Security Articles

Session Puzzling : Solving the puzzle!

Session puzzling is an application level vulnerability that occurs when the application session variable is using more than one purpose. The other name of session puzzling is session variable overloading.

The attacker tries to access application entry points. The session objects creation can be indirectly initiated while exploiting session puzzles, and later exploited, by accessing an entry point such as web services, web pages, remote procedure calls, etc.

Session puzzle enables the attackers to bypass authentication, Impersonate legitimate users, elevate privileges, bypass flow restrictions, and even execute additional attacks.

Machine Learning in Cyber Security

Nowadays, every single human activity is connected to a digital system. But these digital systems always rely on the programming language. Based upon the previous activities, the system can analyze and learn the data to be processed without any human interaction, this concept leads to a technology called machine learning.

In the case of Cyber Security, Machine Learning technology helps to analyze previous Cyber Attacks and develops the protective response accordingly. The Cyber Security is one of the latest sectors with the huge investment in machine learning based on the response to increasing cyber threat.

In the past, Cyber Security was not very familiar with Machine Learning.  Network administrators were struggling with finding and tracking attacks. It looks a lot of time for them to even detect an attack. 
Now, there are many security software that has been developed to support the human in order to maintain the System effectively.

Bluetooth Security Flaw Could Allows Nearby Hackers to Steal Your Data

Bluetooth Security Flaw Could Allows Nearby Hackers to Steal Your Data

A newly discovered bug in Bluetooth implementations and operating system drivers allows hackers to gain unauthorized access to a device and steal data. 

Bluetooth firmware or operating system software drivers may not adequately validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to gain the encryption key used by the device.

Hackers get access to the data by forcing a device to use a known pairing key. For instance, when pair phone with computer, it might be prompted to enter a five-digit code. Hackers leverage that code to intercept information when pairing the device again. This flaw is different than the BlueBorne virus that cropped up last year, which allowed hackers to gain control of a device using its Bluetooth connection. 

Why depending on RDNS is bad and not to trust client provided Destination IP address for Name Lookup in Transparent Proxy Deployments!

As everyone knows that forward DNS is used to get the IP address from the Domain name (maps a domain name to an IP address) whereas Reverse DNS is used to get the hostname from the IP address (maps Ipv4 address to the CNAME on the host) which uses Pointer records to get this.

When the bluecoat ProxySG is configured to allow or deny the access to URL's, it must determine the hostname of the site being requested.

In Explicit Deployment:

When it is an HTTP site, the proxy simply observes the HTTP request headers to determine the hostname of a website.

When it’s an HTTPS site, the communication will be encrypted via SSL.

Learn Zscaler under 650 words!

Zscaler is a global cloud-based information security company that provides Internet security, web security, next generation firewalls, sandboxing, SSL inspection, antivirus, vulnerability management and granular control of user activity in cloud computing, mobile and Internet of things environments.

Zscaler route all traffic through its software to apply corporate and security policies, eliminating the time and money companies spend managing Web filtering, data leakage protection, SSL inspection, advanced threat protection and security on their own servers.

Zscaler Architecture

We realized that we needed to split the entire architecture into 3 areas.   
         Elements of Zscaler Cloud
•    Control Plane: - To manage policies.  
•    Data Plane: - How traffic will flow
•    Statistic Plane: - Collection of all the logs and get it back and correlated for your analytic.          

Data Classification and Retention Policy : Points to consider while framing Retention Policy (GDPR)

Data Classification, in general, is labeling of data and protect data based on the sensitivity and how much it has an impact on the organization when there is a breach. This will have 2 parts to it. One is under what type the data is classified and second is the risk that possesses.

Data Type Classification can be customized based on the customer we work for; however, Data risk Classification is universal and common among most organizations such a PUBLIC, INTERNAL, RESTRICTED, SENSITIVE and SECRET.

GDPR and Privacy Management : Are you GDPR compliant?

The General Data Protection Regulation (GDPR) (EU) 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). It also addresses the export of personal data outside the EU and EEA areas. The GDPR aims primarily to give control to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU.[1]

Blockchain- An elixir to Cyber Security

Blockchain- An elixir to Cyber Security

In consideration to the fact that how secured our today’s cyber world is and at the same time not forgetting how vulnerable it could get, let’s dig deep into the possibilities to explore ways to decrease the probability of damage. The huge growth in E-Business infrastructure has arisen the need for a comparatively more sophisticated and rock-solid model of securing transactions which are Blockchain (coined in 2008 by Santoshi Nakamoto).

GDPR – Personal data is more than PII

It's important to understand some definition of personal from GDPR perspective Personal data means "any information relating "to an identified or identifiable natural person "who can be identified directly or indirectly, "in particular by reference to an identifier "such as a name, an identification number, "location data, an online identifier "or to one or more factors specific "to the physical, physiological, genetic, "mental, economic, cultural or social identity "of that natural person." So it covers broader perspective. until GDPR, many of us observed the no PII or personally identifiable information rule. PII was easy to define. Anything that could be mapped back to an individual person, a phone number, a credit card, an email, or a physical address, all of those would be considered PII. But personal data as it's defined in the GDPR is much broader.

Its a GDPR day today… No extension, No exception!

General Data Protection Regulation (GDPR) is effective today. Being a security and privacy professional, I could relate the impact it has made to the organizations internal and external processes in handling personal data. In last two weeks, I have received tons of email for opt in/opt out, privacy notice, consent, etc. that demonstrates that everyone out here was working towards compliance to GDPR in one or the other manner. 

While the May 25th 2018 marks an important date in era of data privacy, the focus will now shift from being compliant to sustain compliance. There will also be a need to bring in integration and automation into/of different controls deployed for security and privacy on a continuous basis. Compliance is always a journey with objective to enable business and not to paralyze the business. Hence, a due consideration will have to be given to ensure a security/privacy enabled business operations instead of it being a namesake compliance effort.


Subscribe to RSS - Security Articles