Category Archives: Blog

  • 0
Blackberry hacked

Blackberry hacked to mine cryptocurrency

Category : Blog

Blackberry hacked to mine cryptocurrency. As cryptocurrency spread its roots globally, the ways of illegally earning or ‘mining’ it is also becoming advanced and much more sophisticated.

Blackberry hacked

Blackberry mobile’s website recently became a victim when hackers used it to illegally mine cryptocurrency.

With Bitcoin and other cryptocurrencies gaining popularity, hackers are finding newer ways to mine. They have now started to hack websites and use servers to mine digital currency.

How the Mining Works

The processing powers of computers are utilized by cryptocurrency miners to solve compound and complex mathematical problems and calculations.

Bitcoins or other cryptocurrencies are provided as payment to the miners for ‘their’ calculations.

Mining requires CPU memory, which is limited, so hackers find victims and hack into their computers to use their memory to mine.

This time the Blackberry website was being used to mine Monero, a digital currency that is quickly growing.

The hacker hacked into visitor’s computers to mine Monero by using CoinHive codes, the Monero mining script service that was found embedded in the code of the website.

This Blackberry hack issue was discovered by a Reddit user Rundvleeskroket.

CoinHive later apologetically explained on Reddit that a vulnerability in the Magneto webshop software was used to hack the Blackberry website by one of their users, whose account, after the discovery, was terminated for violating the terms of service.

Blackberry hacked to mine cryptocurrency. According to CoinHive, a number of different websites were also hacked due to the vulnerability in the Magneto webshop software.

Later in the same month, the technique spread to Android apps, and it seems that the list of victims is constantly growing.

A cybersecurity researcher discovered 291 Android apps that included the mining codes.

While Blackberry has removed the code and the site is now safe to use, it is unclear how many visitors had to face the burn due to this Blackberry hack incident.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training


  • 0
DuckDuckGo, Brave

DuckDuckGo, Brave Improving online privacy

Category : Blog

DuckDuckGo Brave Improving online privacy. The feature is accessible today via the new Brave browser desktop release 0.19.116 and will be combined in Brave Android and iOS apps in the first quarter of 2018.

DuckDuckGo Brave

Here’s how DuckDuckGo Brave are increasing online privacy together. Users that open a new private tab in Brave will be offered with an option to select DuckDuckGo as their default search engine. Other search engines track users even when they are employed inside of private browsing modes. DuckDuckGo does not ever accumulate or share users’ personal information. With over 16 billion cumulative anonymous searches as of 2017, DuckDuckGo is growing to be the world’s most trusted search engine.

Many popular sites can host as many as 70 trackers, following users around the web and compile information about their site visits. Brave, by default, stops ads and trackers that violate users’ privacy. Users get an even higher level of privacy by opening a private tab, available from the browser File menu. These tabs are not logged in History or in browsing data and are not included in Brave Payments calculations. Both Brave private tabs and their cookies disappear when the browser is closed.

In a recent study, DuckDuckGo found that isolation is now a mainstream concern in the U.S. with 24% of adults caring enough about their online privacy to take meaningful action to protect it. 65% of people would be excited to switch search engines if they knew a new search engine did not collect personal data about searches. In a January 2017 report, 84% of Americans said they would consider trying another primary web browser if it offered more features to help protect their privacy.

“A lot of people think their searches aren’t tracked in private browsing mode. Sadly, that’s not true unless you’re using a private search engine like DuckDuckGo. We are excited to partner with Brave to give people the search privacy they expect and deserve,” said Gabriel Weinberg, Founder & CEO, DuckDuckGo.

“With Brave and DuckDuckGo, users can rest ensured that we don’t see the sites they browse, that personal data is not stored, and that they are protected from trackers,” said Brendan Eich, CEO, and co-founder of Brave Software. “Users have submitted long enough from the current broken online ecosystem, and with the right tools, they can improve their privacy and take a stand against the agents that exploit their personal data.”

DuckDuckGo Brave together will prove to be a very effective team to provide its end user a seamless and smooth experience.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training


  • 0
Wi-Fi Alliance WPA3

Wi-Fi Alliance WPA3 with new security features

Category : Blog

Wi-Fi Alliance WPA3 with new security features. The Wi-Fi Alliance has finally announced the long-awaited next generation of the wireless security protocol—Wi-Fi Protected Access (WPA3).

Wi-Fi Alliance WPA3

Wi-Fi Alliance WPA3 will replace the existing WPA2—the network security protocol that has been around for at least 15 years and widely used by billions of wireless devices every day, including smartphones, laptops, and the Internet of things.

However, WPA2 has long been considered to be insecure due to its common security issue that is “unencrypted” open Wi-Fi networks, which allows anyone on the same WiFi network to intercept connections on other devices.

Most importantly, WPA2 has also recently been found vulnerable to KRACK (Key Reinstallation Attack) that makes it possible for attackers to intercept and decrypt Wi-Fi traffic passing between computers and access points.

The new standard of Wi-Fi security, which will be available for both personal and enterprise wireless devices later this year, offers improved security and privacy.

  • WPA3 protocol strengthens user privacy in open networks through individualized data encryption.
  • WPA3 protocol will also protect against brute-force dictionary attacks, preventing hackers from making multiple login attempts by using commonly used passwords.
  • WPA3 protocol also offers simplified security for devices that often have no display for configuring security settings, i.e. IoT devices.
  • Finally, there will be a 192-bit security suite for protecting WiFi users’ networks with higher security requirements, such as government, defense, and industrial organizations.

“Wi-Fi security technologies may live for decades, so it’s important they are continually updated to ensure they meet the needs of the Wi-Fi industry,” said Joe Hoffman, SAR Insight & Consulting. “Wi-Fi is evolving to maintain it’s high-level of security as industry demands increase.”

Since hardware must get certified by the Wi-Fi Alliance to use WPA3 security protocol, the new security standard won’t arrive overnight.

It could take months for device manufacturers to support the new wireless security standard, but the first WPA3-certified devices are expected to ship later this year. More details about WPA3 have yet to be released.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training


  • 0
Apple update

Apple update Meltdown and Specter flaws resolved

Category : Blog

Apple update Meltdown and Spectre flaws resolved. 2018 kicked off with a bang security-wise due to the announcement of the serious Meltdown and Spectre flaws found in processors widely used by a wide range of computing devices and smartphones.

Apple update

2018 kicked off with a bang security-wise due to the announcement of the serious Meltdown and Spectre flaws found in processors widely used by a wide range of computing devices and smartphones.

The story quickly developed from being a design flaw in Intel CPUs, that could allow malicious code to access information supposedly held in “protected” areas of your computer’s memory, to be also an issue for the ARM and AMD chips.

To Apple’s credit, they had already started to tackle the problems before the security issues were made public. MacOS 10.13.2, released last month, mitigated against the effects of Meltdown (which only affects only Intel processors), and iOS 11.2 tackled Spectre for iPad and iPhone users.

But the newly released macOS High Sierra 10.13.2 and iOS 11.2.2 updates take things an important step further – closing the door on the possibility of the Spectre vulnerability being exploited via a Javascript attack via the Safari browser.

 

ios-11-2-2

It really is important to keep browsers patched – as they are an obvious route through which an attacker could successfully execute code on your computer. That’s one of the reasons why I am also a strong advocate of users never venturing out onto the web without the added protection of an ad blocker.

It’s your computer, it’s your sensitive information, your passwords. Opening yourself up to some of the wildness that can lurk on websites and – in particular – poisoned ads, and allow them to run code willy-nilly is a very dangerous game to play.

Apple update, Even if Meltdown and Spectre have not been actively exploited as far as we know in malicious attacks, it still makes sense to protect against the problems as well as we can.

Apple update Meltdown & Spectre flaw resolved. So, iPhone and iPad users can rest a little more easily today (provided they’ve applied the update, of course!).

Which leaves me wondering about those hundreds of millions of Android users, many of whom have been neglected for years without seeing hide nor hair of a security update.

My guess is that the latest and most expensive Android devices from leading vendors will receive an update in due course, but many others will be left in the lurch.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training


  • 0
Location tracking services vulnerabilities

Location tracking services vulnerabilities allow to access unauthorized GPS location data

Category : Blog

Location tracking services vulnerabilities allow accessing unauthorized GPS location data. Security scholars have published a testimony on a series of errors that they termed “Trackmageddon” that distress many GPS and location tracking services. These security defects could permit cybercriminals to divulge delicate information on millions of online location tracking devices controlled by vulnerable GPS services.

Location tracking services vulnerabilities

Cybercriminals can use the Trackmageddon defects to uncover statistics such as GPS coordinates, location history, device model and type, serial number, mobile number and maybe private data —depending on the tracking service and device configuration.

They can attain entrance to information by using the default credentials (like “123456”), and uncertain uninterrupted object reference vulnerabilities, which enable an authenticated attacker to access other users’ accounts simply by modifying the value of a parameter in the URL.

The researchers tried to contact the hawkers behind the affected tracking services to informing them of the severity of these security flaws. They have published a list of services who patched or may have patched the vulnerabilities, a list of services still exposing data, and a list of vulnerable devices.

What’s more? On some online services, an unauthorized third party can also access photos and audio recordings uploaded by location tracking devices.

According to the researchers, one of the largest global vendors for GPS tracking devices, ThinkRace, may have been the original developer of the flawed location tracking online service software and seller of licenses to the software.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training


  • 0
Opera browser update

Opera browser update to combat cryptocurrency mining

Category : Blog

Opera browser update to combat cryptocurrency mining. The last year has seen a rise in the number of websites hogging visitor’s CPU and browser resources by surreptitiously mining for cryptocurrencies while you surf.

Opera browser update to combat cryptocurrency mining

Due to Opera browser update, Sites like Pirate Bay have found themselves in hot water after visitors discovered it had added CoinHive’s crypto-mining tool which, according to the company’s marketing materials, allows you to “monetize your business with your users’ CPU power.”
Well, crypto-mining may be a way for websites to generate income if they’ve found alternative methods (such as advertising, subscriptions, or sponsorship) don’t work for them but the impact on visiting computers is typically too much for many users to bear – and is particularly unforgivable if the CPU-intensive calculations are being done without consent.
Some sites have even used the dirty trick of continuing to crypto-mine even after the user has left their site, after opening a “pop-under” window hidden beneath the browser.
Opera recently announced that its upcoming Opera 50 release (currently in beta) contains an anti-cryptocurrency mining feature that will surely be well-received by the majority of users.
“Bitcoins are really hot right now, but did you know that they might actually be making your computer hotter? Your CPU suddenly working at 100 percent capacity, the fan is going crazy for seemingly no reason and your battery quickly depleting might all be signs that someone is using your computer to mine for the cryptocurrency,” said Opera’s Kornelia Mielczarczyk.
As Opera explains, the new “NoCoin” cryptocurrency-mining protection is provided via the browser’s integrated ad blocker and can be enabled by simply selecting it under the recommended list of ad filters.comparisonOpera claims that having the feature enabled dramatically reduces the CPU usage when visiting sites containing crypto-mining code.

It’s worth bearing in mind that even if you don’t use the Opera browser it’s possible to block crypto-mining through third-party ad blockers that subscribe to the NoCoin filtering list.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training


  • 0
Automatic autofill of credentials

Automatic autofill of credentials, is it really safe?

Category : Blog

Automatic autofill of credentials, is it really safe? Nowadays, Trackers found silently grabbing your information as you surf the web.

Automatic autofill of credentials

Is your browser’s built-in login manager leaking your username (and possibly your password too)?

Researchers at Princeton’s Centre for Information Technology Policy have uncovered two third-party tracking scripts that can scoop up information provided by your browser’s login manager to create a persistent identifier tracking you as you move between web pages.

Here’s how it happens:

  • You visit a webpage and fill out a login form. Your browser asks you if you want to save the login details.
  • Later, you visit a different page on the same website, which includes the third-party tracking script. The tracking script inserts a login form that is invisible to the naked eye onto the webpage, and your browser’s password manager automatically fills in your credentials.
  • The third-party script snaffles up your email address from the invisible form’s field and sends a hash to a third-party server.

Automatic autofill of credentials

Fed up with Automatic autofill of credentials? What’s the solution? Simple. Don’t use a login manager that autofill’s forms without you giving it explicit permission to do so. You might be wiser using a product like 1Password, whose developers confirmed was designed to always insist on user approval before filling forms.

If you allow your browser to automatically submit your username and password into forms silently and invisibly, there is always the danger that a malicious site or script may steal the information.

The two scripts spotted by the Princeton researchers – Ad Think and On Audience – appear to have been designed to grab hashed usernames to identify web visitors for ad-tracking purposes, but there is no technical reason why the same approach couldn’t also be used to steal auto filled passwords.

The researchers have built an online demo, where you can test whether you might be vulnerable.

It should go without saying – don’t enter real credentials on that demo page!

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training


  • 0
phpmyadmin-hacking

phpMyAdmin – A critical security vulnerability has been reported

Category : Blog

phpMyAdmin – A critical security vulnerability has been reported. One of the most popular applications for managing the MySQL database—which could allow remote attackers to perform dangerous database operations just by tricking administrators into clicking a link.

phpmyadmin-hacking

Discovered by an Indian security researcher, Ashutosh Barot, the vulnerability is a cross-site request forgery (CSRF) attack and affects phpMyAdmin versions 4.7.x (prior to 4.7.7).

Cross-site request forgery vulnerability, also known as XSRF, is an attack wherein an attacker tricks an authenticated user into executing an unwanted action.

According to an advisory released by phpMyAdmin, “by deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables, etc.”

phpMyAdmin is a free and open source administration tool for MySQL and MariaDB and is widely used to manage the database for websites created with WordPress, Joomla, and many other content management platforms.

Moreover, a lot of hosting providers use phpMyAdmin to offer their customers a convenient way to organize their databases.

Barot has also released a video, as shown above, demonstrating how a remote attacker can make database admins unknowingly delete (DROP) an entire table from the database just by tricking them into clicking a specially crafted link.

“A feature of phpMyAdmin was using a GET request and after that POST request for Database operations such as DROP TABLE table_name; GET requests must be protected against CSRF attacks. In this case, POST requests were used which were sent through URL (for bookmarking purpose may be); it was possible for an attacker to trick a database admin into clicking a button and perform a drop table database query of the attacker’s choice.” Barot explains in a blog post.

However, performing this attack is not simple as it may sound. To prepare a CSRF attack URL, the attacker should be aware of the name of targeted database and table.

“If a user executes a query on the database by clicking insert, DROP, etc. buttons, the URL will contain database name and table name,” Barot says. “This vulnerability can result in the disclosure of sensitive information as the URL is stored at various places such as browser history, SIEM logs, Firewall Logs, ISP Logs, etc.”

Barot reported the vulnerability to phpMyAdmin developers, who confirmed his finding and released phpMyAdmin 4.7.7 to address this issue. So administrators are highly recommended to update their installations as soon as possible.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training


  • 0
Forever 21

Forever 21 payment card breached

Category : Blog

Forever 21 payment card breached. First notified in November of a data breach incident, popular clothing retailer Forever 21 has now confirmed that hackers stole credit card information from its stores throughout the country for several months during 2017.

Forever 21

Although the company did not yet specify the total number of its customers affected by the breach, it did confirm that malware was installed on some point of sale (POS) systems in stores across the U.S. at varying times between April 3, 2017, and November 18, 2017.

According to the company’s investigation, which is still ongoing, the malware was designed to search for and likely steal sensitive customer credit card data, including credit card numbers, expiration dates, verification codes and, in some cases, cardholder names.

Forever 21 has been using encryption technology since 2015 to protect its payment processing systems, but during the investigation, the company found that some POS terminals at certain stores had their encryption switched off, which allowed hackers to install the malware.

However, according to the company, not every POS terminal in affected stores was infected with the malware and not every store was impacted during the full-time period (roughly 8 months) of the breach.

In fact, in some cases, payment card data stored in certain system logs before April 3rd were also exposed in the breach.

“Each Forever 21 store has multiple POS devices, and in most instances, only one or a few of the POS devices were involved. Additionally, Forever 21 stores have a device that keeps a log of completed payment card transaction authorizations,” the company said while explaining the incident.
“When encryption was off, payment card data was being stored in this log. In a group of stores that were involved in this incident, malware was installed on the log devices that was capable of finding payment card data from the logs, so if encryption was off on a POS device prior to April 3, 2017, and that data was still present in the log file at one of these stores, the malware could have found that data.”
The company also assured its online customers that payment cards used on its website (forever21.com) were not affected by the breach.

Since payment processing systems outside of the United States work differently, it should not be impacted by the security breach, but the retailer said it’s still investigating whether non-US stores were affected or not.

Forever 21 advised customers who shopped at its stores to stay vigilant and keep an eye on their credit transactions for any suspicious activity, and immediately notify their banks that issued the card if found any.

The company has promised to continue working with “security firms to enhance” their security measures.

This breach is yet another embarrassing incident disclosed recently, followed by Disqus’ disclosure of a 5-year-old breach of over 17.5 million Disqus users and Yahoo’s revelation that 2013 data breach affected all of its 3 Billion users.

The recent incidents also include Equifax’s revelation of a breach of potentially 145.5 million customers, U.S. Securities and Exchange Commission (SEC) disclosure of a data breach that profited hackers, and Deloitte’s disclosure of a cyber attack that led to the theft of its clients’ private emails and documents.

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training


  • 0
Password Managers exploited

Password Managers can be exploited using Web Trackers

Category : Blog

Password Managers exploited using web trackers. This type of abusive conduct is possible because of a configuration flaw in the login handlers included with all browsers, login managers that allow browsers to memorize a user’s username and password for particular sites and auto-insert it in login fields when the user revisits that site again.

Password Managers exploited

Experts say that web trackers can install hidden login forms on sites anywhere the tracking scripts are loaded. Because of the way the login handler’s work, the browser will fill these fields with the user’s login information, such as username and passwords.

Password Managers exploited using web trackers. The trick is an old one, identified for more than a decade, but until now it’s only been employed by hackers trying to collect login data during XSS (cross-site scripting) attacks.

Princeton researchers say they later found two web tracking settings that utilize hidden login forms to get login information.

Fortunately, none of the two services received password information, but only the user’s username or email address depending on what each area uses for the login process.

The two services are Adthink and On Audience, and Princeton researchers said they recognized scripts from these two that collected login info on 1,110 sites found on the Alexa Top 1 Million sites list.

In this particular case, the two corporations were extracting the username/email from the login field, creating a hash, and tieing that hash with the site visitor’s existing advocacy profile.

Email addresses are unique and persistent, and thus the hash of an email address is an excellent tracking identifier. A user’s email address will essentially never change clearing cookies, using private browsing mode, or switching devices won’t stop tracking. The hash of an email address can be used to attach the pieces of an online profile scattered across different browsers, devices, and mobile apps.

Researchers from the Princeton Center for Information Technology Policy (CITP) also produced a demo page that users can test using false credentials and see if their browser’s login supervisor fills in the hidden field.

 

Most Popular Training Courses at Indian Cyber Security Solutions

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Tester Training

Ethical Hacking  training

Python Programming training

 RHCE  training

CEH V9  training

Diploma in Network Security Training

Secure Coding in Java

Diploma in Web Application Security 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advanced Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

Digital marketing

CCNA training


Show Buttons
Hide Buttons