The document summarizes various cybersecurity incidents that occurred in July 2021. It reports on ransomware attacks against Fujifilm in Japan and UnitingCare Queensland in Australia. It also discusses data breaches affecting Alibaba, CVS Health, and Cisco vulnerabilities being exploited. New malware such as DarkRadiation ransomware targeting Linux and the return of Agent Tesla RAT in COVID-19 vaccine phishing scams. The gaming, technology, healthcare and government sectors were most affected. Attack vectors included ransomware, data leaks, malware/trojans and exploitation of known vulnerabilities. Consequences involved encryption of systems and files, theft of personally identifiable information and system compromise.
Welcome to the Threatsploit Report of covering some of the important cybersecurity events, incidents and exploits that occurred this month such as Application Security, Mobile App Security, Network Security, Website Security, API Security, Cloud Security, Host Level Security, Cyber Intelligence, Thick Client Security, Threat Vulnerability, Database Security, IOT Security, Wireless Security.
This mid-year 2018 report provides intelligence about how attackers are targeting enterprise customers via device, network, and operating system vulnerabilities on mobile devices. Specifically, it reviews:
- Mobile device threat trends (1 of every 3 devices detect threats)
- Network attacks and rogue access points (66% of attacks are via networks)
- Cryptojacking and the impact on mobile devices
All information, data, and material contained, presented, or provided on is for educational purposes only.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners.
It is not to be construed or intended as providing legal advice.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners and are for educational purposes only.
17 U.S. Code § 107 - Limitations on exclusive rights: Fair use
Notwithstanding the provisions of sections 106 and 106A, the fair use of a copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified by that section, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.
When money is the at the top of the mind of
cybercriminals, where do they turn their heads to? The
Banking Sector. This SlideShare takes you through the top 5 cybersecurity risks that banks and other financial firms face today.
Welcome to the Threatsploit Report of covering some of the important cybersecurity events, incidents and exploits that occurred this month such as Application Security, Mobile App Security, Network Security, Website Security, API Security, Cloud Security, Host Level Security, Cyber Intelligence, Thick Client Security, Threat Vulnerability, Database Security, IOT Security, Wireless Security.
This mid-year 2018 report provides intelligence about how attackers are targeting enterprise customers via device, network, and operating system vulnerabilities on mobile devices. Specifically, it reviews:
- Mobile device threat trends (1 of every 3 devices detect threats)
- Network attacks and rogue access points (66% of attacks are via networks)
- Cryptojacking and the impact on mobile devices
All information, data, and material contained, presented, or provided on is for educational purposes only.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners.
It is not to be construed or intended as providing legal advice.
Company names mentioned herein are the property of, and may be trademarks of, their respective owners and are for educational purposes only.
17 U.S. Code § 107 - Limitations on exclusive rights: Fair use
Notwithstanding the provisions of sections 106 and 106A, the fair use of a copyrighted work, including such use by reproduction in copies or phonorecords or by any other means specified by that section, for purposes such as criticism, comment, news reporting, teaching (including multiple copies for classroom use), scholarship, or research, is not an infringement of copyright.
When money is the at the top of the mind of
cybercriminals, where do they turn their heads to? The
Banking Sector. This SlideShare takes you through the top 5 cybersecurity risks that banks and other financial firms face today.
The web can be a dangerous place. Software that has code defects, also known as vulnerabilities, pose serious risks to users – from the most casual Internet surfers to business owners.
A profile is an extremely sensitive optional configuration file which allows to re-define different system functionality parameters such as mobile carrier settings, Mobile Device Management (MDM) settings and networking settings. Through social engineering techniques such as email phishing or a fake URL, an attacker can convince a user to install a malicious profile and compromise the device settings to silently route network traffic from the device to a remote proxy over SSL using a self-signed certificate.
The impact:
Once the attacker has re-routed all traffic from the mobile device to their own server, they can begin to install other malicious apps and decrypt SSL communications.
Elektrik kesintisinden kredi kartı hırsızlığına, filmlerden dizilere; siber güvenlik başlığı haberler ve magazin gündeminde baş köşelere yerleşmeye başladı. Peki kurumlar ve devlet yönetimleri hangi alanlara odaklanmalı? Ya da bu başlığın tam adı ne olmalı ve kavram karmaşasına nasıl yaklaşmalıyız? Information Security Forum raporları ile son yıllarda Türkiye ve Dünya'daki kurumların gündeminde en ön sıralarda yer alan başlıklardan yola çıkarak hazırlanan bu sunumda, önümüzdeki yıllarda sadece siber güvenlik camiasının değil, kurum ve devlet yönetimlerinin de odaklanması gereken alanlara ışık tutulmaya çalışılacak.
This strategy brief outlines how the Microsoft Cyber Defense Operations Center (CDOC) brings together security experts and data scientists from across the company to form a unified and coordinated defense against the evolving threat landscape—to protect Microsoft’s cloud infrastructure and services, products and devices, and our Microsoft corporate resources.
In a confusing web world of "Like" buttons, tweets, Instagram'ing, and files being stored in clouds like Dropbox, organizations are challenged with how to protect the network, while not hindering business. To make matters worse, vendors are confusing the deployment methods by introducing On Premise Web Security Gateways, Cloud Web Security Gateways and Next Generation Firewalls.
The web can be a dangerous place. Software that has code defects, also known as vulnerabilities, pose serious risks to users – from the most casual Internet surfers to business owners.
A profile is an extremely sensitive optional configuration file which allows to re-define different system functionality parameters such as mobile carrier settings, Mobile Device Management (MDM) settings and networking settings. Through social engineering techniques such as email phishing or a fake URL, an attacker can convince a user to install a malicious profile and compromise the device settings to silently route network traffic from the device to a remote proxy over SSL using a self-signed certificate.
The impact:
Once the attacker has re-routed all traffic from the mobile device to their own server, they can begin to install other malicious apps and decrypt SSL communications.
Elektrik kesintisinden kredi kartı hırsızlığına, filmlerden dizilere; siber güvenlik başlığı haberler ve magazin gündeminde baş köşelere yerleşmeye başladı. Peki kurumlar ve devlet yönetimleri hangi alanlara odaklanmalı? Ya da bu başlığın tam adı ne olmalı ve kavram karmaşasına nasıl yaklaşmalıyız? Information Security Forum raporları ile son yıllarda Türkiye ve Dünya'daki kurumların gündeminde en ön sıralarda yer alan başlıklardan yola çıkarak hazırlanan bu sunumda, önümüzdeki yıllarda sadece siber güvenlik camiasının değil, kurum ve devlet yönetimlerinin de odaklanması gereken alanlara ışık tutulmaya çalışılacak.
This strategy brief outlines how the Microsoft Cyber Defense Operations Center (CDOC) brings together security experts and data scientists from across the company to form a unified and coordinated defense against the evolving threat landscape—to protect Microsoft’s cloud infrastructure and services, products and devices, and our Microsoft corporate resources.
In a confusing web world of "Like" buttons, tweets, Instagram'ing, and files being stored in clouds like Dropbox, organizations are challenged with how to protect the network, while not hindering business. To make matters worse, vendors are confusing the deployment methods by introducing On Premise Web Security Gateways, Cloud Web Security Gateways and Next Generation Firewalls.
Open Source Insight: Artifex Ruling, NY Cybersecurity Regs, PATCH Act, & Wan...Black Duck by Synopsys
This week’s news is dominated by fall-out and reaction from last week’s WannaCrypt/WannaCry attacks, of course, but other open source and cybersecurity stories you won’t want to miss, including an important open source ruling that confirms the enforceability of dual licensing, what New York’s new cybersecurity regulations mean for Financial Services and
the PATCH Act and the creation of a vulnerabilities equities process
Security weekly september 28 october 4, 2021 Roen Branham
Watch the full episode on Youtube: https://youtu.be/Tl3pVMaCN60
Security weekly september 28 october 4, 2021
We review the Cyber Security news events that happened from September 28 - October 4, 2021.
2014 information technology threat predictionsPrayukth K V
Infographic - 2014 will witness new attack vectors and evasion techniques. Threat innovation will focus on mobile, social and cloud platforms while advanced evasion techniques will plague network security systems...
The frequency and impact of cyber attacks have escalated cybersecurity to the top of Board agendas. Institutions are no longer asking if they are vulnerable to cyber attacks. Instead, the focus has shifted to how the attack might be executed, risks and impact. Most importantly, their organisational readiness and resilience to such threats.
Cyber Security Department
Graduation Project (407422)
Project Title Here ….
Submitted By:
Student Name
Student ID
Name 1
Id1
Term:
Date:
33 | Page
Table of Contents
1.Introduction5
2.Problem Statement5
3.Background5
4.Requirements and specification5
4.1.UserGroups5
4.2.Functional Requirements6
4.3.Non-Functional Requirements (NFRs)7
5.System Design10
5.1.
Solution
Concept10
5.2.Proposed System Architecture11
5.2.1Alternative 111
5.2.2Aternative 211
5.2.3etc11
5.2.4Production and Staging Environments13
5.3.Component Design13
5.3.1Hardware Components13
5.3.2Software Components13
5.3.2.1User Interface – Web client13
5.3.2.2.UseCaseDescription13
5.3.2.3.Back-End Database14
4.4.Design Evaluation15
6.Implementation16
6.1System Implemented Architecture16
6.1.1.Tier Two – Application Server and Web-Server16
6.1.1.1.The Web-Server16
<<if needed>>16
6.2Access Levels16
6.3System Services or Functionalities16
7.Testing, Analysis and Evaluation17
7.1Testing Methodology17
7.2System Analysis and Evaluation17
7.3Test Execution and Test Results17
7.3.1Integration Testing17
7.3.2Functional Testing17
7.4Examples on testing18
7.4.1Check password Strength18
<< this might be an example of testing password strength>>18
8.Issues, Engineering Tools and Standards18
8.1.Issues18
8.2.Engineering Tools and Standards18
9.Teamwork18
10.Conclusion20
10.1.Conclusion20
10.2.Future Work20
Appendix A: Test Plan21
Appendix B: Progress Report-Teamwork22
Appendix C- Attachments and Source Code24
References25
29 | Page
List of Figures
Figure 5 Use-Case Diagram12
Figure 7 High Level Implementation Architecture15
Figure 14 Security Domains Access Levels15
List of Tables
Table 1 User Groups5
Table 2 Non Functional Requirements7
Table 3 System Use Case Description12
Table 4 Comparing On-Cloud and On-Site Options14
Table 7 Team responsiblites, Contributions, and expertise18
1. Introduction
Systems and workstations that are running Microsoft Windows but have not been patched against the vulnerability that is known as "Eternal Blue" are susceptible to having their data stolen if the vulnerability has not been patched. A vulnerability is a fault in a computer system that, when exploited, could compromise the device's or system's level of security (Ding, et al., 2019). After the security flaw has been exploited, the hacker will be able to steal information, which will result in a data breach. The SMBv01 protocol that is utilized by Windows systems is the target of the vulnerability known as Eternal Blue.
Techniques such as heap spraying and buffers overrun are utilized throughout the attack in order to gain access to systems and devices that are powered by Windows operating systems. Notably, this vulnerability was exploited in the WannaCry ransomware attack that occurred in 2017, which encrypted the files of victims and demanded a ransom in order to decrypt the information. After it was initially launched, the attack would quickly spread to other systems, delivering co ...
A presentation made during the international Youth Exchange called Digital Danger and financed Erasmus+ Programme through Dům zahraniční spolupráce and the European Union
Similar to Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates (20)
Web application security is the idea of building websites to function as expected, even when they are under attack. The concept involves a collection of security controls engineered into a Web application to protect its assets from potentially malicious agents.
We completely secured the mobile application from OWASP common attack and performed vulnerability assessment by both automation and manual method to identifying the issues.
Welcome to the Threatsploit Report of November 2021 covering some of the important cybersecurity events, incidents and exploits that occurred this month.
In recent times, there’s been a lot of mass traction and crazy talk that is going about the digital currency community. Many of the leading Organizations are experimenting with Blockchain Technology.
Welcome to the world of 'network security' which is an unavoidable term in cyber security. This white paper of Network security encompasses the most significant and predominantly used networking security concepts which are highly important for maintaining your network environment secure.
More from Briskinfosec Technology and Consulting (10)
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
Welocme to ViralQR, your best QR code generator.ViralQR
Welcome to ViralQR, your best QR code generator available on the market!
At ViralQR, we design static and dynamic QR codes. Our mission is to make business operations easier and customer engagement more powerful through the use of QR technology. Be it a small-scale business or a huge enterprise, our easy-to-use platform provides multiple choices that can be tailored according to your company's branding and marketing strategies.
Our Vision
We are here to make the process of creating QR codes easy and smooth, thus enhancing customer interaction and making business more fluid. We very strongly believe in the ability of QR codes to change the world for businesses in their interaction with customers and are set on making that technology accessible and usable far and wide.
Our Achievements
Ever since its inception, we have successfully served many clients by offering QR codes in their marketing, service delivery, and collection of feedback across various industries. Our platform has been recognized for its ease of use and amazing features, which helped a business to make QR codes.
Our Services
At ViralQR, here is a comprehensive suite of services that caters to your very needs:
Static QR Codes: Create free static QR codes. These QR codes are able to store significant information such as URLs, vCards, plain text, emails and SMS, Wi-Fi credentials, and Bitcoin addresses.
Dynamic QR codes: These also have all the advanced features but are subscription-based. They can directly link to PDF files, images, micro-landing pages, social accounts, review forms, business pages, and applications. In addition, they can be branded with CTAs, frames, patterns, colors, and logos to enhance your branding.
Pricing and Packages
Additionally, there is a 14-day free offer to ViralQR, which is an exceptional opportunity for new users to take a feel of this platform. One can easily subscribe from there and experience the full dynamic of using QR codes. The subscription plans are not only meant for business; they are priced very flexibly so that literally every business could afford to benefit from our service.
Why choose us?
ViralQR will provide services for marketing, advertising, catering, retail, and the like. The QR codes can be posted on fliers, packaging, merchandise, and banners, as well as to substitute for cash and cards in a restaurant or coffee shop. With QR codes integrated into your business, improve customer engagement and streamline operations.
Comprehensive Analytics
Subscribers of ViralQR receive detailed analytics and tracking tools in light of having a view of the core values of QR code performance. Our analytics dashboard shows aggregate views and unique views, as well as detailed information about each impression, including time, device, browser, and estimated location by city and country.
So, thank you for choosing ViralQR; we have an offer of nothing but the best in terms of QR code services to meet business diversity!
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
2. INTRODUCTION
Welcome to the Threatsploit Report of July
2021 covering some of the important
cybersecurity events, incidents and exploits
that occurred this month. This month, the
cybersecurity sector witnessed a massive rise
in ransomware and data breach attacks across
geographies. Besides, many other attack types
were seen spiking during these recent months.
The primary reason is and has always been the
same….
"Employees and stakeholders have limited or
no perception or understanding of threats and
misplaced understanding of massive cyber
threats or consequences".
Since the time Work From Home (WFH) has
become the new normal, security incidents has
peaked with more and more issues relating to
VPNs and other remote connecting mediums.
WFH option has further limited the ability of IT
functions to apply software patches for both
old and new critical vulnerabilities, exposing
the information assets for hackers to exploit
and compromise. Let us walk you through
some of the important security incidents that
happened this month.
3. TYPES OF ATTACK VECTORS
The pie-chart indicates the percentage of malicious cyber-attacks
that exploited the information infrastructure and compromised the
security mechanisms across organisations from various business
verticals.
SECTORS AFFECTED BY ATTACKS
The pie-chart indicates the percentage of malicious cyber-attacks
that exploited the information infrastructure and compromised the
security mechanisms across organisations from various business
verticals.
Malware
21.4%
Ransomware
21.4%
Security Breach
21.4% Data Leak
17.9%
Other
17.9%
Health
10.7%
Education
3.6%
Technology
39.3%
Consumer
17.9%
Government
7.1%
Gaming
14.3%
T H R E A T S P L O I T J U L Y ' 2 1
4. Fujifilm confirms ransomware attack on systems in Japan
‘Nameless’ malware attacks 1.2TB database in the cloud
Facefish Backdoor delivers rootkits to Linux x64 systems
Google Researchers Discover A New Variant of Rowhammer Attack
DarkSide Pwned Colonial With Old VPN Password
Linux system service bug lets you get root on most modern distros
Hackers can exploit bugs in Samsung pre-installed apps to spy on
users
Google fixes sixth Chrome zero-day exploited in the wild this year
Alibaba suffers billion-item data leak of usernames and mobile
numbers
Wormable DarkRadiation Ransomware Targets Linux and Docker
Instances
Cisco ASA vulnerability actively exploited after exploit released
Over a billion records belonging to CVS Health exposed online
Agent Tesla RAT Returns in COVID-19 Vax Phish
REvil STrikes Again – Ransomware Attack on UnitingCare Queensland
Ursnif Leverages Cerberus to Automate Fraudulent Bank Transfers in
Italy
Spam Downpour Drips New IcedID Banking Trojan Variant
New ChaChi Trojan Targeting U.S. Schools
REvil ransomware hits US nuclear weapons contractor
Poland institutions and individuals targeted by an unprecedented
series of cyber attacks
TECHNOLOGY
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
HEALTH
1.
2.
3.
FINANCE
1.
2.
EDUCATION
1.
GOVERNMENT
1.
2.
LATEST THREAT ENTRIES
T H R E A T S P L O I T J U L Y ' 2 1
5. EA: Gaming giant hacked and source code stolen
Cyberpunk 2077 Hacked Data Circulating Online
Steam Gaming Platform Hosting Malware
Battle for the Galaxy: 6 Million Gamers Hit by Data Leak
Carnival discloses new data breach on email accounts
Audi, Volkswagen data breach affects 3.3 million customers
McDonald's discloses data breach after the theft of customer,
employee info
Foodservice supplier Edward Don hit by a ransomware attack
Amazon Web Services Misconfiguration Exposes Half a Million
Cosmetics Customers
SudoKiller
Paramspider
Tracy
PeePdf
Tidos Framework
h8mail
No one is immune to cyber attacks individuals or organisations of
any size
Misconguration and acccout takeovers are the biggest cloud threats
for every customers and vendors of the cloud
Cybersecurity is not an easy problem to solve for any business. Just
when one challenge has been met, another variable appears
Cloud Security And The Best Ways To Secure It From Breaches
Important Vulnerabilities And Smart Ways To Be Secured From Them
CRLF Injection Attack
GAMING
1.
2.
3.
4.
CONSUMER
1.
2.
3.
4.
5.
TOOL OF THE DAY
1.
2.
3.
4.
5.
6.
CYBER MONDAY
1.
2.
3.
BLOG OF THE MONTH
1.
2.
3.
T H R E A T S P L O I T J U L Y ' 2 1
6. Attack Type
Ransomware
Cause of Issue
Lack of Security
Type of Loss
Services
References
https://rb.gy/whl6oi
Fujifilm Corporation confirmed that the unauthorized access it
became aware of in the late evening on June 1 was in fact a
ransomware attack. In a statement, the company also said that the
impact of the unauthorized access was confined to a specific
network in Japan and that they had started to bring network, servers
and computers confirmed as safe back into operation. Fujifilm said
the company has been carrying out an investigation into the
incident with a task force that included external experts and had
reported the incident to the relevant government authorities and
police.
Fujifilm confirms ransomware attack on systems in Japan
'Nameless’ malware attacks 1.2TB database in the cloud
Researchers on June 9th said a so-called “nameless” undetected
malware stole a database in the cloud that contained some 1.2
terabytes of files, cookies, and credentials that came from 3.2 million
Windows-based computers. NordLocker said the virus escaped with
6 million files that it grabbed from desktop and downloads folders.
Screenshots made by the malware revealed that it spread via illegal
Adobe PhotoShop software, Windows cracking tools, and pirated
games. The malware also photographed the user if the device had a
webcam.
Attack Type
Malcious
Cause of Issue
Malware
Type of Loss
PII Data
References
https://rb.gy/ofujpi
CONSUMER TECH
T H R E A T S P L O I T J U L Y ' 2 1
Facefish Backdoor delivers rootkits to Linux x64 systems
Cybersecurity experts from Qihoo 360 NETLAB published details
about a new backdoor, dubbed Facefish, which can be used by
threat actors to steal login credentials and executing arbitrary
commands on Linux systems. Juniper researchers also analysed the
malware who observed the use of an exploit against the Control
Web Panel (CWP) server administration web application to inject
code via LD_PRELOAD and uses a custom, encrypted binary C2 to
exfiltrate credentials and control the machines.
Attack Type
Rootkit Backdoor
Cause of Issue
Malware
Type of Loss
Unknown
References
https://rb.gy/ftbvfe
B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
7. Attack Type
Security Exploit
Cause of Issue
Unknown
Type of Loss
DRAM Data
References
https://rb.gy/3gmvza
A team of security researchers from Google has demonstrated yet
another variant of the Rowhammer vulnerability that targets
increasingly smaller DRAM chips to bypass all current mitigations,
making it a persistent threat to chip security. Dubbed "Half-Double,"
the new hammering technique hinges on the weak coupling
between two memory rows that are not immediately adjacent to
each other but one row removed in an attempt to tamper with data
stored in memory and attack a system.
Google Researchers Discover A New Variant of Rowhammer
Attack
DarkSide Pwned Colonial With Old VPN Password
It took only one dusty, no-longer-used password for the DarkSide
cybercriminals to breach the network of Colonial Pipeline Co. last
month, resulting in a ransomware attack that caused significant
disruption and remains under investigation by the U.S. government
and cybersecurity experts. The news once again highlights the
importance of password security, as it comes on the heels of a
separate report that hackers leaked the largest password collection
to date – a 100 gigabyte file called “RockYou2021” containing 8.4
billion passwords – on a popular hacker forum earlier this week.
Attack Type
Ransomware
Cause of Issue
Security Breach
Type of Loss
PII Data
References
https://rb.gy/i1wwpc
T H R E A T S P L O I T J U L Y ' 2 1
Linux system service bug lets you get root on most modern
distros
Unprivileged attackers can get a root shell by exploiting an
authentication bypass vulnerability in the polkit auth system service
installed by default on many modern Linux distributions. The polkit
local privilege escalation bug (tracked as CVE-2021-3560) was
publicly disclosed, and a fix was released on June 3, 2021. Even
though many Linux distributions haven't shipped with the
vulnerable polkit version until recently, any Linux system shipping
with polkit 0.113 or later installed is exposed to attacks.
Attack Type
Authentication Bypass
Cause of Issue
Local Privilege CVE Bug
Type of Loss
Privileged Data
References
https://rb.gy/ftbvfe
Hackers can exploit bugs in Samsung pre-installed apps to spy
on users
Samsung is working on patching multiple vulnerabilities affecting its
mobile devices that could be used for spying or to take full control of
the system. The bugs are part of a larger set discovered and reported
responsibly by one security researcher through the company’s bug
bounty program. the hacker collected close to $30,000 since the
start of the year, for disclosing 14 issues. The other three
vulnerabilities are currently waiting to be patched. For seven of these
already patched bugs, which brought $20,690 in bounties, Toshin
provides technical details and proof-of-concept exploitation
instructions in a blog post.
Attack Type
CVE Findings
Cause of Issue
Lack of Security
Type of Loss
Unknown
References
https://rb.gy/cjfbrc
B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
8. Attack Type
Software Vulnerability
/Security Research
Cause of Issue
Zero-Day
Type of Loss
Unknown
References
https://rb.gy/wnozgm
Google has released Chrome 91.0.4472.101 for Windows, Mac, and
Linux to fix 14 security vulnerabilities, with one zero-day vulnerability
exploited in the wild and tracked as CVE-2021-30551. Few details
regarding the fixed zero-day vulnerability are currently available
other than that it is a type confusion bug in V8, Google's open-source
and C++ WebAssembly and JavaScript engine.
Google fixes sixth Chrome zero-day exploited in the wild this
year
Alibaba suffers billion-item data leak of usernames and mobile
numbers
Alibaba’s Chinese shopping operation Taobao has suffered a data
breach of over a billion data points including usernames and mobile
phone numbers. The info was lifted from the site by a crawler
developed by an affiliate marketer. Reports suggest that a developer
created a crawler that was able to reach beneath information
available to the human eye on Taobao. The crawler operated for
several months before Alibaba noticed the effort.
Attack Type
Data Leak
Cause of Issue
Security Breach
Type of Loss
PII Data
References
https://rb.gy/bdoaa5
T H R E A T S P L O I T J U L Y ' 2 1
Wormable DarkRadiation Ransomware Targets Linux and
Docker Instances
Cybersecurity researchers are sounding the alarm bell over a new
ransomware strain called "DarkRadiation" that's implemented
entirely in Bash and targets Linux and Docker cloud containers,
while banking on messaging service Telegram for command-and-
control (C2) communications. "The ransomware is written in Bash
script and targets Red Hat/CentOS and Debian Linux distributions,"
researchers from Trend Micro said in a report published last week.
"The malware uses OpenSSL's AES algorithm with CBC mode to
encrypt files in various directories. It also uses Telegram's API to send
an infection status to the threat actor(s)." The findings come from an
analysis of a collection of hacking tools hosted on the unidentified
threat actor's infrastructure in a directory called "api_attack."
Attack Type
Ransomware
Cause of Issue
Security Breach
Type of Loss
Unknown
References
https://rb.gy/dqzblb
Cisco ASA vulnerability actively exploited after exploit released
Hackers are scanning for and actively exploiting a vulnerability in
Cisco ASA devices after a PoC exploit was published on Twitter. This
Cisco ASA vulnerability is cross-site scripting (XSS) vulnerability that
is tracked as CVE-2020-3580. This vulnerability can allow an
unauthenticated threat actor to send targeted phishing emails or
malicious links to a user of a Cisco ASA device to execute JavaScript
commands in the user's browser.
Attack Type
Software Vulnerability
/Security Research
Cause of Issue
Lack of
Security Mechanisms
Type of Loss
Unknown
References
https://rb.gy/mqvw6x
B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
9. Attack Type
Data Leak
Cause of Issue
Security Breach
Type of Loss
Health Records
References
https://rb.gy/bdoaa5
On Thursday, WebsitePlanet, together with researcher Jeremiah
Fowler, revealed the discovery of an online database belonging to
CVS Health. The database was not password-protected and had no
form of authentication in place to prevent unauthorized entry. Upon
examining the database, the team found over one billion records
connected to the US healthcare and pharmaceutical giant, which
owns brands including CVS Pharmacy and Aetna. The database,
204GB in size, contained event and configuration data including
production records of visitor IDs, session IDs and more.
Over a billion records belonging to CVS Health exposed online
Agent Tesla RAT Returns in COVID-19 Vax Phish
The Agent Tesla remote access trojan (RAT) is scurrying around the
internet again, this time arriving via a phishing campaign that uses a
COVID-19 vaccination schedule as a lure. Spotted by researchers at
the Bitdefender Antispam Lab, the attackers are targeting Windows
machines using emails with malicious attachments. The body of the
mails take a business-email approach and ask recipients to review
an “issue” with vaccination registration. In the current spate of
attacks, the malicious attachment turns out to be a RTF document
that exploits the known Microsoft Office vulnerability tracked as
CVE-2017-11882, a remote code execution (RCE) bug stemming from
improper memory handling. Once opened, the document
downloads and executes Agent Tesla malware.
Attack Type
Trojan
Cause of Issue
Malware
Type of Loss
System Compromise
References
https://rb.gy/c5arxs
HEALTH
T H R E A T S P L O I T J U L Y ' 2 1
Attack Type
Ransomware
Cause of Issue
Security Breach
Type of Loss
Reputation
Data Loss
References
https://rb.gy/p5utm3
UnitingCare was a victim of malware called Sodinokibi/REvil which
encrypted its files and attempted to delete backups. The attack shut
down a range of UnitingCare’s core systems and forced its facilities
to revert to paper-based and manual workarounds to continue
operating. It’s been reported that the hospital and aged care
facilities have now managed to bring most of its applications and
systems back online. UnitingCare has confirmed that there was no
evidence that any patient’s health had been compromised by the
cyber incident. UnitingCare is continuing to work with the Australian
Cyber Security Centre and technical and forensic advisors to respond
to the attack.
REvil STrikes Again – Ransomware Attack on UnitingCare
Queensland
B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
10. Attack Type
Trojan
Mobile Malware
Cause of Issue
Malware Apps
Type of Loss
System Compromise
References
https://rb.gy/dqzblb
In a recent analysis, IBM security team found that an Ursnif (aka
Gozi) banking Trojan variant is being used in the wild to target
online banking users in Italy with mobile malware. Aside from the
Ursnif infection on the victim’s desktop, the malware tricks victims
into fetching a mobile app from a fake Google Play page and infects
their mobile device with the Cerberus Android malware. The
Cerberus malware component of the attack is used by Ursnif’s
operators to receive two-factor authentication codes sent by banks
to their users when account updates and money transfer
transactions are being confirmed in real-time. Cerberus also
possesses other features and can enable the attacker to obtain the
lock-screen code and remotely control the device.
Ursnif Leverages Cerberus to Automate Fraudulent Bank
Transfers in Italy
Spam Downpour Drips New IcedID Banking Trojan Variant
The primarily IcedID-flavored banking trojan spam campaigns were
coming in at a fever pitch: Spikes hit more than 100 detections a day.
Researchers have seen a new variant of the IcedID banking trojan
sliding in via two new spam campaigns. Written in English and
carrying. ZIP files full of the malware – or links to such ZIP files – the
new twist on the old banking trojan is a tweaked downloader, which
the threat actors moved from the initial x86 version to the latest: an
x86-64 version. They also ditched the fake command-and-control
(C2s) servers that were found in the earlier configuration and which
were likely there to complicate malware analysis, researchers said.
Most of the payloads the researchers collected were IcedID (Trojan-
Banker.Win32.IcedID), but they also came across a few samples of
the Qbot banking trojan (Backdoor.Win32.Qbot, aka QakBot).
Attack Type
Trojan
Cause of Issue
Malware Files
Type of Loss
PII Data
References
https://rb.gy/ujhzfd
FINANCE
T H R E A T S P L O I T J U L Y ' 2 1
EDUCATION
Attack Type
Trojan
Cause of Issue
Ransomware
Type of Loss
System Compromise
References
https://rb.gy/0yrwyz
BlackBerry Threat Research and Intelligence revealed that a new
ChaChi Trojan is being used as a critical component in executing
ransomware operations against U.S. schools. The new malware type
is capable of performing traditional RAT actions such as data
exfiltration, backdoor creation, and credential dumping from the
Windows Local Security Authority Subsystem Service (LSASS).
BlackBerry researchers believe the Trojan was created by
cybercriminal group PYSA/Mespinoza, which has been active since
2018.
New ChaChi Trojan Targeting U.S. Schools
B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
11. Attack Type
Ransomware
Cause of Issue
Lack of Security
Type of Loss
Data Loss
Reputation
References
https://rb.gy/r4zd2r
US nuclear weapons contractor Sol Oriens has suffered a cyberattack
allegedly at the hands of the REvil ransomware gang, which claims
to be auctioning data stolen during the attack. The REvil
ransomware operation listed companies whose data they were
auctioning off to the highest bidder. As proof that they stole data
during the attack, REvil published images of a hiring overview
document, payroll documents, and a wages report. As a way to
pressure Sol Oriens into paying the threat actor's extortion demands,
the ransomware gang threatened to share "relevant documentation
and data to other military agencies.
REvil ransomware hits US nuclear weapons contractor
Poland institutions and individuals targeted by an
unprecedented series of cyber attacks
Last week, hackers breached the private email account of Michal
Dworczyk, the head of the prime minister’s office and member of
the ruling Law and Justice party (PiS). The emails were later leaked
through the instant messaging system Telegram. The media
reported that the politicians targeted by the hackers used their
private Gmail accounts for communications, instead of using their
secure government accounts.
Attack Type
Cyber-Attacks
Cause of Issue
Unknown
Type of Loss
Data Loss
References
https://rb.gy/xdqi0b
GOVERNMENT
T H R E A T S P L O I T J U L Y ' 2 1
GAMING
Attack Type
Data Leak
Cause of Issue
Ransomware
Type of Loss
Data
References
https://rb.gy/g326lk
New data from the February hack of CD Projekt Red, the videogame-
development company behind Cyberpunk 2077 and The Witcher
series, is circulating online. Earlier this year, the company suffered a
ransomware attack in which a cyberattack group “gained access to
our internal network, collected certain data belonging to CD
PROJEKT Capital Group and left a ransom note,” the company said
at the time. The ransomware also encrypted the company’s systems,
but CD Projekt Red was able to restore everything from backup –
leaving the real issue to be the stolen data.
Cyberpunk 2077 Hacked Data Circulating Online
EA: Gaming giant hacked and source code stolen
The attackers claimed to have downloaded source code for games
such as FIFA 21 and for the proprietary Frostbite game engine used
as the base for many other high-profile games. News of the hack was
first reported by news site Vice, which said some 780GB of data was
stolen.
Attack Type
Security Breach
Cause of Issue
Lack of Security
Type of Loss
Data
References
https://rb.gy/gv6dpd
B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
12. Attack Type
Malware
Cause of Issue
Lack of Security
Type of Loss
Compromised Data
References
https://rb.gy/z30h70
Look out for SteamHide, an emerging malware that disguises itself
inside profile images on the gaming platform Steam, which
researchers think is being developed for a wide-scale campaign. The
Steam platform merely serves as a vehicle that hosts the malicious
file, according to research from G Data: “The heavy lifting in the
shape of downloading, unpacking and executing a malicious
payload fetched by the loader is handled by an external component,
which accesses the malicious profile image on one Steam profile.
This external payload can be distributed via crafted emails to
compromised websites.
Steam Gaming Platform Hosting Malware
Battle for the Galaxy: 6 Million Gamers Hit by Data Leak
Infosecurity has learned. AMT Games, which has produced a string of
mobile and social titles with tens of millions of downloads between
them, exposed 1.5TB of data via an Elasticsearch server. A research
team at reviews site WizCase found the trove, which contained 5.9
million player profiles, two million transactions, and 587,000
feedback messages. Profiles typically feature player IDs, usernames,
country, total money spent on the game, and Facebook, Apple or
Google account data if the user linked these with their game
account. The firm warned exposed users that their data might have
been picked up by opportunistic cyber-criminals searching for
misconfigured databases. Data on how much money individuals
have spent on the site could enable fraudsters to target the biggest
spenders, it added.
Attack Type
Data Leak
Cause of Issue
Lack of Security
Type of Loss
PII Data
References
https://rb.gy/xdqi0b
T H R E A T S P L O I T J U L Y ' 2 1
Attack Type
Security Breach
Cause of Issue
Lack of Security
Type of Loss
PII Data
Reputation
References
https://rb.gy/3npsov
Carnival Corporation – which has been plagued by cyberattacks over
the past few years – issued a breach disclosure on June 17th
confirming hackers attacked email accounts and gained access to
data about its customers and employees. The data accessed
included names, addresses, phone numbers, passport numbers,
dates of birth, health information, and, in some limited instances,
additional personal information like social security or national
identification numbers.According to Carnival, the impacted
information includes “data routinely collected during the guest
experience and travel booking process or through the course of
employment or providing services to the company, including COVID
or other safety testing.”
Carnival discloses new data breach on email accounts
CONSUMER
B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
13. Attack Type
Security Breach
Cause of Issue
Lack of Security
Type of Loss
Data Loss
References
https://rb.gy/rbfllp
Audi and Volkswagen have suffered a data breach affecting 3.3
million customers after a vendor exposed unsecured data on the
Internet.VWGoA states that the breach involved 3.3 million
customers, with over 97% of those affected relating to Audi
customers and interested buyers. The data exposed varies per
customer but could range from contact information to more
sensitive information such as social security numbers and loan
numbers.
Audi, Volkswagen data breach affects 3.3 million customers
McDonald's discloses data breach after the theft of customer,
employee info
McDonald's, the largest fast-food chain globally, has disclosed a data
breach after hackers breached its systems and stole information
belonging to customers and employees from the US, South Korea,
and Taiwan. The threat actors also stole personal information
(including names, emails, phone numbers, and addresses) from
customers in South Korea and Taiwan. However, the number of
customer documents exposed in the incident was small, and the
breach did not impact customers' payment info in any way.
Attack Type
Security Breach
Cause of Issue
Lack of Security
Type of Loss
Data Loss
Reputation
References
https://rb.gy/xcg2by
T H R E A T S P L O I T J U L Y ' 2 1
Attack Type
Ransomware
Cause of Issue
Lack of Security
Type of Loss
Reputation
Data Loss
References
https://rb.gy/8werqm
New data from the February hack of CD Projekt Red, the videogame-
development company behind Cyberpunk 2077 and The Witcher
series, is circulating online. Earlier this year, the company suffered a
ransomware attack in which a cyberattack group “gained access to
our internal network, collected certain data belonging to CD
PROJEKT Capital Group and left a ransom note,” the company said
at the time. The ransomware also encrypted the company’s systems,
but CD Projekt Red was able to restore everything from backup –
leaving the real issue to be the stolen data.
Foodservice supplier Edward Don hit by a ransomware attack
Amazon Web Services Misconfiguration Exposes Half a Million
Cosmetics Customers
Hundreds of thousands of retail customers had their personal data
exposed thanks to a misconfigured cloud storage account,
Infosecurity has learned. A research team at reviews site WizCase
traced the leaky Amazon S3 bucket to popular Turkish beauty
products firm Cosmolog Kozmetik. The 20GB trove contained
around 9500 files, including thousands of Excel files which exposed
the personal information of 567,000 unique users who bought items
from the provider across multiple e-commerce platforms.
Attack Type
Data Leak
Cause of Issue
Lack of Security
Type of Loss
PII Data
References
https://rb.gy/jbb8oy
B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
14. A pen-testing tool designed to assist
with finding all sinks and sources of a
web application and display these
results in a digestible manner. Tracy
should be used during the mapping-
the-application phase of the pentest to
identify sources of input and their
corresponding outputs. Tracy can use
this data to intelligently find vulnerable
instances of XSS, especially with web
applications that use lots of JavaScript.
ParamSpider a parameter discovery
suite.It finds parameters from web
archives of the entered domain as well
as from its subdomain without
interacting the target host.It gives
support to exclude urls with specific
extensions.
SUDO_KILLER is a tool that can be
used for privilege escalation on a Linux
environment by abusing SUDO in
several ways. The tool helps to identify
misconfiguration within sudo rules,
vulnerability within the version of sudo
being used (CVEs and vulns) and the
use of dangerous binary, all of these
could be abused to elevate privilege to
ROOT.
SudoKIller
ParamSpider
Tracy
TOOL OF THE DAY
T H R E A T S P L O I T J U L Y ' 2 1
B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
15. h8mail is a tool for finding
compromised email addresses and
their passwords from these data
breaches. When combined this tool
with others such as TheHarvester or the
crosslinked tool, you can harvest email
addresses from an organization and
then test to see if they have been
compromised.
Tidos Framework is an open-source
toolkit that performs all the major
penetration testing tasks, such as
reconnaissance,scanning, enumeration,
and vulnerabilities analysis. All the
tasks are performed in phases using
the built-in modules. The total number
of modules exceeds 100, with the
majority used for reconnaissance and
vulnerability analysis.
peepdf is a Python tool to explore PDF
files in order to find out if the file can
be harmful or not. The aim of this tool
is to provide all the necessary
components that a security researcher
could need in a PDF analysis without
using 3 or 4 tools to make all the tasks.
With peepdf it's possible to see all the
objects in the document showing the
suspicious elements, supports all the
most used filters and encodings, it can
parse different versions of a file, object
streams and encrypted files.
PeePDF
Tidos Framework
h8mail
T H R E A T S P L O I T J U L Y ' 2 1
B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
16. CYBER MONDAY
T H R E A T S P L O I T J U L Y ' 2 1
No one is immune to cyber attacks
individuals or organisations of any size
Misconfiguration and account takeovers
are the biggest cloud threats for every
customers and vendors of the cloud
Cybersecurity is not an easy problem to
solve for any business. Just when one
challenge has been met, another
variable appears
Individuals and enterprises of all sizes, from
small to large, have begun to establish an
online presence. At this time, it is natural to
conclude that cyber-attacks on any
organization/individual are almost
inevitable. To avert the very worst, the
wisest choice to do is to maintain strict
security measures for the sake of the
business.
Misconfigurations and account takeovers
have become increasingly common in
recent years. This is due to the fact that
hackers have focused their attacks on
mostly account takeover attacks. Hackers
are also well-versed in how to approach a
target differently due to weaknesses in
typical configurations. As a result,
companies must approach security from a
variety of viewpoints.
The majority of corporations are well aware
of the shortcomings in the security
procedures in place. Similarly, hackers are
well aware of these issues and focus on
chaining many medium level
vulnerabilities in order to exploit a
high/critical level vulnerability. It is nearly
difficult to solve security concerns in a
single attempt, however maintaining
existing security measures can aid in the
protection of one's digital assets.
B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
17. CRLF injection is carried out by an attacker
by just simply inserting the carriage return
line feed in the user input area to deceive
the server or a web application, thus
making them think that an object is
terminated and another new object has
been started. Reasons for CRLF injection:
This vulnerability arises very commonly in
the HTTP request of a web application that
accepts the user-supplied input from an
untrusted source, without being properly
validated for malicious character (CRLF).
In this digital era, organizations are
building their infrastructures and running
their services in the cloud environment.
When it comes to security, the danger is no
stranger here due to its public accessibility.
Over the recent years, the usage of cloud
services had catapulted and plenty of
information is being stored in the cloud
environment. But parallelly, cloud-based
cyberattacks have also increased.
Cloud Security And The Best Ways To
Secure It From Breaches
Important Vulnerabilities And Smart
Ways To Be Secured From Them
BLOG OF THE MONTH
In Cybersecurity, despite a large number of
new applications and advanced software,
the number of vulnerabilities continues to
increase. Security advancements are
indeed stunning but fail to be on the
winning side against security
vulnerabilities, with the below facts
testifying it.
CRLF Injection Attack
T H R E A T S P L O I T J U L Y ' 2 1
B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
18. CONCLUSION
According to an article, online threats has
risen by as much as six times their usual
levels recently as the Covid 19 pandemic
provided greater scope for cyber attacks.
All the attacks mentioned above - their
types, the financial and reputation
impacts they have caused to
organizations, the loopholes that paved
way for such attacks invariably causing
disaster to organizations - are just like a
drop in an ocean. There are more
unreported than that meets the eye.
Millions of organizations and individuals
have clicked those links and have fallen
victims to these baits of hackers. The
most obvious reason being ‘lack of
awareness. Well, as the saying goes,
"Prevention is better than Cure" - be it
COVID-19 or Cyber threats.
Briskinfosec is ready to help you in your
journey to protect your information
infrastructure and assets. We assure you
that we will help you to keep your data
safe and also give you clear information
on your company’s current status and
what are the steps needed to be taken to
stay away from any kind of cyber attack.
19. B R I K S I N F O S E C | T H R E A T S P L O I T A D V E R S A R Y R E P O R T - J U L Y 2 0 2 1
CONTACT US FOR ALL
YOUR CYBERSECURITY
NEEDS
Briskinfosec
Technology and
Consulting Pvt
LtdChennai, india.
Ph - +91 860 863 4123
www.briskinfosec.com
contact@briskinfosec.com