Author Archives: admin

  • 0
hacking your voice

Hacking your voice to perform social engineering attack

Category : Blog

hacking your voice

Hacking your voice to perform social engineering attack

Hacking you voice is real and possible as Hackers can use photoshopping voiceover . An engineer’s dream is “project voco” where the software allows the controller to edit and insert words into an audio recording without bringing back the original vocalist back to the studio. Hacking your voice and fooling the other person to perform the social engineering attack can be done by just recording the 20-min speech of the person. Now the attacker can change, edit text and do whatever he wants.

 

Watch out the video of the demo presentation of ADOBE “project voco”

 

Clearly, lots of people are excited about the prospect of being able to alter audio recordings. But not everyone is jumping on the bandwagon. Dr. Eddy Borges Rey, a lecturer in media and technology at the University of Stirling, is concerned by the development. He revealed as much to BBC News.

An attacker can record the CEOs voice and can use this software the fool the accounts head and can perform fraud at its will.

It’s unclear when Photoshopping Voiceovers will become publicly available. When it does, it’ll take even more time to determine how easy it is for people to identify an audio recording that someone’s modified using the technology. With that in mind, organizations’ best hope of preventing attacks such as those described above is to train their employees to be on the lookout for vishing and spear-phishing attacks. If an attacker can’t build a pretext, they won’t be able to leverage VoCo to make fraudulent wire transfers or steal sensitive information.

 

Most Demanded Courses at Indian Cyber Security Solutions

 

Ethical Hacking Training – Get a Certified Ethical Hacking Professional Certificate from us which is valid in all over India and all MNCs recognises it.

 

C | EH – Certified Ethical Hacker certification from EC-Council. This certificate is highly demanded by all organizations across the globe. This certificate is globally recognized and more than 160 countries recognises it.

 

Android Penetration Testing – Best way to secure your own application. This is the future, where you need to teste the real world android applications and find out vulnerabilities for the organization



  • 0
mongo db databases

Mongo DB Databases hijacked

Category : Blog

Mongo DB Databases wiped out

Mongo DB databases had been kidnapped by the hackers. The hackers have deleted mongo DB databases from the company servers and are demanding ransom for safely return of the information. The victims are hospitals, small businesses and educational institutes. Nearing 27,000 database could be hacked.

There are security measures built into Mongo DB databases, it’s just that some users don’t bother to use them. For instance, some MongoDB administrators have been leaving their systems accessible to the open internet, without having so much as an admin password in place.

Even though there is security people are very reluctant to use and implement this. It is very frustrating for the companies who had been the victim. It is very obvious for the admin to have the minimum knowledge.

mongo db databases

What is the company behind MongoDB doing about it?

I imagine it is feeling pretty frustrated that some of their users are being so careless with the software.

 

MongoDB Inc clearly needs to reach out to the community and underline the importance of not having unsecured instances of MongoDB running openly on the net. It has posted some advice for users on its website.

 

Of course, the damage is somewhat lessened if you had taken the precaution of backing up your database. If that’s the case then you only have the embarrassing problem of explaining to your customers that their data has been stolen and personal information exposed, rather than be utterly incapable of doing any business.

 

However, if you’re the kind of outfit that doesn’t have an admin password for your database and leaves it open to the internet then I don’t hold out much hope that you’ve been making backups.

 

 

Most Demanded Courses at Indian Cyber Security Solutions

 

Ethical Hacking Training – Get a Certified Ethical Hacking Professional Certificate from us which is valid in all over India and all MNCs recognises it.

 

C | EH – Certified Ethical Hacker certification from EC-Council. This certificate is highly demanded by all organizations across the globe. This certificate is globally recognized and more than 160 countries recognises it.

 

Android Penetration Testing – Best way to secure your own application. This is the future, where you need to teste the real world android applications and find out vulnerabilities for the organization


  • 0

WiFi phishing attack

Category : Blog

WiFi phishing attack – You can be the next target?

Wifi phishing attack is the next level attack even though the wifi in modern days are secured with wifi Protected Access II (WPA2) a security protocol which has a strong cryptographic hash function to protect the pre-shared key (PSK).

During a penetration testing it is quite a tough task to break into WPA-2 network. A modern GPU that is able to calculate an average of 80,000 hashes per second will require maximum 30 days to crack an 8 character PSK. This kind of situation WiFI phishing attack comes in handy.

 

WiFi Phishing can be conducted in two simple steps

  • The first step involves the process of associating with Wi-Fi clients unknowingly
  • The second step involves presenting to the victim user a familiar authentication interface.

 

Making the authentication interface look legitimate will greatly increase the success rate of the attack.

In this respect, the interface should be generated on the basis of something that is appropriate for a certain user (e.g. an interface that is similar to the one used by the legitimate Access Point (AP)). This, of course, involves gathering information from the target environment and victim user.

 

Even with no knowledge of the technologies or services used by the user, it is possible to collect the required information from:

 

Beacon frame (physical layer): One of the management frames in IEEE 802.11 that is transmitted periodically by the AP. It contains all the information about the network, such as i) the ESSID, ii) the encryption type, and iii) the BSSID (MAC address) of the AP.

User-Agent header (application layer): An HTTP header that contains a characteristic string with details regarding the network peer. By redirecting the victim’s HTTP requests to a website controlled by us, we are able to retrieve useful information from this header, such as i) the web browser and ii) the operating system of the victim.

The interesting thing about the BSSID (found in the beacon frame) is that it can be used to determine the router manufacturer. For example, if the first digits of the MAC address are “00:12:17”, we can be pretty confident that the beacon frame was broadcasted by a Linksys router.

 

By knowing the router manufacturer, we can craft fake router configuration pages accordingly as illustrated in the image below.

wifi phishing

In this image, both the BSSID of the victim’s AP and the encryption type of the target network are used to craft a victim-customized phishing page asking for the PSK. This trick became quite popular in the past few years, surpassing the traditional brute-forcing of the 4-way handshake.

 

However, this attack raises suspicion and advanced users will hardly fall for this.

 

But look at the following image.

Wifi Phishing

In this phishing attack, we first make the victim believe he is not having any connectivity to the Internet by showing the “No Internet Connection” page in his browser. We display Google Chrome’s “Unable to Connect to the Internet” page because the HTTP User-Agent header assured us that the victim is using that specific browser.

 

The same header told us that the victim is running Windows, giving us the chance to display a web-based imitation of Windows network manager. We make this much more realistic by showing the valid networks that are in the victim’s neigh borhood.

 

In this case, the victim can hardly tell if the network manager is part of the Operating System UI or the web page he is visiting. In the following image, we compare the Mac OS network manager with an HTML-lookalike of ours. At the top is the fake network manager while the one displayed at the bottom is the real one.

wifi phishing

Phishing attacks like the above can be performed using the latest version of Wifi phisher (v1.2) that was released a month ago. Wifi phisher is an open-source project, and all this functionality wouldn’t be possible without the contributions of the community.

 

Popular training in courses at Indian Cyber Security Solutions


  • 0
virtual reality

Virtual Reality – Are we thinking of Security?

Category : Blog

Virtual Reality and its security

Virtual Reality making it big in the market and every individual is keen to use it.  What we need to worry is its security? It is not a big target for hackers still now. Bulky prototype virtual reality devices were being tested in labs as early as 1960, but there were few, if any, computer hackers or even an internet to speak of back then. A bit later in the pre-internet 90s, Nintendo and Sega tried to bring virtual reality to the gaming masses by developing Virtual Reality platforms and games. However, Sega’s system never made it to market, and when Nintendo’s Virtual Boy launched, it flopped due to lack of consumer interest.

Although the adoption of the VR technology in the work place is on a slower side but some sectors like construction, retail and engineering are more active in adopting virtual reality to make their work more effective and efficient. “Future of IT” a report by Spicework shows that only 5% of the engineering and construction industry is using the virtual reality today in their workplace it is expected to grow to 27% within five years.

It is quite evident from the growth of Virtual Reality that it is the future where more organizations will adopt this to increase their productivity. What we might have to worry about in terms of security and privacy once more organizations starts adopting this.

virtual reality

 

Security & Privacy Concern

Virtual Reality platforms can be an easy target for hackers. If you remember about the mirai malware that made millions of connected cameras part of a botnet. It can be the repeat attack on Virtual Reality devices it they are connected over IP. More over communication between Virtual Reality devices and servers might be sent without any encryption

We all know smartphones can surreptitiously collect information on where we’ve been and when, who we’re talking to, and what we’re interested in. In the future, if VR headsets become ubiquitous, everyday devices (perhaps like a slimmer Google Glass), then someone might be able to track what you’re watching at any time. For example, one day it could be possible for auto insurance companies to deny you coverage if the sensors in a VR device suggest you suffer from slow reaction times.What happens if someone hacks VR headsets and launches a visual attack that could cause adverse real-world reactions? There could be various ways hackers put individuals into harm’s way if desired.

 

Security Advice to VR platform adopters

Precautionary steps organizations can take to improve security of VR devices. For example, before adopting Virtual Reality or any new IoT technology, companies should examine the track record of the manufacturer and ask questions about whether the device’s firmware and software have been hardened to protect against prying eyes or malicious actors. Additionally, companies might want to wait a bit if there’s no immediate need to adopt VR technology, so the early bugs can get worked out to reduce security risks.

 

 

Most Popular training’s by Indian Cyber Security Solutions:


  • 0

Dark Web

Category : Blog

dark webDark Web – The internet beyond Google

 

Dark Web which is indeed a very interesting topic to talk about as due to recent hacks and terrorist activities which took place took the help of the dark web. In this article, we will explain how one novice interest and curiosity can be dangerous in the underworld network of dark web.

The Underground Web is traditionally being the buzz word in the media. Numerous documents and articles on this dark web had made the common people very curious about this underworld network. To be very frank due to rise of internet users in the recent past there is a significant growth of deep web user and its underworld network had grown rapidly.

The deep web had gained its popularity as many news channels and media houses focus on the black market and hackers community functioning through dark web. One can easily gain more knowledge trough search engines like google and from YouTube.  Due to this huge vibe people get excited and  wants to know more. Due their curiosity they may be a victim.

 

Steps to be followed while exploring the Dark Web

 

Step 1:

Privacy should be maintained. A new user in the deep web should be cautious about their identity which should not be revealed. You should use random name which will never relate with your actual identity. It is really very easy to track one with the actual name and email id. One should be very careful while making payment using credit cards and debit cards while they are purchasing any item or service. Bitcoins are the standard payment method use for payment in the dark web.

 

Step 2:

The dark web is one of the main places where computer hackers, security experts, and other interested parties meet to discover, learn about, trade in, launch, and put a stop to digital attacks and crime. With that in mind, do not ever download binary files from untrusted sources, as they could be a conduit for dangerous new strains of malware. Some of the most popular and damaging malware have infected thousands of computers through the dark web before spreading to other machines via other networks and distribution methods.

As a result it is very important to either be aware and use the deep web safely or stay away as the dander of virus using Java Script extension looms in the deep web.

 

Step 3:

The Tor Browser is the most popular application used to access the dark web and the underground network but to be very frank over the years we have seen numerous vulnerabilities in the Tor. So it is quite evident that it cant be the sole browser that can protect your identity from being revealed.

Criminal activity, drugs, pornography that makes the underworld network of dark web so if you are caught using it there is no legislation that can protect you if you conduct the crime.

 

Most Popular Training’s at Indian Cyber Security Solutions:


  • 0
ransomware

Ransomware Top 10 list of 2016

Category : Blog

Ransomware Top 10 list of 2016

Ransomware attack in corporate houses in 2016 was very common. Some ransomware attacked the critical infrastructure of organizations. Ransomware attacks panicked the entire corporate world. There are hundreds of ransomware families which came into lam light after they attacked many organizations. Some of the most dangerous ransomware of 2016 are as follows:

ransomware

CRYPTOWALL

 

Cryptowall ransomware didn’t make any headlines in 2016. Cryptowall was first detected way back in 2014 . Many companies in India got attacked by this ransomware. Cyber Security Companies have gone through a series of network penetration testing and web based security testing to nullify the attack.

 

SAMSAM

 

Researchers at Cisco Talos identified SamSam as one of the first instances of a cryptoworm. Unlike traditional ransomware, which spread primarily via phishing scams and exploit kit attacks, cryptoworms are believed to be the next generation of crypto-malware in that they mimic a computer worm’s userless distribution methods. SamSam exhibited this level of self-propagation in a March 2016 campaign when its developers partnered it with JexBoss, a tool for scanning and exploiting vulnerable JBoss application servers. That pairing allowed SamSam to scan for a weak server, establish an initial network foothold, and move laterally to other vulnerable machines while encrypting data along the way.

 

JIGSAW

 

Jigsaw is the ransomware which particularly gives 24 hours to the victim to pay the ransom of 150 USD. If the victim fails to pay the fee Jigsaw deletes files every hour.  If the victim turn off the computer Jigsaw delete 1000 of the victims files. The ransomware carries out this scheme for 72 hours, at which point it deletes every remaining file that comes with one of its 240 targeted file extensions.

 

CRYLOCKER

 

Most ransomware samples come with a standard ransom note that they display to all their victims. Not CryLocker. This malware locks a victim out of their computer and demands they pay 45 USD in 24 hours. To heap on the pressure, CryLocker customizes its ransom note with the user’s name, birthday, location, IP address, system details, Skype account details, Facebook account details, LinkedIn account details, and other data it harvests from the infected computer. The ransomware then threatens to publish all that information online unless the victim pays up.

 

HDDCRYPTOR

 

HDDCryptor is a nasty family of ransomware. It’s capable of enumerating existing mounted drives and encrypting all files as well as finding and accessing previously connected drives and disconnected network paths. In addition, the crypto-malware uses disk-level encryption to encrypt and overwrite an infected computer’s Master Boot Record (MBR) with a new bootloader, which causes a ransom message to display instead of the login screen upon boot up.

 

Researchers first detected HDDCryptor in September 2016. Two months later, the ransomware made headlines when it infected 2,000 systems at the San Francisco Municipal Transport Agency (SFMTA), or “Muni,” and demanded 100 Bitcoins (approximately 70,000 USD) in ransom. Fortunately, the attack did not affect SFMTA’s rail and bus service, and the public agency said it would use its working backups to restore access to its systems.

 

TESLACRYPT

 

After months of tracking TeslaCrypt across spam campaigns and exploit kit attacks, security researchers at the Slovakian IT security firm ESET learned its developers intended to abandon the ransomware. The researchers contacted the developers and requested the master decryption key. In response, TeslaCrypt’s authors published the key, which ESET used to make a free decryption utility. Victims of the ransomware can now use this tool to regain access to their files.

 

LOCKY

 

Researchers detected the first sample of Locky in February 2016. Shortly thereafter, it made a name for itself when it infected the computer systems at Hollywood Presbyterian Medical Center in southern California. Officials chose to temporarily shut down the hospital’s IT system while they worked to remove the ransomware, a decision which caused several departments to close and patients to be diverted elsewhere. But without working data backups, the executives at Hollywood Presbyterian ultimately decided to pay the ransom of 40 Bitcoin (70,000 USD).

 

In the months that followed, Locky went through at least seven different iterations: “.zepto,” “.odin,” “.shit,” “.thor,” “.aesir,” “.zzzzz,” and “.osiris.” It also leveraged unique distribution channels like SVG images in Facebook Messenger and fake Flash Player update websites.


  • 0

Internet Safety Manual for family & friends to support digitalization in India

Category : Blog

Internet Safety Manual for family & friends

 

Internet safety manual or common hygiene to be maintained by common people while they are on the internet is really missing in India. We at Indian Cyber Security Solutions have taken the major step to educate the common people how to use internet safely. Do`s and don’ts on the internet.

We are on the verge of digitization and in support to the vision of our Honorable Prime Minister Mr. Modi we would like to introduce some of the major factors one should keep in mind while they are doing online transactions and are active in social media or when using public WiFi.

 

internet safety manual

 

Do`s and Don`ts in the cyber space – Golden rule for the internet

 

  • How to create a strong password: Strong passwords are of 12 to 14 character long with a combination of upper case, lower case, special characters and numbers.  Best way to remember your password is to make it very simple and use a leet language. For example, “ABHISHEK” should be “@3#1$#3K”. Replace characters like A with @, B with 3, H with # is one of the best way to create password which is easy to remember for the user and hard for the hacker to guess and crake it.  Before you set a password it is very important to know how strong is the password you have thought to set. To understand this or rather get a definit answer you should always take the help of the website: https://howsecureismypassword.net/ . This will tell you exactly how long will it take to brake your password.

 

  • Use of Password Manager Tools: It is very hard forn the individuals to remember all the passwords for different accounts, PIN numbers of your ATM cards. People do a common mistake in saving them into note pads or sticky notes on desktops which are dangerous. Simple remedy to the complex situation is to have a folder with all passwords and make that folder lock with a password protected application. We advocate you use an online available password vaults for mobiles and desktops. Check out PC Magazine for some of the most popular solutions.

 

  • Use Multi-factor authentication: Always use the security features for login purpose. 2 factor authentication or multi-factor authentications are the normal security features provided by companies as a security parameter to authenticate the user and enhance safety measures.  Some of the examples are proving fingerprint, codes delivered to the mobile number etc.

 

  • Update your WiFi Router: Updating doesn’t only mean upgrading the software but also change the default password and user name of the router. Most people never change them and the default factory settings user name remains admin and the password remains admin. People do not even change the security level of the router and it is highly recommended to use a WPA2 security encryption. It is must for every person to change the wifi passwords every week and make this a habit for a secured future. Avoid using public  You can go through the different types of encryptions to be used by WiFi.

 

  • Always be curious about the sender: When you are online you can easily be the victim of a scam. Never trust blindly to any message on the social media provoking you to open a file or give the credentials. It can be from your friend or a family member but always take a small step to reconfirm the action. Give them a call and confirm about the instruction provided by the sender. There are numerous ways scammers and cyber criminals can fool the common people.

 

 

As all our religious books like Geeta, Bible, Quran protects humanity in this world by guiding them to the right way to live. This few points can help common persons be safe in the digital space. Cyber security is not to make the common person be afraid and make them scare but to help them lead a secured digital life and help them maintain digital privacy.

 

At Indian Cyber Security Solutions, we deal with numerous cyber-criminal cases. Where organizations networks or websites being hacked by hackers and many intellectual properties are being compromised. We provide digital solutions like network penetration testing and web penetration testing to mitigate the further risk. Implementing some regulatory frameworks and being audited on a regular interval can help an organization be safe and secure in the cyber space.

 


  • 0
Hacking Sony security cameras

Sony IP Cameras are vulnerable to be Hacked

Category : Blog

Hacking Sony security cameras by backdoor attacks

 

Hacking Sony security cameras took the industry by a storm. If you have a Sony IP based camera installed at your house or office premises you must be aware of this fact.

 

SEC Consultant researchers have found out a real flaw (0-day vulnerability) in Sony IP cameras that could be exploited as hackers can send in malicious codes, spy on individuals, or can recruit them into DDOS botnet.

Hacking Sony security cameras

 

Sony IPELA Engine IP cameras are the one having these vulnerabilities are largely used by big corporate houses and government firms across the globe.  These IP based cameras are used to protect people and property can be easily used by unknown persons and can be used against an individual.

 

How Cameras can be compromised ?

 

Hacking Sony security camera allows to have an attacker to remotely enables cameras Telnet/SSH Service which allows the hacker to grab a root privilege of the camera.

 

The Vulnerability can easily be exploited as the factory default passwords are hard coded into the firmware which allows virtually any one to log into the device if the camera is LIVE on the internet.

 

 

Information about hacking Sony security cameras by using backdoor were informed to the authorities of Sony corporation on the month of October, and the patch was released by Sony for all the vulnerable devices at the end of November 2016.

 

Why did the backdoor existed is the question of the hour but Sony haven’t come up with any clarification on the issue. Per the experts in the field of cyber security industry, Sony may have introduced this backdoor during the development phase so to debug it, or to test it during manufacturing process.

 

Sony had however acknowledged the report from SEC and had responded reasonably quickly and came out with the patch.

 

Due to increase in IOT devices Cyber security is becoming the major concern for people and organizations. Increase in Jobs in the field of cyber security had increased in the recent past. With expected growth of cyber security market to be 220 billion by the end of 2019 it is great for young graduates to grab a good deal of knowledge on cyber security by going for the global certification course CEH from EC council which is recognized by all MNCs and across 160 countries. One can even go for the Ethical Hacking course which is also provides the in-depth knowledge on cyber security and its counter measures.


  • 0

IOT Devices and Cyber Security are major concern for the future

Category : Blog

IOT devices are more vulnerable to hack

 

IOT devices and Cyber Security goes hand in hand. Every day there is increase in devices which are being connected to internet. Development in the field of machine learning and artificial intelligence had increased dramatically due to increase of interconnected devices and growth of IOT devices in the aim to make the human life easy. IOT devices like smart cars which can auto drive and promise to take you safe to your destination, smart home appliances like refrigerator which can automatically add items to the glossary and vegetable list after checking the availability.

iot devices

 

These interconnected devices often lack security which makes it easy for hackers to send malicious codes and hack into the devices. In the recent past cyber security researchers have shown how they can take control of the car and turn the steering wheel of car while the car is in highway on an average speed of 70 miles per hour.

 

These hacking incident attract media attention but media fails to illustrate how one can stay safe and how to mitigate these kind of risk. Hackers are more smarter and uses there black hat skills to get inside the corporate or government database by exploiting the IOT devices.

 

Some of the key takeaways from the research conducted by Business Insider:

 

  1. Research have found manufacturers of IOT devices and service providers are failing to implement common security measures in their products.
  2. Corporate and government espionage have increased along with data breaches as hackers could easily exploit the IOT devices.
  3. Investment in cyber security on IOT devices is expected to increase by 500% as the demand for these devices increases in coming 5 years.
  4. Demand for general cyber security services like Network Penetration Testing, Web Application Penetration Testing is going to be more complex due to introduction of IOT devices in corporate and government houses in coming future.

 

 

Most Demanded Courses at Indian Cyber Security Solutions:

Ethical Hacking Training – Get a Certified Ethical Hacking Professional Certificate from us which is valid in all over India and all MNCs recognises it.

 

C | EH – Certified Ethical Hacker certification from EC-Council. This certificate is highly demanded by all organizations across the globe. This certificate is globally recognized and more than 160 countries recognises it.

 

Android Penetration Testing – Best way to secure your own application. This is the future, where you need to teste the real world android applications and find out vulnerabilities for the organization.


  • 0

Ransomware attack on hospital forces the hospital authority to cancel 2,800 operations and completely shut down the system.

Category : Blog

Ransomware attack on Hospital – New Blackmailer Game

 

Ransomware attack on hospitals had increased in recent past. With Locky Ransomware attacking the healthcare industry recently. Different industries had been attacked in India and abroad with ransomware. Numerous cases had been registered in India with Bangalore based IT companies are falling pray to ransomware. To be very frank cyber security firms have still not come out with an effective recovery strategy and process to protect and mitigate the high risk involved.

 

ransomware attck on hospital

 

When it comes to ransomware attack on hospital industry it makes it more scary as the hospital responsibility of keeping their customers safety is threatened. At the end of October, three British hospitals suffered a “major incident”, as a malware attack infected the Northern Lincolnshire and Goole NHS Foundation Trust (NLAG), forcing the almost complete shutdown of IT systems and the cancellation of routine patient operations for several days.

 

After the ransomware attack on hospital the hospital authority the malware that infected their computers are similar to the globe ransomware which uses the blowfish cryptographic algo to encrypts victims files.  Adding more pain the globe2 ransomware deletes PC shadow volume copies.  These shadow volume copies are the automated generated backup files created by PCs so you can roll back and recover your lost data.  

 

 

Statement of the Hospital Authority

 

“We can confirm that recent publicly reported information alleging that access was gained through a USB stick or due to remote working have no grounding in fact. We can assure our patients and other stakeholders that we acted swiftly to enhance our existing cyber security but in order to maintain security and support the police investigation, we are unable to share specific information at this time on the exact steps we have taken.”

 

ransomware attack on hospital

 

The good news is that it appears that most of the trust’s IT systems were brought back to working operation relatively quickly, and although 2,800 patient operations were cancelled there is no indication that any long term harm has been done.

 

We are impressed that the hospital was not considering in paying the blackmailer the money as the only option. Unlike the case in the past one hospital from Hollywood paid $17,000/- worth Bitcoins.

 

Cyber Security firms in India have also faced some critical cases where organizations were attacked by ransomware. Cyber attacks have made the security a major concern for all industries. It is now a necessity than a luxury thing. Depending on external security implementing companies have not solved the purpose. Companies across the globe is spending huge amount in recruiting young and tech geeks who are cyber security experts to combat these problems. Ethical Hacking training for students helps them to gain the in-depth knowledge on cyber security and can make this as a exiting career option.

 

 


Show Buttons
Hide Buttons