Recommended
More Related Content
Similar to Security News Bytes June 2014
Similar to Security News Bytes June 2014 (20)
Recently uploaded
Recently uploaded (9)
Security News Bytes June 2014
- 1. SECURITY NEWS BYTES Nishanth Kumar n|u Bangalore chapter Lead N |U M O N T H LY M E E T 14 Jun 2014
- 2. !!!! DISCLAIMER !!!! • The information contained in this presentation does not break any intellectual property, nor does it provide detailed information that may be in conflict with any laws (hopefully...) :) • Registered brands belong to their legitimate owners. • The opinion here represented are my personal ones and do not necessary reflect my employers views. 14 Jun 2014
- 3. HEADLINES • GameOver Zeus & CryptoLocker malware • Iraq Blocks Social Media Amid Militant Drive • “Absolute Software” Names New Chief Executive Officer • Cybercriminals Ramp Up Activity Ahead of 2014 World Cup • Former Microsoft Worker Sent to Prison for Theft of Trade Secrets 14 Jun 2014
- 4. CONTINUED … • P.F. Chang's ( Restaurant chain ) confirms theft of customer card data. December 2013 , 100 million customers data is hacked as per the news . • LulzSec hacker helps FBI stop over 300 cyber attacks • Austrian computer student: I accidentally hacked Twitter with a heart symbol • Chinese government hackers are coming for your cloud. 14 Jun 2014
- 5. CONTINUED • Schools Kids hacked BMO ATM using Operators manual found online just a random guess of the password • New Svpeng Trojan Targets US Mobile Users • Spotify latest to be hit by hack on users 14 Jun 2014
- 6. ?...? • Netflix passwords leaked again? • Most common passwords registered • w4gw4g • Poosty72 • Moshimoshi • 500 usernames ‘n’ passwords leaked 14 Jun 2014
- 7. EXPLOIT DB – STATS ( JUNE 2014 ) • Remote exploit - 6 • Local exploit – 2 • Web application – 7 • DOS - 2 • Papers - 6 14 Jun 2014
- 8. INTERESTING TRICK • Loophole in PayPal Terms Allows Anyone to Double their PayPal Money Endlessly three separate PayPal account • one real • Virtual Credit Card (VCC) • Virtual Bank Account (VBA) Link : http://thehackernews.com/2014/06/loophole-in- paypal-terms-allows-anyone.html 14 Jun 2014
- 9. 14 Jun 2014
- 10. NEWS FROM GIANTS 14 Jun 2014
- 11. MICROSOFT • Microsoft helps FBI in GameOver Zeus botnet cleanup • Microsoft Running Out Of IPv4 Address Space In The US To Use For Azure VMs 14 Jun 2014
- 12. SYMANTEC • TrueCrypt Migration to Symantec Encryption Desktop 14 Jun 2014
- 13. T O O L S W A T C H . O R G R E A D E R S 2013 TOP SECURITY TOOLS 14 Jun 2014
- 14. OWASP ZAP – ZED ATTACK PROXY PROJECT • tool for finding vulnerabilities in web applications. • ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Link : https://www.owasp.org/index.php/OWASP_Zed_Atta ck_Proxy_Project 14 Jun 2014
- 15. BEEF – THE BROWSER EXPLOITATION FRAMEWORK PROJECT • Penetration testing tool that focuses on the web browser. Link : http://beefproject.com/ 14 Jun 2014
- 16. BURP SUITE • Performing security testing of web applications and Proxy Server Link : http://portswigger.net/burp/ 14 Jun 2014
- 17. PE STUDIO • Free tool performing the static investigation of any Windows executable binary. Note : A file being analysed with PeStudio is never launched Link : www.winitor.com 14 Jun 2014
- 18. OWASP XENOTIX • Advanced Cross Site Scripting (XSS) vulnerability detection and exploitation framework • It provides Zero False Positive scan results with its unique Triple Browser Engine (Trident, WebKit, and Gecko) embedded scanner. Link : http://opensecurity.in/owasp-xenotix-xss-exploit- framework-v4-5-relesed/ 14 Jun 2014
- 19. LYNIS THE HARDENING UNIX TOOL • Tool to audit and harden Unix and Linux based systems. Link : http://cisofy.com/lynis/ 14 Jun 2014
- 20. 14 Jun 2014
- 21. THANK YOU 14 Jun 2014