Is Your Enterprise Using B2C or B2B Services: Understand The Threat Landscape

B2B Threat Landscape

This section provides an overview of the Threat landscape relevant to B2B services of an enterprise. This landscape only covers the security threats pertaining to infrastructure and network of enterprise business parties and third parties using B2B channels and services. It does not cover threats to external parties or business level B2B risks such as fraudulent use of B2B services.

 
Fig.1 Current & Emerging B2B Threat Landscape

This primarily specifies the threats that are specific to B2B channels; however third party organizations may be subject to additional threats from different channels (e.g. B2C) and in turn may be used to as a proxy to attack an enterprise infrastructure.

All you need to know about HTTP Response Splitting Attack

HTTP Response splitting attack occurs when the server script embeds user data in HTTP response headers. In this attack, a maliciously crafted Http request is used to force a vulnerable server. As a result, an output stream is formed and interpreted by the target as two response instead of one.

Here the most noticeable fact is, the second response is totally controlled by the attacker till the last byte which fact some data and notably the less important first one is may be partially controlled by the attacker.

Hence the below three factors are always involved.

Countering Future Threat To Encrypted Data: Quantum Key Distribution

Countering Future Threat To Encrypted Data: Quantum Key Distribution

Cybersecurity is one of the most growing domains in IT industry. Ensuring data security and safeguarding data privacy is the need of the hour. To speed boost the protection of data from the super powerful computers of the future, a team of researchers from Duke and Ohio State universities and the Oak Ridge National Laboratory have devised a method for scrambling data to guard it against prying eyes,  popularly referred to as quantum key distribution.

The problem with the past technology is its slowness as transfer speeds typically are measured in kilobits per second. However, the researchers found a way to increase key transmission rates between five and 10 times, bringing them into the megabit per second range.”Quantum Key Distribution “, as titled, will be promulgating the counter mechanism to future threats to encrypted data.

How Do I Prevent DLL Hijacking?

How Do I Prevent DLL Hijacking?

DLL or Dynamic Link Library is a file format that contains multiple codes and procedures for windows application so that multiple programs can use the information at the same time. The advantage of such an arrangement is that it can save memory. Also, a user can change the code of multiple applications at once without changing each and every application.

What is DLL Hijacking?

In Windows applications, typically when an application is loading, it searches for DLL’s that are not present or not implemented securely (Full path of the DLL is not specified). If this is present, then it is possible to do a kind of privilege escalation called as DLL Hijacking

Masked Threat Right In Front Of You : Clickjacking

Clickjacking occurs when an attacker tricks a user into clicking on a button or link on another page when they were actually intending to click on the top level page or button.

A Clickjacking attack uses features of HTML and JavaScript to force the victim to perform an undesired activity, such as clicking a button that performs some other operation. This is a client-side security issue which affects a variety of browsers.

Example

Suppose an attacker sends a link to a user that opens a website containing a button that says ">>WIN<<” However, on top of that page, the attacker has embedded an iframe with my Gmail account, and placed the "Delete Messages" button directly on top of the "WIN" button. The victim clicks on the "WIN" button but he is actually tricked to click on the invisible "Delete Messages" button. The attacker has "hijacked" the user's click, hence it is called "Clickjacking".

Pages

Subscribe to RSS - Security Articles