SlideShare a Scribd company logo

Null pune 1st March-news bytes

Download as PPTX, PDF
n|u - The Open Security Community
n|u - The Open Security Community

The document provides a summary of recent cybersecurity news stories: - Support for Windows XP will end in April 2014, though some ATMs will have until 2016 due to a special embedded version of XP. - An Israeli startup called SlickLogin uses sounds from smartphones for identity verification as a password replacement or two-factor authentication. - Hackers accessed a HVAC company's system to breach Target and steal credit card info from 40 million customers between November and December 2013. - The search engine Shodan now has a map feature to browse internet-connected devices, finding over 500 million per month.

Technology
1 of 12
Security NEWS Bytes Bhavna Kulshrestha
 From April 8 2014, technical assistance for Windows XP will no longer be available, including automatic updates.  2.2 million ATMs worldwide, 95% of them still using Win XP.  A bit of a reprieve: ATMs using Windows XP Embedded, support lasts until early 2016. Support is ending soon!!
 An Israeli security startup that uses smartphones & high-frequency sounds for identity verification.  A password replacement or Two- Factor authentication layer on top of traditional password.  The Idea : Visit SlickLogin enabled site, tap login button, hold your phone close to laptop & Your IN..!!!  How it works: Uses protocols to verify your phone’s position (Wi-Fi, NFC, GPS, Bluetooth) SlickLogin joins Google
 Entry into the system was through a refrigeration, heating & cooling company in Pennsylvania.  Large retail operations have a team that routinely monitors energy consumption & temperatures in stores to save on costs.  To support this solution, vendors need to be able to remote into the system .  Target estimates say that the breach exposed approx 40 million debit and credit card accounts between Nov. 27 & Dec. 15, 2013. “Target” Hackers broke in through HVAC Vendor
 Sentient Hyper-Optimized Data Access Network, is the "Google for hackers."  A search engine for servers, routers, load balancers, PCs & collects info on over 500 million devices every month.  Identifies by scanning the Internet for ports typically associated with HTTP, FTP, SSH and Telnet.  A new way to browse the Shodan in the form of an add-on: “Shodan Maps." Scariest Search Engine on the Internet Just Got Scarier…
 Tinder connects to Facebook profiles & offers matches based on proximity  A vulnerability allowed the attacker to potentially pinpoint the exact location to within 100 feet.  Using GPS data collected by Smartphone, one could determine a user’s location (latitude, longitude) simply by entering a member's Tinder identification number. Tinder App Allowed Users to Precisely Locate Others
 Brought key decision makers and thought leaders from the industry and government.  Well known for its speakers & talks where new vulnerabilities are responsibly disclosed along with their prevention mechanisms.  Highlights of Nullcon 2014 include: Nullcon BlackShield, Nullcon Ammo, Nullcon 2014 Exhibition, Nullcon Job Fair, Nullcon Training India's most popular security conference returns for the fifth year
 Two security researchers developed a home-made gadget called 'CAN Hacking Tools (CHT)’  Capable to give away the entire control of your car to an attacker from windows & headlights to its steering & brakes.  Device uses the Controller Area Network (CAN) ports that are built into cars for computer-system checks.  Injecting a malicious code to CAN ports allows to send wireless commands remotely from a computer. Hacking a Car remotely with iPhone sized Device
 Security researchers at the University of Liverpool, Britain have demonstrated a WiFi virus that can spread between computer networks.  Named as 'Chameleon', it self-propagates over WiFi networks from AP to AP but doesn’t affect working of AP.  POC: Replaces the firmware of the vulnerable (AP) with a virus-loaded version  Propagates to next victim in network  Research shows that this kind of attack is undetectable to any Antivirus and Wireless Intrusion Detection System (IDS).  However, this is created for demo purpose in research lab only. Chameleon virus that spreads across Wi-Fi APs
 Hacker gained access to thousands of passports of law enforcement and military officials.  EC-Council says its servers have not been compromised.  Domain redirection was done at the DNS Registrar & traffic was re-routed from Authentic EC-Council Servers to a Host in Finland known for hosting other illegal websites. EC-Council Web Site Hacked, Defaced
3 Lakh Android devices infected by Premium SMS sending malware  Panda Labs has identified malicious Android apps that sign up users for Premium SMS services without their permission.  Four malicious apps found free in the app store : "Easy Hairdos", "Abs Diets", "Workout Routines" and "Cupcake Recipes”.  App gets phone number of the device, connects to a webpage and registers to premium service.  Average scammed user gets charged $20 by these apps & around 300,000 plus users downloaded them. Scammers have made $6 million from unsuspecting users.
Thank You..!!

Recommended

10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malwareSytelReplyUK
 
Security News bytes October 2013
Security News bytes October 2013Security News bytes October 2013
Security News bytes October 2013n|u - The Open Security Community
 
Infographic: The High Cost of BYOD
Infographic: The High Cost of BYODInfographic: The High Cost of BYOD
Infographic: The High Cost of BYODTrustwave
 
Spy android malware - eScan
Spy android malware - eScanSpy android malware - eScan
Spy android malware - eScanMicroWorld Software Services Pvt Ltd
 
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Vikalp Sharma
 
Tips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android DevicesTips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android DevicesQuick Heal Technologies Ltd.
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingShivamSharma909
 
The state of mobile app security
The state of mobile app security The state of mobile app security
The state of mobile app security Mahima Anand Sharma
 

Recommended

10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malware10940 img sytr12_mobile_malware
10940 img sytr12_mobile_malwareSytelReplyUK
 
Security News bytes October 2013
Security News bytes October 2013Security News bytes October 2013
Security News bytes October 2013n|u - The Open Security Community
 
Infographic: The High Cost of BYOD
Infographic: The High Cost of BYODInfographic: The High Cost of BYOD
Infographic: The High Cost of BYODTrustwave
 
Spy android malware - eScan
Spy android malware - eScanSpy android malware - eScan
Spy android malware - eScanMicroWorld Software Services Pvt Ltd
 
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020
Trylogic- Cyber security by Vikalp Sharma- FDP Presentation July 9 2020Vikalp Sharma
 
Tips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android DevicesTips and Tricks on Securing your Android Devices
Tips and Tricks on Securing your Android DevicesQuick Heal Technologies Ltd.
 
Domain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingDomain 5 of the CEH: Web Application Hacking
Domain 5 of the CEH: Web Application HackingShivamSharma909
 
The state of mobile app security
The state of mobile app security The state of mobile app security
The state of mobile app security Mahima Anand Sharma
 
Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingShivamSharma909
 
Top 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOSTop 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOSInnovation Network Technologies: InNet
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeRamrao Desai
 
Mobile security mobile malware countermeasure academic csirt
Mobile security mobile malware countermeasure academic csirtMobile security mobile malware countermeasure academic csirt
Mobile security mobile malware countermeasure academic csirtIGN MANTRA
 
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureI.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureIndonesia Honeynet Chapter
 
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...Michael Thelander
 
Techvorm com-android-security-issues-solutions
Techvorm com-android-security-issues-solutionsTechvorm com-android-security-issues-solutions
Techvorm com-android-security-issues-solutionsSaad Ahmad
 
Rajan Raj Pant
Rajan Raj PantRajan Raj Pant
Rajan Raj Panteletseditorial
 
2012 nq mobile_security_report
2012 nq mobile_security_report2012 nq mobile_security_report
2012 nq mobile_security_reportIsnur Rochmad
 
Ijiret siri-hp-a-remote-phone-access-for-smartphone-events
Ijiret siri-hp-a-remote-phone-access-for-smartphone-eventsIjiret siri-hp-a-remote-phone-access-for-smartphone-events
Ijiret siri-hp-a-remote-phone-access-for-smartphone-eventsIJIR JOURNALS IJIRUSA
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaAnjoum .
 
Report of android hacking
Report of android hackingReport of android hacking
Report of android hackingdiv2345
 
Antikeylogger
AntikeyloggerAntikeylogger
AntikeyloggerKartikey Mishra
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012hemantchaskar
 
Smartphone Smart Card 061013
Smartphone Smart Card 061013Smartphone Smart Card 061013
Smartphone Smart Card 061013McAlester Army Ammunition Plant
 
4 mobile security threats companies must look out for
4 mobile security threats companies must look out for4 mobile security threats companies must look out for
4 mobile security threats companies must look out forHouse of IT
 
Malware detection techniques for mobile devices
Malware detection techniques for mobile devicesMalware detection techniques for mobile devices
Malware detection techniques for mobile devicesijmnct
 
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESMALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESijmnct
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device securityCAS
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-historyAnatoliy Tkachev
 
Security bytes - null mumbai
Security bytes - null mumbaiSecurity bytes - null mumbai
Security bytes - null mumbain|u - The Open Security Community
 
Security News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreSecurity News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreInMobi Technology
 

More Related Content

What's hot

Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingShivamSharma909
 
Mobile security mobile malware countermeasure academic csirt
Mobile security mobile malware countermeasure academic csirtMobile security mobile malware countermeasure academic csirt
Mobile security mobile malware countermeasure academic csirtIGN MANTRA
 
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureI.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureIndonesia Honeynet Chapter
 
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...Michael Thelander
 
Techvorm com-android-security-issues-solutions
Techvorm com-android-security-issues-solutionsTechvorm com-android-security-issues-solutions
Techvorm com-android-security-issues-solutionsSaad Ahmad
 
2012 nq mobile_security_report
2012 nq mobile_security_report2012 nq mobile_security_report
2012 nq mobile_security_reportIsnur Rochmad
 
Ijiret siri-hp-a-remote-phone-access-for-smartphone-events
Ijiret siri-hp-a-remote-phone-access-for-smartphone-eventsIjiret siri-hp-a-remote-phone-access-for-smartphone-events
Ijiret siri-hp-a-remote-phone-access-for-smartphone-eventsIJIR JOURNALS IJIRUSA
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaAnjoum .
 
Report of android hacking
Report of android hackingReport of android hacking
Report of android hackingdiv2345
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012hemantchaskar
 
4 mobile security threats companies must look out for
4 mobile security threats companies must look out for4 mobile security threats companies must look out for
4 mobile security threats companies must look out forHouse of IT
 
Malware detection techniques for mobile devices
Malware detection techniques for mobile devicesMalware detection techniques for mobile devices
Malware detection techniques for mobile devicesijmnct
 
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESMALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESijmnct
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device securityCAS
 

What's hot (20)

Domain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter HackingDomain 4 of CEH V11: Network and Perimeter Hacking
Domain 4 of CEH V11: Network and Perimeter Hacking
 
Top 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOSTop 6-Security-Threats-on-iOS
Top 6-Security-Threats-on-iOS
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Mobile security mobile malware countermeasure academic csirt
Mobile security mobile malware countermeasure academic csirtMobile security mobile malware countermeasure academic csirt
Mobile security mobile malware countermeasure academic csirt
 
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and CountermeasureI.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
I.G.N. Mantra - Mobile Security, Mobile Malware,and Countermeasure
 
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
Gartner IAM Summit 2017 | Critical Insight: How Device Insight Drives Dynami...
 
Techvorm com-android-security-issues-solutions
Techvorm com-android-security-issues-solutionsTechvorm com-android-security-issues-solutions
Techvorm com-android-security-issues-solutions
 
Rajan Raj Pant
Rajan Raj PantRajan Raj Pant
Rajan Raj Pant
 
2012 nq mobile_security_report
2012 nq mobile_security_report2012 nq mobile_security_report
2012 nq mobile_security_report
 
Ijiret siri-hp-a-remote-phone-access-for-smartphone-events
Ijiret siri-hp-a-remote-phone-access-for-smartphone-eventsIjiret siri-hp-a-remote-phone-access-for-smartphone-events
Ijiret siri-hp-a-remote-phone-access-for-smartphone-events
 
Evolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wanderaEvolutionand impactofhiddenmobilethreats wandera
Evolutionand impactofhiddenmobilethreats wandera
 
Report of android hacking
Report of android hackingReport of android hacking
Report of android hacking
 
Antikeylogger
AntikeyloggerAntikeylogger
Antikeylogger
 
How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012How BYOD Will Shape Wireless Network Security in 2012
How BYOD Will Shape Wireless Network Security in 2012
 
Smartphone Smart Card 061013
Smartphone Smart Card 061013Smartphone Smart Card 061013
Smartphone Smart Card 061013
 
4 mobile security threats companies must look out for
4 mobile security threats companies must look out for4 mobile security threats companies must look out for
4 mobile security threats companies must look out for
 
Malware detection techniques for mobile devices
Malware detection techniques for mobile devicesMalware detection techniques for mobile devices
Malware detection techniques for mobile devices
 
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICESMALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
MALWARE DETECTION TECHNIQUES FOR MOBILE DEVICES
 
Smart phone and mobile device security
Smart phone and mobile device securitySmart phone and mobile device security
Smart phone and mobile device security
 
Rpt repeating-history
Rpt repeating-historyRpt repeating-history
Rpt repeating-history
 

Viewers also liked

Security News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreSecurity News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreInMobi Technology
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseLancope, Inc.
 

Viewers also liked (6)

Security bytes - null mumbai
Security bytes - null mumbaiSecurity bytes - null mumbai
Security bytes - null mumbai
 
Security News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet BangaloreSecurity News Bytes Null Dec Meet Bangalore
Security News Bytes Null Dec Meet Bangalore
 
The Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident ResponseThe Seven Deadly Sins of Incident Response
The Seven Deadly Sins of Incident Response
 
Attacking VPN's
Attacking VPN'sAttacking VPN's
Attacking VPN's
 
Identifying XSS Vulnerabilities
Identifying XSS VulnerabilitiesIdentifying XSS Vulnerabilities
Identifying XSS Vulnerabilities
 
Newbytes NullHyd
Newbytes NullHydNewbytes NullHyd
Newbytes NullHyd
 

Similar to Null pune 1st March-news bytes

Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...Denis Gorchakov
 
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014EMC
 
8 threats that even antivirus cannot catch
8 threats that even antivirus cannot catch8 threats that even antivirus cannot catch
8 threats that even antivirus cannot catchiYogi
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2SHOLOVE INTERNATIONAL LLC
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?Tyler Shields
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec Technology and Consulting
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCMicrosoft Asia
 
I haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaperI haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaperHarsimran Walia
 
DISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptx
DISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptxDISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptx
DISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptxmahendrarm2112
 
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...Black Duck by Synopsys
 
A Study on Modern Methods for Detecting Mobile Malware
A Study on Modern Methods for Detecting Mobile MalwareA Study on Modern Methods for Detecting Mobile Malware
A Study on Modern Methods for Detecting Mobile MalwareIRJET Journal
 
Mobile Malwares Analysis - Garvit Arya
Mobile Malwares Analysis - Garvit AryaMobile Malwares Analysis - Garvit Arya
Mobile Malwares Analysis - Garvit AryaGarvit Arya
 
Ce hv8 module 17 evading ids, firewalls, and honeypots
Ce hv8 module 17 evading ids, firewalls, and honeypotsCe hv8 module 17 evading ids, firewalls, and honeypots
Ce hv8 module 17 evading ids, firewalls, and honeypotsMehrdad Jingoism
 
beware of Thing Bot
beware of Thing Botbeware of Thing Bot
beware of Thing BotBellaj Badr
 

Similar to Null pune 1st March-news bytes (20)

Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
Countering mobile malware in CSP’s network. Android honeypot as anti-fraud so...
 
Trojan horseofbyod2
Trojan horseofbyod2Trojan horseofbyod2
Trojan horseofbyod2
 
Smartphone
SmartphoneSmartphone
Smartphone
 
RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014RSA Monthly Online Fraud Report -- February 2014
RSA Monthly Online Fraud Report -- February 2014
 
8 threats that even antivirus cannot catch
8 threats that even antivirus cannot catch8 threats that even antivirus cannot catch
8 threats that even antivirus cannot catch
 
HinDroid
HinDroidHinDroid
HinDroid
 
Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2Sholove cyren web security - technical datasheet2
Sholove cyren web security - technical datasheet2
 
Computer and network security
Computer and network securityComputer and network security
Computer and network security
 
IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?IQT 2010 - The App Does That!?
IQT 2010 - The App Does That!?
 
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updatesBriskinfosec - Threatsploit Report Augest 2021- Cyber security updates
Briskinfosec - Threatsploit Report Augest 2021- Cyber security updates
 
A Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDCA Joint Study by National University of Singapore and IDC
A Joint Study by National University of Singapore and IDC
 
I haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaperI haz you and pwn your maal whitepaper
I haz you and pwn your maal whitepaper
 
IBM Xforce Q4 2014
IBM Xforce Q4 2014IBM Xforce Q4 2014
IBM Xforce Q4 2014
 
DISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptx
DISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptxDISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptx
DISCOVERING PUBLIC Wi-Fi VULNERABILITIES USING RASBERRY PI AND.pptx
 
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...
Open Source Insight: Hospital, Medical Devices, Banking, and Automotive Cyber...
 
A Study on Modern Methods for Detecting Mobile Malware
A Study on Modern Methods for Detecting Mobile MalwareA Study on Modern Methods for Detecting Mobile Malware
A Study on Modern Methods for Detecting Mobile Malware
 
News bytes Sept-2011
News bytes Sept-2011News bytes Sept-2011
News bytes Sept-2011
 
Mobile Malwares Analysis - Garvit Arya
Mobile Malwares Analysis - Garvit AryaMobile Malwares Analysis - Garvit Arya
Mobile Malwares Analysis - Garvit Arya
 
Ce hv8 module 17 evading ids, firewalls, and honeypots
Ce hv8 module 17 evading ids, firewalls, and honeypotsCe hv8 module 17 evading ids, firewalls, and honeypots
Ce hv8 module 17 evading ids, firewalls, and honeypots
 
beware of Thing Bot
beware of Thing Botbeware of Thing Bot
beware of Thing Bot
 

More from n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

More from n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Introduction to TLS 1.3
Introduction to TLS 1.3Introduction to TLS 1.3
Introduction to TLS 1.3
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 

Recently uploaded

FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 

Recently uploaded (20)

FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 

Null pune 1st March-news bytes

  • 2.  From April 8 2014, technical assistance for Windows XP will no longer be available, including automatic updates.  2.2 million ATMs worldwide, 95% of them still using Win XP.  A bit of a reprieve: ATMs using Windows XP Embedded, support lasts until early 2016. Support is ending soon!!
  • 3.  An Israeli security startup that uses smartphones & high-frequency sounds for identity verification.  A password replacement or Two- Factor authentication layer on top of traditional password.  The Idea : Visit SlickLogin enabled site, tap login button, hold your phone close to laptop & Your IN..!!!  How it works: Uses protocols to verify your phone’s position (Wi-Fi, NFC, GPS, Bluetooth) SlickLogin joins Google
  • 4.  Entry into the system was through a refrigeration, heating & cooling company in Pennsylvania.  Large retail operations have a team that routinely monitors energy consumption & temperatures in stores to save on costs.  To support this solution, vendors need to be able to remote into the system .  Target estimates say that the breach exposed approx 40 million debit and credit card accounts between Nov. 27 & Dec. 15, 2013. “Target” Hackers broke in through HVAC Vendor
  • 5.  Sentient Hyper-Optimized Data Access Network, is the "Google for hackers."  A search engine for servers, routers, load balancers, PCs & collects info on over 500 million devices every month.  Identifies by scanning the Internet for ports typically associated with HTTP, FTP, SSH and Telnet.  A new way to browse the Shodan in the form of an add-on: “Shodan Maps." Scariest Search Engine on the Internet Just Got Scarier…
  • 6.  Tinder connects to Facebook profiles & offers matches based on proximity  A vulnerability allowed the attacker to potentially pinpoint the exact location to within 100 feet.  Using GPS data collected by Smartphone, one could determine a user’s location (latitude, longitude) simply by entering a member's Tinder identification number. Tinder App Allowed Users to Precisely Locate Others
  • 7.  Brought key decision makers and thought leaders from the industry and government.  Well known for its speakers & talks where new vulnerabilities are responsibly disclosed along with their prevention mechanisms.  Highlights of Nullcon 2014 include: Nullcon BlackShield, Nullcon Ammo, Nullcon 2014 Exhibition, Nullcon Job Fair, Nullcon Training India's most popular security conference returns for the fifth year
  • 8.  Two security researchers developed a home-made gadget called 'CAN Hacking Tools (CHT)’  Capable to give away the entire control of your car to an attacker from windows & headlights to its steering & brakes.  Device uses the Controller Area Network (CAN) ports that are built into cars for computer-system checks.  Injecting a malicious code to CAN ports allows to send wireless commands remotely from a computer. Hacking a Car remotely with iPhone sized Device
  • 9.  Security researchers at the University of Liverpool, Britain have demonstrated a WiFi virus that can spread between computer networks.  Named as 'Chameleon', it self-propagates over WiFi networks from AP to AP but doesn’t affect working of AP.  POC: Replaces the firmware of the vulnerable (AP) with a virus-loaded version  Propagates to next victim in network  Research shows that this kind of attack is undetectable to any Antivirus and Wireless Intrusion Detection System (IDS).  However, this is created for demo purpose in research lab only. Chameleon virus that spreads across Wi-Fi APs
  • 10.  Hacker gained access to thousands of passports of law enforcement and military officials.  EC-Council says its servers have not been compromised.  Domain redirection was done at the DNS Registrar & traffic was re-routed from Authentic EC-Council Servers to a Host in Finland known for hosting other illegal websites. EC-Council Web Site Hacked, Defaced
  • 11. 3 Lakh Android devices infected by Premium SMS sending malware  Panda Labs has identified malicious Android apps that sign up users for Premium SMS services without their permission.  Four malicious apps found free in the app store : "Easy Hairdos", "Abs Diets", "Workout Routines" and "Cupcake Recipes”.  App gets phone number of the device, connects to a webpage and registers to premium service.  Average scammed user gets charged $20 by these apps & around 300,000 plus users downloaded them. Scammers have made $6 million from unsuspecting users.