• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Null pune 1st March-news bytes
 

Null pune 1st March-news bytes

on

  • 3,581 views

News Bytes

News Bytes

Statistics

Views

Total Views
3,581
Views on SlideShare
3,578
Embed Views
3

Actions

Likes
0
Downloads
1
Comments
0

3 Embeds 3

https://www.facebook.com 1
https://m.facebook.com&_=1394652389664 HTTP 1
https://m.facebook.com&_=1396261534291 HTTP 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Null pune 1st March-news bytes Null pune 1st March-news bytes Presentation Transcript

    • Security NEWS Bytes Bhavna Kulshrestha
    •  From April 8 2014, technical assistance for Windows XP will no longer be available, including automatic updates.  2.2 million ATMs worldwide, 95% of them still using Win XP.  A bit of a reprieve: ATMs using Windows XP Embedded, support lasts until early 2016. Support is ending soon!!
    •  An Israeli security startup that uses smartphones & high-frequency sounds for identity verification.  A password replacement or Two- Factor authentication layer on top of traditional password.  The Idea : Visit SlickLogin enabled site, tap login button, hold your phone close to laptop & Your IN..!!!  How it works: Uses protocols to verify your phone’s position (Wi-Fi, NFC, GPS, Bluetooth) SlickLogin joins Google
    •  Entry into the system was through a refrigeration, heating & cooling company in Pennsylvania.  Large retail operations have a team that routinely monitors energy consumption & temperatures in stores to save on costs.  To support this solution, vendors need to be able to remote into the system .  Target estimates say that the breach exposed approx 40 million debit and credit card accounts between Nov. 27 & Dec. 15, 2013. “Target” Hackers broke in through HVAC Vendor
    •  Sentient Hyper-Optimized Data Access Network, is the "Google for hackers."  A search engine for servers, routers, load balancers, PCs & collects info on over 500 million devices every month.  Identifies by scanning the Internet for ports typically associated with HTTP, FTP, SSH and Telnet.  A new way to browse the Shodan in the form of an add-on: “Shodan Maps." Scariest Search Engine on the Internet Just Got Scarier…
    •  Tinder connects to Facebook profiles & offers matches based on proximity  A vulnerability allowed the attacker to potentially pinpoint the exact location to within 100 feet.  Using GPS data collected by Smartphone, one could determine a user’s location (latitude, longitude) simply by entering a member's Tinder identification number. Tinder App Allowed Users to Precisely Locate Others
    •  Brought key decision makers and thought leaders from the industry and government.  Well known for its speakers & talks where new vulnerabilities are responsibly disclosed along with their prevention mechanisms.  Highlights of Nullcon 2014 include: Nullcon BlackShield, Nullcon Ammo, Nullcon 2014 Exhibition, Nullcon Job Fair, Nullcon Training India's most popular security conference returns for the fifth year
    •  Two security researchers developed a home-made gadget called 'CAN Hacking Tools (CHT)’  Capable to give away the entire control of your car to an attacker from windows & headlights to its steering & brakes.  Device uses the Controller Area Network (CAN) ports that are built into cars for computer-system checks.  Injecting a malicious code to CAN ports allows to send wireless commands remotely from a computer. Hacking a Car remotely with iPhone sized Device
    •  Security researchers at the University of Liverpool, Britain have demonstrated a WiFi virus that can spread between computer networks.  Named as 'Chameleon', it self-propagates over WiFi networks from AP to AP but doesn’t affect working of AP.  POC: Replaces the firmware of the vulnerable (AP) with a virus-loaded version  Propagates to next victim in network  Research shows that this kind of attack is undetectable to any Antivirus and Wireless Intrusion Detection System (IDS).  However, this is created for demo purpose in research lab only. Chameleon virus that spreads across Wi-Fi APs
    •  Hacker gained access to thousands of passports of law enforcement and military officials.  EC-Council says its servers have not been compromised.  Domain redirection was done at the DNS Registrar & traffic was re-routed from Authentic EC-Council Servers to a Host in Finland known for hosting other illegal websites. EC-Council Web Site Hacked, Defaced
    • 3 Lakh Android devices infected by Premium SMS sending malware  Panda Labs has identified malicious Android apps that sign up users for Premium SMS services without their permission.  Four malicious apps found free in the app store : "Easy Hairdos", "Abs Diets", "Workout Routines" and "Cupcake Recipes”.  App gets phone number of the device, connects to a webpage and registers to premium service.  Average scammed user gets charged $20 by these apps & around 300,000 plus users downloaded them. Scammers have made $6 million from unsuspecting users.
    • Thank You..!!