Security Articles

How JSON Rest API are prone to XML external entity injections?

As we know that REST and SOAP technology are responsible to handle and carry data in web services from client to server. Based on the requirement, the server parses or converted the requested data into its own format to process the request further. Developer implements either of these two REST API and SOAP services based the requirement which is completely different in nature and but performs same responsibility. 

Beware : Hackers can breach the security of application by exploiting the Weakness in SAML!!

The Security Assertion Markup Language (SAML) is an open standard for sharing security information about the identity, authorization, and authentication across different applications. SAML is implemented with the Extensible Markup Language (XML) standard for sharing data, and SAML provides a framework for implementing single sign-on (SSO) and other federated identity systems.

Weak CAPTCHA: Loophole in strong authentication!!

Weak CAPTCHA: Loophole in strong authentication!!

CAPTCHA stands for “Computer Automated Public Turing test to tell Computers and Humans Apart”. It is used to check whether the user is human or it is a robot.

Generally, a CAPTCHA is an image. A human solves it by using the challenge-response system. We find it in the pages where these actions (login, registration, forgot the password) are performed.

Generally, in OWASP top 10 list, this vulnerability name is known as “CAPTCHA Bypass”. As the name suggests, we are bypassing the CAPTCHA for the sake of authentication. No proper verification methodology is checked before login.

It happens either due to design issues or implementation issues. The weak CAPTCHA scenario comes into picture due to weak design.

Learn All About HTML Injection In Less Than 500 Words!

Learn All About HTML Injection In Less Than 500 Words!

HTML injection is a type of injection which occurs when the data entered in the input fields are not properly sanitized and the output is not encoded, as the attacker can inject valid HTML code into a vulnerable web page and inject their own content into the page. We generally find this type of attack in social engineering, as the attack exploits a code-based vulnerability and a user's trust. 

Different types of HTML injection are described below:

  • Stored HTML
  • Reflected HTML

Stored HTML 

Options-Bleed: OPTIONS Method Leading to Data Leakage on Apache Web Server

Options-Bleed: OPTIONS Method Leading to Data Leakage on Apache Web Server

We all know about 'Heartbleed' in OpenSSL, in which you can make the target server respond to your request with more data than originally asked for. Instead of ignoring your malformed request, the server responds with sensitive data which is not intended for you. A quite similar bug has been found recently, not in OpenSSL but the program called 'httpd' which belongs to Apache Web Server. This vulnerability has been termed as 'OptionsBleed', as the leakage of information occurs while we send a request to the vulnerable Apache Web Server using 'OPTIONS' method. Let us dive in and take a deeper look into this bug, which has been designated as CVE-2017-9798.

Reducing Risk Impact - A Goal To Be Experienced

Reducing Risk Impact - A Goal To Be Experienced

Security is always coupled with the term RISK. When we say implementing or measuring security controls for the environment then it, in turn, has an impact on the risk factor which is made or measured tolerable or under the limit. Security is a wide term consists of various things into consideration for keeping the infra or application security. But few basic measure or awareness imbibed in our day to day practice would vastly reduce exposure to high risks. Following are the major areas that contribute to risk which on controlling would minimize it.

  1. Server Controls
  2. Network Controls
  3. Logical Access Controls
  4. Log Management Controls
  5. Backup Controls

Few minimal checks performed regularly with respect to each control will ensure efficient path in reducing risk.

Stored Cross-site Scripting (XSS) :Understand and Find the Way How to Protect Yourself

Stored Cross-site Scripting (XSS) :Understand and Find the Way How to Protect Yourself

The Cross-site Scripting (XSS) vulnerability refers to code injection attack in client-side where the malicious scripts or payloads can be executed by an attacker into a trusted website.

While navigating to the vulnerable web page, an end user can find the malicious script or the malicious payload as a part of the web page. For this reason, the end user will end-up executing the malicious script unintentionally once the web page is viewed in a browser.

While XSS attack can be exploited within JavaScript, ActiveX, Flash, and VBScript, but the most widely used programming language is JavaScript – because JavaScript is much more familiar as well as compatible to most browsing experiences.

Cross-site Scripting can be categorized into three types:

Meltdown and Spectre Mitigation

Meltdown and Spectre Mitigation

Meltdown allows attackers to read arbitrary physical memory (including kernel memory) for an unprivileged user process. Meltdown uses out of order instruction execution to leak data via a processor covert channel.

Spectre abuses branch prediction and speculative execution of leak data from via a processor covert channel. Spectre can only read memory from the current process, not the kernel or other physical memory

Refer to the attached PDF for in-depth information on the Impact and Solutions and Workaround.

Authored By - Sathish Damodaran
TCS Cyber Security Practice

Red Team Venture : How Ready Are You?

Red Team Venture : How Ready Are You?

Yes, we are in an era where the count of bad guys overwhelms the good guys. The race for Money and Wealth has risen to such an extreme level that people do not refrain to practice inappropriate ways to make Wealth. May it be dealing with sensitive enterprise data and asking them for ransom. The bad guys are all over an enterprise to extort and get wealthier. The level has gone a step higher with the increase in the usage of cryptocurrency which makes it unanimous.

Enterprises are looking to be more vigilant with respect to cybersecurity practices and hence are looking in for cybersecurity service providers who could actually simulate real-time threat scenario.

Locky Strikes Again in a New Variant!!

Locky Strikes Again in a New Variant!!

The year 2017 has so far been a rather challenging year for cybersecurity experts around the world. According to a Kaspersky report, Ransomware attacks top the chart of malware threats with an increase of over 250 percent during the first few months of 2017. The number of mobile Ransomware detected had reached 218,625 compared with 61,832 in the second quarter of the previous year. Global Ransomware damages are predicted to exceed $5 billion this year. Every year more and more variants of Ransomware are being generated. There were 4.3x new Ransomware variants in Q1 2017 than in Q1 2016
.

Pages

Subscribe to RSS - Security Articles