Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Null mumbai news bytes by Rahul Tulaskar


Published on

News Bytes by Rahul Tulaskar

Published in: Technology
  • Have u ever tried external professional writing services like ⇒ ⇐ ? I did and I am more than satisfied.
    Are you sure you want to  Yes  No
    Your message goes here
  • You might get some help from ⇒ ⇐ Success and best regards!
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Null mumbai news bytes by Rahul Tulaskar

  1. 1. your nameyour name News Bytes By Rahul Tulaskar 9 th July
  2. 2. your name >>>About Myself lCompleted B.E from Mumbai University in Computer Engineering . lCurrently pursuing M.Tech from K.J.Somaiya COE. lAbout to start Internship at Tech Mahindra.
  3. 3. your name >>>Agenda lTHE PENTAGON BUG BOUNTY PROGRAM. lHumming Bad Malware on Android. lNew Target: SmartWatches. lMiscellenous
  4. 4. your name >>>Pentagon Bug Bounty lFirst bug bounty program during April-May. lDoD partnered with HackerOne. lIP: Registration → Background checks → Task allocation. lNo Critical, Mission-Facing Systems Involved. lLive Assets: DoD public websites.
  5. 5. your name >>>Pentagon Bug Bounty Total 138 vulnerabilities discovered. First vulnerability discovered in just 13 minutes fron the start of the PT. Bounty organised due a damaging year for US cyberdefenses. In 2015 Russian hackers gained access to unclassified Pentagon computer systems, with sophisticated cyberattacks also targeting digital infrastructure inside the White House. Hackers linked to the Chinese government also stole personal information from background checks on 21.5 million Americans.
  6. 6. your name >>>Humming Bad Malware lC1: attempts to gain root access on a device with...rootkit . lC2: If rooting fails → a fake system update notification, tricking users into granting Humming Bad system-level permissions. lTarget: Android Jellybean to Marshmellow. lYingmob – shares resources and tech. With an analytics company.
  7. 7. your name >>>Humming Bad Malware lInjection of advertisements into victim's devices, which when clicked, Yingmob gets paid. l20 Million ads on a daily basis that achieve approximately 2.5 Million clicks per day. l The campaign generates $300,000 a month; proving attacks can achieve financial self-sufficiency. lSSP: rooting,downloading fake apps and display ad banners. lCAP:Fake IMEI injection,sending usage statistics to C&C server and checks for plugin updates.
  8. 8. your name >>>Target → SmartWatch lMotive: Steal ATM PIN by reproducing trajectories of hand movements. lBackward PIN-Sequence Inference algorithm . l80% success rate on the first attempt, and over 90% of the time with 3 tries. lBinghamton University's paper titled: lFriend or Foe?: Your Wearable Devices Reveal Your Personal PIN
  9. 9. your name >>>More about the paper l nd-or-Foe-Your-Wearable-Devices-Reveal- Your-Wang- Guo/e867c843844a46d35434f01855d10d9 738757037 lTests were successful irrespective of the hand position and orientation. lNo Concrete Solution to counter this form of eavesdropping.
  10. 10. your name >>>Miscellenous lSolarin Cellphone → Sirin Labs. lDDOS at Compusoft → breach/the-story-of-a-ddos-extortion-attack-how-one- company-decided-to-take-a- stand.html?utm_content=buffer95b7e&utm_medium=soci al& s_all l palantrir: hackers-got-complete-control-of- palantir?utm_term=.foMbAj3a32#.veydPwg2gq
  11. 11. your name >>>References l content/uploads/2016/07/HummingBad-Research- report_FINAL-62916.pdf l china.html l 2016/05/18/hack-the-pentagon-bug-bounty-payouts- coming-soon/84556770/ l l over-10-million-android-users-report-says/
  12. 12. your name >>>THE END THANK YOU !!!!!