Security News

TCS' WannaCry Ransomware Advisory

WannaCry Ransomware Advisory - Tata Consultancy Services (TCS)

A widespread ransomware campaign is affecting enterprises globally with reports of tens of thousands of infections spreading rapidly. Tata Consultancy Services (TCS) is aware of the outbreak of “WannaCry” ransomware and proactively taking all necessary measures including working with our customers globally to address this outbreak on their systems. A ransomware is a malicious code that encrypts files and locks devices like computer, tablet or smartphone and subsequently demands a ransom to unlock it. Understanding the consequences of this malware attack, TCS has proactively communicated information related to this outbreak and implementing various necessary measures to protect its customers and itself across the globe.

We are advising all our customers and partners globally to exercise caution in their online activities. We are also ensuring that our customers keep their systems updated and take a proactive approach to security rather than a reactive one.

A Note on WannaCry/WanaCrypt0r Ransomware

Ransomware is a malicious software that encrypts the files and locks device, such as a computer, tablet or smartphone and then demands a ransom to unlock it. Recently, a dangerous ransomware named 'Wannacry' has been affecting the computers worldwide creating the biggest ransomware attack the world has ever seen. This has affected computers in India also.
About the Wanacrypt0r Ransomware
Wanacrypt0r is a ransomware that infects windows systems by exploiting a vulnerability called EternalBlue.  The exploit allows access to a remote machine via SMBV1 protocol. Microsoft patched this flaw in March as MS17-010. Wanacryptor is also known as “wannacry, wcry and wannacrypt.
How does Wanacrypt0r work?

Android Trojan Targeting Over 420 Banking Apps Worldwide Found On Google Play Store

How Android Banking Trojan Works

BankBot is mobile banking malware that looks like a simple app and once installed, allows users to watch funny videos, but in the background, the app can intercept SMS and display overlays to steal banking information. Mobile banking trojan often disguises itself as a plugin app, like Flash, or an adult content app, but this app made its way to Google Play Store by disguising itself as any other regular Android app. Once downloaded, the app persistently requests administrative rights, and if granted, the banking malware can control everything that's happening on an infected smartphone.

Win a Career in TCS Cyber Security Team

Win a Career in TCS Cyber Security Team

Win a Career in TCS’ Cyber Security Team and grab a chance to be associated with the history of the contest as the Winner of the Inaugural Edition.

Welcome to HackQuest, TCS Ethical Hacking Contest for students passing out in 2017.
Eligibility Criteria: Open for Technical UG, PG & BCA students of 2017 batch with specialization in Computer Science, IT and Circuit Branches (Electronics & Electrical Engineering, Electronics & Communication, Electronics & Telecommunication, Electrical, Electronics, Electronics & Instrumentation and Instrumentation)
Why should you participate?

QuardRooter Vulnerability ÔÇô A risk for nearly 1 billion android devices

QuardRooter Vulnerability ÔÇô A risk for nearly 1 billion android devices
As Android market is growing with coverage of more than 66% of mobile operating system, Attackers are finding ways to break in to these devices with the vulnerabilities which can help in gaining access privileges.
Now with the discovery of the new QuardRooter vulnerability, nearly 1 billion android smart-phones and tablets are at risk; when these vulnerabilities are exposed, it can give attackers complete control of the device intern providing access to sensitive and corporate data on the devices.
What is QuadRooter?
According to check point research team - QuadRooter is a set of four vulnerabilities affecting Android devices built on Qualcomm chipsets and Qualcomm is world’s leading designer of LTE chipsets owning a 65% share of the LTE modem baseband market.

Beware andriod users: Pokemon GO can be a malware

Beware andriod users: Pokemon GO can be a malware
The new smash-hit game "Pokemon Go" could become bait for hackers wanting to take over your phone.
Researchers at security firm Proofpoint have already found an Android version of the game containing malware. Once installed, it uses a remote access tool called DroidJack that can give a hacker full access to the phone
Pokemon Go is the first Pokemon game sanctioned by Nintendo for iOS and Android devices. It was launched earlier this week, but so far it's only officially available in the U.S., New Zealand and Australia, through the App Store and Google Play.
That means people in other countries who are keen to get their hands on it might resort to side-loading the game from third-party app stores -- opening the door to a potentially infected version.

HummingBad - Over 10 million Android devices infected with Chinese malware

Over 10m Android devices have been infected with a new piece of malware called HummingBad
The HummingBad malware is capable of taking over a smartphone or tablet, stealing and selling on user information – from email accounts and contacts to banking information and everything needed for identify theft – as well as downloading unauthorised apps and tapping on advertising

Citi is the first Financial Services Firm to launch voice biometrics authentication in Asia

Citi is the first Financial Services Firm to launch voice biometrics authentication in Asia

For Citi’s Consumer Banking customers in Asia Pacific, remembering multiple PINs and responding to a series of questions to verify their identities as they call into the bank will soon be a thing of the past. The voice biometrics authentication capability underscores Citi’s focus on technology to better serve our customers. We know that remembering different PINs and answering multiple questions can make the process frustrating. With this new capability, Citi offers customers a faster and more secure authentication for a better customer experience

It will be rolled out throughout the region in 2016 and 2017 to cover all 12 of Citi’s consumer banking markets in Asia Pacific that represent more than half of the bank’s 19 consumer markets globally. Citi will be the first financial services firm to deploy voice biometrics authentication across Asia Pacific as the bank builds further on its successful innovation in retail banking in the region.

Wild exploitation of SAP business application

Wild exploitation of SAP business application

On May 11, 2016, US-CERT has released an alert of vulnerability in SAP business applications. This vulnerability was first identified back in 2010 and a patch was also released at the same time. This vulnerability was being leveraged to exploit the SAP Systems of many huge organizations.

The question arises that if this vulnerability was patched five years ago, why releasing an alert again?

To answer that question, we have to refer a research report of Onapsis which indicates the exploitation of the same vulnerability in over 36 organizations’ SAP System. Report indicates the misuse of Invoker Servlet, built in functionality of SAP java platform.  The prime reason of the exploit was that SAP systems were still outdated or misconfigured which led to the abuse of this vulnerability.


Subscribe to RSS - Security News