Category Archives: Uncategorized

Top 10 Secret Tips Of Social Engineering In 2020

Category : Uncategorized

Top 10 Secret Tips Of Social Engineering in 2020

Have you ever thought,How hackers steal confidential data like online account credentials or banking details without hacking into your system.This is a very popular way hackers use to steal sensitive information.Hackers are now evolving this technique to trick people.

Almost 62% of companies facing Social Engineering attack.Many companies now working from home.Hackers now trick employees and steal sensitive data using social engineering.In recent times social engineering attack increased so much and hackers now adopting new techniques to trick people.

So What Is Social Engineering?

Social engineering is a technique to manipulate people, to get confidential information. The types of information collected by social engineering can vary, but when individuals are targeted by the criminals are usually trying to trick you into giving them your passwords or bank information, or access your computer to secretly install malicious software–that will give them access to your passwords and bank information as well as giving them control over your computer.This is a non-technical technique used by hackers to collect sensitive data from a person. Hackers use different social engineer techniques and they keep evolving these techniques. They can get to your data without touching your keyboard or physical access to your system.

To protect the personal or company system a Cyber Security Professional must think like hackers. They should understand how hackers use Social Engineering attacks to get sensitive data from a person.

Here are the 10 Social Engineering Tips Hackers Used

1.Email From A Friend :

People hardly check the genuineness of a mail that comes from a friend or looks like it comes from a friend. Hackers take advantage of this and send malicious links in a mail or ask sensitive information from a user. If a criminal manages to hack or socially engineer one person’s email password they can easily get access to that person’s contact list. Most people use one password for almost everywhere, this makes it easy for hackers to have access to that person’s social networking contacts as well.When hackers get the control of the email they send emails to all the person’s contact list. These emails contain malicious links or links to phishing websites to collect more sensitive data from the person contacts. The mail can also contain a download of pictures, music, movie, or document that has malicious software embedded. If you download which you are likely to do since you think it is from your friend, you become infected by malware. The cyber criminal can easily access your machine, email account, social network accounts, and contacts, and the attack spreads to everyone you know. And on, and on.

{{ brizy_dc_image_alt uid='wp-90b0b40b44d75b698af26b3d94b1de67' }}
{{ brizy_dc_image_alt uid='wp-adb5455b5436c78c2db538aab6923e9b' }}

2.Email From A Trusted Source –

Hackers send phishing links using social engineering strategies that imitate a trusted source. Hackers use a compelling story or pretext to get sensitive data from a user. A phisher sends an e-mail, IM, comment, or text message that appears to come from a legitimate, popular, bank, school, or institution. They present a problem that requires you to “verify” your information by clicking on the displayed link and providing information in their form. The link location may look very legitimate with all the right logos, and content. This type of mail looks like it comes from banks or other financial institutions.Hackers sometimes pose like a boss or coworker. It may ask for an update on an important, proprietary project your company is currently working on, for payment information pertaining to a company credit card, or some other inquiry masquerading as a day-to-day business. Hackers basically send this type of mail to employees of a targeted company to steal sensitive information. These mails look legitimate and hackers can easily get the information they need.

3.Mail From A Trusted Person –

In this type of social engineering attack, hackers send mail to the user. The mail looks like it comes from a trusted source and they copy the official mail id. This type of mail contains phishing links that send the user to a phishing website. Hackers copy the original website and trick users to share sensitive information.

{{ brizy_dc_image_alt uid='wp-072e32395a159f19de6aaca83d8a6ba2' }}
{{ brizy_dc_image_alt uid='wp-f4272cf56ebef564d0348fe8de214389' }}

4.Baiting scenarios :

Hackers know what type of things people want and they target people. They offer to download the latest movie links or music. This type of link also found in social networking sites, malicious websites people find through search results, and so on.This scheme may show up as an amazingly great deal on classified sites, auction sites, etc. To allay your suspicion, you can see the seller has a good rating which is already a planned and crafted profile. People who take this bait get infected by malicious software and hackers still sensitive information.

5.Offering services from trusted

companies :

Hackers offers service like fixing your computers or helping you in banking service.They pick big companies like computer service or banks.They call people and offer free service.They will ask to update software by a link they send to you or install a software so they can fix your computer problem.When user install this software they gives the remote access to the hackers.The hackers also tell user to enter commands or authenticate them.They fthis trick to steal sensitive information and create a backdoor,so they access anytime they want.

{{ brizy_dc_image_alt uid='wp-63518e4689dc4ca46b8c096885a21cfe' }}
{{ brizy_dc_image_alt uid='wp-3d4f964938dd1e55c50595d3b615ec4f' }}

6.Promotional Offers :

Hackers sometimes send promotional mails to users which offer great results on a product.They craft the mail like that people will click on the link.This type of link is also found in search results.People easily click this type of link when they get offers.Hackers uses this Social Engineering method to trick people.

7.Texting Users:

Hackers sometimes trick users by simply sending text messages to users.Here’s how the manipulative scheme works. Hackers send the target a text message instructing them to log in to their online account. Point out that it’s required to accept the new terms of service or confirm that their personal details are up to date.This mail emphasizes that it is an urgent matter and they need to do the task by sending the mail.When the user clicks on the link and types the credentials,hackers can easily get all the information.They can easily hack online accounts.

{{ brizy_dc_image_alt uid='wp-e68ca39f5c3a90d61ef7c88089871e49' }}
{{ brizy_dc_image_alt uid='wp-50727eee81aec19c21ae8cc6f879ffce' }}

8.Using Fake Email :

Hackers first get all the information like the official email id of the company and their employees mail id.Then they send mails to other employees with a copy mail id.In this technique hackers send mail  to employees to get sensitive information from employees,who worked on a targeted company.

9.Lottery Winning Mail :

 In this social engineering attack,hackers send mail to people about lottery winning.This mail trick users to get sensitive information.In order to give you your ’winnings’ you have to provide information about your bank account,so they know how to send it to you or give your address and phone number so they can send the prize, and you may also be asked to prove who you are often including your identification details. These are the ’greed phishes’ where even if the story pretext is thin, people want what is offered and fall for it by giving away their information, then having their bank account emptied, and identity stolen.

10.Creating Phishing Link Of A Keyword :

Hackers create phishing websites for particular keywords.It is really hard to rank for a keyword.But they are so many keywords that are actually easy to rank and have a decent amount of traffic.Hackers take advantage of this and create phishing website to steal sensitive information from users.


How to write a GDPR data privacy notice in 2020

Category : Uncategorized

How to write a GDPR data privacy notice in 2020

The  GDPR (General Data Protection Regulation gives individuals more control over how their personal data is used.If your organisation processes personal data, the Regulation requires you to provide data subjects with certain information. This typically takes the form of a data privacy statement or privacy notice.But what is a data privacy notice, and what should it contain? This post explains everything you need to know.

What is a privacy notice?

A GDPR privacy notice is an important way to help your customers make informed decisions about the data you collect and use. We’ve brought together some information from the law itself and from the EU’s guidance documents to help you understand the components of a good privacy notice. And at the bottom, we’ve included a privacy notice template that you can adapt to your own organization.A privacy notice is a document that organisations give to individuals to explain how their personal data is processed.There are two reasons for doing this. First, it ensures that you’re as transparent as possible with data subjects. This prevents any confusion about the way personal data is being used and ensures a level of trust between the organisation and the individual.Second, it gives individuals more control over the way their data is collected and used. If there’s something the data subject isn’t happy with, they can query it via a DSAR and potentially ask the organisation to suspend that processing activity.

How to write a privacy notice?

1) Contact details

The first thing to include in your privacy notice is the name, address, email address and telephone number of your organisation.If you’ve appointed a  DPO(data protection office) or  EU representative, you should also include their contact details.

2) The types of personal data you process

The definition of personal data is a lot broader than you might think.Ensure you include everything that you’re collecting and do so as specifically as possible.For example, instead of just saying ‘financial information’, state whether it’s account numbers, credit card numbers, etc.You should also outline where you obtained the information if it wasn’t provided by the data subject directly.

3) Lawful basis for processing personal data

Under the GDPR, organisations can only process personal data if there is awful basic for doing so . Your privacy policy should specify which one you’re relying on for each processing purpose.Additionally, if you are relying on legitimate interests, you must describe them. If you’re relying on consent, you should state that it can be withdrawn at any time.

4) How you process personal data?

You must explain whether you will be sharing the personal data you collect with any third parties.We suggest also specifying how you will protect shared data, particularly when the third party is based outside the EU.

5) How long you’ll be keeping their data?

The GDPR states that you can only retain personal data for as long as the legal basis for processing is applicable. In most cases, that will be easy to determine. For example, data processed to fulfill contracts should be stored for as long as the organisation performs the task to which the contract applies.Likewise, organisations that process data on the grounds of a legal obligation public task or vital interest should hold on to the data while those processing activities are relevant.Things are trickier with consent and legitimate interests, as there is no clear point at which they’re no longer valid.As such, we recommend reviewing any processing that involves these lawful bases at least every two years.

6) Data subject rights

The GDPR gives individuals eight data subject right which you should list and explain in your privacy notice:

Right of access: individuals have the right to request a copy of the information that an organisation holds on them.

Right to object: individuals have the right to challenge certain types of processing, such as direct marketing.

Right of portability: individuals can request that organisation transfer any data that it holds on them to another company.

Right of rectification: individuals have the right to correct data that is inaccurate or incomplete.

Right to be forgotten: in certain circumstances, individuals can ask organisations to erase any personal data that’s stored on them.

Right to restrict processing: individuals can request that an organisation limits the way it uses personal data.

Right to be informed: organisations must tell individuals what data of theirs is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties.

Rights related to automated decision making including profiling: individuals can ask organisations to provide a copy of its automated processing activities if they believe the data is being processed unlawfully. You should also remind individuals that they are free to exercise their rights and explain how they can do this.

Is privacy notice the same as a privacy policy?

A privacy notice is a publicly accessible document produced for data subjects. By contrast, a privacy policy is an internal document that explains the organisation’s obligations and practices for meeting the GDPR’s requirements.Although they cover many of the same topics, privacy notices aren’t to be confused with privacy policies.

Contact us


ICSS Saved Harvard University from Hackers.

Category : Uncategorized

ICSS Saved Harvard University from Hackers.

 

ICSS team member Pritam Mukherjee has founded a vulnerability on the website of Harvard University and it is resolved now from their end. It is a proud moment for ICSS.

 

What is cross-site scripting (XSS)

 

Cross-site scripting (also known as XSS) is a web security vulnerability that allows an attacker to compromise the interactions that users have with a vulnerable application. It allows an attacker to circumvent the same-origin policy, which is designed to segregate different websites from each other. Cross-site scripting vulnerabilities normally allow an attacker to masquerade as a victim user, to carry out any actions that the user is able to perform and to access any of the user’s data. If the victim user has privileged access within the application, then the attacker might be able to gain full control over all of the application’s functionality and data.

 

Cross-Site Scripting (XSS) attacks occur when:

 

  1. Data enters a Web application through an untrusted source, most frequently a web request.
  2. The data is included in dynamic content that is sent to a web user without being validated for malicious content.

 

The malicious content sent to the web browser often takes the form of a segment of JavaScript, but may also include HTML, Flash, or any other type of code that the browser may execute. The variety of attacks based on XSS is almost limitless, but they commonly include transmitting private data, like cookies or other session information, to the attacker, redirecting the victim to web content controlled by the attacker, or performing other malicious operations on the user’s machine under the guise of the vulnerable site.

 

How to find and test for XSS vulnerabilities

The vast majority of XSS vulnerabilities can be found quickly and reliably using any web vulnerability scanner.

Manually testing for reflected and stored XSS normally involves submitting some simple unique input (such as a short alphanumeric string) into every entry point in the application; identifying every location where the submitted input is returned in HTTP responses; and testing each location individually to determine whether suitably crafted input can be used to execute arbitrary JavaScript.

Manually testing for DOM-based XSS arising from URL parameters involves a similar process: placing some simple unique input in the parameter, using the browser’s developer tools to search the DOM for this input, and testing each location to determine whether it is exploitable. However, other types of DOM XSS are harder to detect. To find DOM-based vulnerabilities in non-URL-based input (such as document.cookie) or non-HTML-based sinks (like setTimeout), there is no substitute for reviewing JavaScript code, which can be extremely time-consuming. Any web vulnerability scanner combines static and dynamic analysis of JavaScript to reliably automate the detection of DOM-based vulnerabilities.

 

How to Protect Yourself

 

The primary defenses against XSS are described in the OWASP XSS Prevention Cheat Sheet.

Also, it’s crucial that you turn off HTTP TRACE support on all web servers. An attacker can steal cookie data via Javascript even when document.cookie is disabled or not supported by the client. This attack is mounted when a user posts a malicious script to a forum so when another user clicks the link, an asynchronous HTTP Trace call is triggered which collects the user’s cookie information from the server, and then sends it over to another malicious server that collects the cookie information so the attacker can mount a session hijack attack. This is easily mitigated by removing support for HTTP TRACE on all web servers.

 

How to Determine If You Are Vulnerable

 

 

XSS flaws can be difficult to identify and remove from a web application. The best way to find flaws is to perform a security review of the code and search for all places where input from an HTTP request could possibly make its way into the HTML output. Note that a variety of different HTML tags can be used to transmit a malicious JavaScript. Nessus, Nikto, and some other available tools can help scan a website for these flaws, but can only scratch the surface. If one part of a website is vulnerable, there is a high likelihood that there are other problems as well.

 

 

 

 

 


Are You Secure While Watching Smart T.V?

Category : Uncategorized

 

 

Are You Secure While Watching Smart  T.V

You might enjoy watching your smart TV, but what if your smart TV is watching you back? And it’s not just about tracking what you watch. Your TV might actually be listening to your conversations. Or maybe even watching you through its camera. That’s scary!

 

The TV manufacturer might be getting your information and using it for targeted advertising. But that’s not all. Research has found out that smart TVs can be hacked, thanks to their security flaws. So if someone needs to gain access to your personal life, all they have to do is hack your smart TV and learn all about you.

 

Even if you turn off the mic or camera of the smart TV, there are security vulnerabilities that can let hackers spy on you. To make sure this doesn’t happen, follow these tips. If you already have a smart TV, just stop its supply of connectivity. It won’t be able to send your data to its manufacturers, ad companies, or hackers if you just disconnect it from the internet. Because honestly, you rarely use the voice commands. Sure, when the TV is new, everyone wants to use voice commands. But over the time, you just switch back to remotes since the TV doesn’t interpret voice commands correctly anyway. So to disconnect the TV, just visit the settings and turn off its Wi-Fi capabilities. But you do need Netflix on your TV, right? No problem at all. Just get a streaming box. Google Chromecast will play Netflix, Hulu, YouTube, and several other channels.

smart tv hacked

But smart TV spying has gotten much more sophisticated. The latest scandal involves a company called Samba TV, an app included in smart TVs made by Sony, TCL, Philips, and other major manufacturers. Samba is a seemingly harmless app that offers recommendations on what to watch, and that sounds awfully handy in a world where we may spend hours scrolling through Netflix to pick a show. It’s handy enough that most people (around 90%) just click “accept” when their new TV asks if they want to enable Samba.

The trouble is that by clicking accept you’re giving Samba access to a lot more than your viewing information. Samba also checks out devices connected to the same Wi-Fi network as your television, tracking not only what you’re watching on TV, but when you watch, where you go, and what you’re doing in other apps — which it can share with others for marketing purposes.

Even if you turn off the mic or camera of the smart TV, there are security vulnerabilities that can let hackers spy on you. To make sure this doesn’t happen, follow these tips. If you already have a smart TV, just stop its supply of connectivity. It won’t be able to send your data to its manufacturers, ad companies, or hackers if you just disconnect it from the internet. Because honestly, you rarely use the voice commands. Sure, when the TV is new, everyone wants to use voice commands. But over the time, you just switch back to remotes since the TV doesn’t interpret voice commands correctly anyway. So to disconnect the TV, just visit the settings and turn off its Wi-Fi capabilities. But you do need Netflix on your TV, right? No problem at all. Just get a streaming box. Google Chromecast will play Netflix, Hulu, YouTube, and several other channels.

I want to bring in the context the recent incident occurred in the Surat about a couple which has lead to crime smart tv made that couple private videos.

Rajesh Kumar* was in the habit of watching porn on his smart TV in his bedroom and often visited adult websites. Recently, the married man got the shock of his life when he discovered a video of intimate moments he had shared with his wife, on one such website. The cybersecurity experts that Rajesh* contacted eventually found out that the smart TV in his room had been hacked into and that its camera functionality was remotely used to capture footage – all without Rajesh’s* knowledge.

Rajesh*, a resident of a posh locality in Surat, was both stunned and extremely disturbed when he had discovered the video of him and his wife on a porn site. While he did not contact cops owing to fear of public humiliation, he got in touch with certain cybersecurity experts with knowledge of crimes using high-end technology. These experts reportedly investigated Rajesh’s* room where the video was shot but did not find any hidden camera anywhere. For a considerable period of time, even the experts were apparently flummoxed by how the video could have been recorded and then uploaded online. Then, eyes fell on the smart TV in the room.

Subsequent investigations revealed that because Rajesh* used to visit porn sites, a hacker on one such site could have easily broken into the TV – just like computers are hacked into – and used the in-built camera remotely to capture the live feed. Because the TV was WiFi-enabled, the recorded video was also uploaded online – all without the knowledge of Rajesh* and his wife. –about this incident let us see what

 

 

Pritam Mukherjee (ICSS Senior IT Security Analysis)-  icss it security analysis

Actually there are two processes through which this device could be hacked that are as followed:

1. When there is a device connected with the internet and that device is having the loophole (vulnerabilities access) then that device can easily be hacked.

  1. In smart tv, there could be browser and email sender both so if someone browses any the malicious website then the file is download from the website and it can access to the system and can also send email in the malicious file then it could be hacked easily.

                                  So looking to these points we can say that the incident took place in Surat was really hacked through smart tv


Noriben: Portable, Simple, Malware Analysis Sandbox

Category : Uncategorized

Noriben

Noriben   is a Python-based script that works in conjunction with Sysinternals Procmon to automatically collect, analyze, and report on runtime indicators of malware. In a nutshell, it allows you to run your malware, hit a keypress, and get a simple text report of the sample’s activities.

Noriben allows you to not only run malware similar to a sandbox but to also log system-wide events while you manually run malware in ways particular to make it run. For example, it can listen as you run malware that requires varying command line options, or user interaction. Or, to watch the system as you step through malware in a debugger.

Noriben solely requires Sysinternals procmon.exe (or procmon64.exe) to function. It requires no pre-filtering (although it might tremendously assist) because it incorporates quite a few white record gadgets to scale back undesirable noise from system exercise.

Noriben

 

Cool Features of Noriben:

If  you will have a folder of YARA signature information, you’ll be able to specify it with the –yara choice. Every new file create shall be scanned towards these signatures with the outcomes displayed within the output outcomes.

If you will have a VirusTotal API, place it right into a file named “virustotal.api” (or embed immediately within the script) to auto-submit MD5 file hashes to VT to get the variety of viral outcomes.

You can add lists of MD5s to auto-ignore (resembling your entire system information). Use md5deep and throw them right into a textual content file, use –hash to learn them.

You can automate the script for sandbox-utilization. Using -t to automate execution time, and –cmd “pathexe” to specify a malware file, you’ll be able to routinely run malware, copy the outcomes off, after which revert to run a brand new pattern.

YARA

 

Bypassing Anti-Sandboxing

One   common instance to use Noriben is with malware that is VM and Sandbox aware. Throwing the sample into any existing sandbox will most likely result in a report with no artifacts as the malware didn’t run. Some applications look for manual user activity, such as mouse movement and clicking. Other malware may infect the WinHTTP stack and only trigger when a web browser is used. By just launching Noriben in the background, all of the system behavior is logged as the analyst manually controls the system to give the impression of a normal user. Once the file has been detonated, the results can be reviewed as a standard sandbox report.

sandbox

 

Command Line-Based Applications

 

In   rarer cases are malware samples that require command line options in order to run. Launching these executables within a sandbox would immediately fail as the malware does not have the arguments to operate. However, an analyst manually controlling the malware while Noriben is running can quickly gather all system artifacts from various command line options.

command

 

General Attack Artifacts

Even   more interesting, Noriben has been used by pentesters to determine what system artifacts exist when launching an attack against a system or service. By monitoring files created or registry entries modified, a security analyst can determine all artifacts that result from running an attack, a PowerShell command, or a Javascript-based web page.

Javascript

 

Perfect for Malware Analysis on the Road

It’s    commonly a scenario where an analyst may have a proper sandbox environment in a home lab but on the road has only a laptop. In working with various Sales Engineers and Support individuals from security companies, there were many times where they needed an immediate malware answer out of their hotel room. Noriben was designed to be used with little effort, little setup, and little maintenance. Even if you don’t have a dedicated malware VM, any Windows VM will do! Even <a snapshot copy of> your corporate environment!

VM

 

 

Highest Selling Technical Courses of Indian Cyber Security Solutions:

Certified Ethical Hacker Training in Bhubaneswar

Certified Ethical Hacker Training in Bangalore

Ethical Hacking Training in Bangalore

Ethical Hacking Training in Hyderabad

Certified Ethical Hacker Certification – C | EH v10

Summer Training for CSE, IT, BCA & MCA Students 

Network Penetration Testing training

Ethical Hacking  training

Python Programming training

Diploma in Network Security Training

Secured Coding in Java

Certified Network Penetration Tester 

Certified Web Application Penetration Tester 

Certified Android Penetration Tester 

Certified Python Programming 

Advance Python Training 

Reverse Engineering Training  

Amazon Web Services Training  

VMware Training 

 

Cybersecurity services that can protect your company:

Web Security | Web Penetration Testing

Network Penetration Testing – NPT

Android App Penetration Testing

Source Web Development

Source Code Review

Android App Development

Digital Marketing Consultancy

Data Recovery

 

Other Location for Online Courses:

Bhubaneswar

Bangalore

Hyderabad

 


×

Hello!

Click one of our representatives below to chat on WhatsApp or send us an email to [email protected]

× Hi How can we help you