Cyber Security

Wed
11
Jan

Row Hammer – A New Profound Threat to Information Security

Row Hammer – A New Profound Threat to Information Security
Every one of us understands the importance of Memory in this digital world, and it has become the prime target of attackers to consider for exploitation from the machine/DB level rather than the application layer. 
 
Wed
28
Dec

Information Security Analysts : The Road Ahead

Information Security Analysts : The Road Ahead
In this digitized world, Information Security has become an integral part of each and every organization. The Internet has become an indispensable part of life. A whole lot of Information about everything is available on the internet, which includes sensitive data like Personally Identifiable Information, Intellectual property, Payment Card Industry data etc. And it’s obvious that sensitive data are needed to be protected. An organization needs to classify its data according to its importance, decide the data that needs to be protected.
 
Tue
27
Dec

Pulling out 86% of currency to achieve a dream of cashless economy. Are we ready ?

Pulling out 86% of currency to achieve a dream of cashless economy. Are we ready ?
Prime requirement of the cashless economy is high cyber security awareness, secure implementation, adequate safety measures, proper precautions, and imposed security policies at all stages. Continuing from the previous article " Post demonetization, India is witnessing an emerging era of a paperless economy. Is our cyber security ready for it? ", more on present situation India is going through. 
 
People are using public wifi networks along with mobile wallets and banking application through apps and smartphones, which are still not linked to any identity. Digital identity can be easily forged, nonrepudiation following frauds and attacks is another major issue. OTP is one of the methods to counter nonrepudiation again focusing on the mobile security.
 
Fri
16
Sep

QuardRooter Vulnerability – A risk for nearly 1 billion android devices

QuardRooter Vulnerability – A risk for nearly 1 billion android devices
As Android market is growing with coverage of more than 66% of mobile operating system, Attackers are finding ways to break in to these devices with the vulnerabilities which can help in gaining access privileges.
Now with the discovery of the new QuardRooter vulnerability, nearly 1 billion android smart-phones and tablets are at risk; when these vulnerabilities are exposed, it can give attackers complete control of the device intern providing access to sensitive and corporate data on the devices.
 
What is QuadRooter?
 
According to check point research team - QuadRooter is a set of four vulnerabilities affecting Android devices built on Qualcomm chipsets and Qualcomm is world’s leading designer of LTE chipsets owning a 65% share of the LTE modem baseband market.
 
Thu
15
Sep

Unauthorized URL redirect via HTTP HOST header injection- A deep inside

Unauthorized URL redirect via HTTP HOST header injection- A deep inside
This article introduces Unauthorized URL redirect/Open redirect via HTTP host header injection.A client MUST include a Host header field in all HTTP/1.1 request messages. If the requested URI does not include an Internet host name for the service being requested, then the Host header field MUST be given with an empty value. Any HTTP/1.1 request without host header field must be responded by server with 400(bad request) status code.Application using virtual host and load balancer identifies request by their host header. Server is assigned to single IP address that may host multiple websites. When request comes to server it will redirect to different websites by identifying request from host field. Thus, must validate host header before redirect to websites.There are several different types of attacks related to host header injection
  •  Unauthorized URL Redirect by Cache poisoning
Mon
12
Sep

Baseline implementation for threat identification

Baseline implementation for threat identification
Why security tools are needed? The general answer is that “They easily identify the suspicious traffic / activities and generate automatic alerts”. But who defines which traffic is normal and which traffic is suspicious? The process of identifying the nature of the traffic is  crucial for effective security tool implementation. No security tool works out of the box and starts generating meaningful alerts. Also, there are no universal set of rules which can be applied to all networks. The security analyst needs to collect input from various event sources and analyze it to identify normal nature of the network. Then a benchmark should be set which defines the nature of the traffic. All the rules and alerts should be created by using this benchmark as the baseline.
 
Fri
09
Sep

Cyber Security - Open Source vs Closed Source

Cyber Security - Open Source vs Closed Source
“An open door house or closed door house.” Which one is more secure? Most of us will say that the closed door house is more secure. Yes, you’re probably right or wrong !! This actually depends on the way you look at it.
 
Now just consider the house as a software and then ask which one is more secure, open source or closed source?
 
With the evolution of the digital world, everyone is expecting enhanced security, reliability, low cost, better performance and easy to use software. To fulfil the need we are leaning more towards open source tools, libraries, compilers, language packs etc. When the complete code is open to all how it can be safe and secure from the attackers where  attackers will have detailed knowledge about the source used in products. Do you think it is worrisome?
 
Tue
30
Aug

Cyber kill usage for Advanced Persistent Threat

Cyber kill usage for Advanced Persistent Threat

Industry-wide, cyber security defenders are struggling to keep pace with increasingly advanced (and well-funded) criminal campaigns. These campaigns have substantial, bottom-line impacts and require rapid response with advanced counter-measures. These criminal campaigns are called Advanced Persistent Threats,Many organizations have sound fundamental cyber security capabilities. However, advanced persistent threat (APT) tactics require more agile and advanced defenses. Organizations must continue the fundamentals while adding more advanced and complimentary capabilities. New technologies and methodologies are needed to detect, prevent and respond to threats in near real-time.

To explore the full article, please open the attached pdf.

Authored by Vikas Kumar
TCS Enterprise Security and Risk Management 

 

 

Wed
27
Jul

Hiding in plain sight: Examining support for steganographically hidden content on the internet

Hiding in plain sight: Examining support for steganographically hidden content on the internet

Steganography is the practice of hiding a message or a file within another file so that only the sender and receiver know of its existence. It may also involve the use of cryptography, where the secret message/file is encrypted before being hidden. The objective is to ensure that transmission of secret data remains unsuspected and undetectable. Unlike encrypted files, steganographically hidden messages do not attract attention or arouse suspicion.

Steganography is both an art and a science. As a science it has evolved with advancement in technology, hiding techniques & tools, and as an art it has evolved with ingenuity of man. This advancement has made it easy for anyone to practice it from anywhere on the planet.

This article presents an approach to examine whether a website allows support for steganographically hidden content by evaluating a varied mix of social media sites, image hosting sites, media sites and a few easily available steganography tools.

Pages

Subscribe to RSS - Cyber Security