3. What are Web Application Vulnerabilities?
• Web application vulnerabilities involve a system flaw or weakness in
a web-based application.
• They have been around for years, largely due to not validating or
sanitizing form inputs, misconfigured web servers, and application
design flaws, and they can be exploited to compromise the
application’s security.
• These vulnerabilities are not the same as other common types of
vulnerabilities, such as network or asset. They arise because web
applications need to interact with multiple users across
multiple networks, and that level of accessibility is easily taken
advantage of by hackers.
4. Web Application Security
• Web Application Security may be defined as the term that
defines the protection of the web application that is used by the
users of that system in order to interact with them.
• The web application must be developed by keeping the security
in mind as the vulnerability can be leveraged by attackers in
order to breach the system. Compromising any vulnerability can
also make a path for the attacker to attack the organization’s
network.
• To make sure that the application is protected from
vulnerabilities, there is a mechanism to perform manual and
automated checks.
5. Web Application Security
• There are several tools available that allow the cybersecurity
analysts to run the scan and check if the web application is
vulnerable to any attack.
• The OWASP Top 10 is the list of vulnerabilities that are
commonly found in any application and are very severe in
nature.
• Below are some of the common web application vulnerabilities
that are usually found in the application.
6. Web Application Vulnerabilities?
• SQL Injection: The SQL injection is the vulnerability that lets the attacker
inject SQL queries in the application in order to access the data from the
database without authorization.
• Cross-site scripting: This vulnerability allows an attacker to execute the
JavaScript at the client-side so that they can get the information stored in
the client-side and also to force the client to perform a particular activity.
• Broken authentication: The is the second vulnerability mentioned in the
list of OWASP top 10. Any application that allows the authentication
bypass is vulnerable to this attack.
• XML External Entity: Any application that parses the XML entity from the
external data is vulnerable to this attack. The hacker can gain access to
sensitive files stored in the server using this weakness of the application.
8. What does Database Security mean?
• Database security refers to the collective measures used to
protect and secure a database or database management
software from illegitimate use and malicious cyber threats and
attacks.
• Database security procedures are aimed at protecting not just
the data inside the database, but the database management
system and all the applications that access it from intrusion,
misuse of data, and damage.
• It is a broad term that includes a multitude of processes, tools
and methodologies that ensure security within a database
environment.
9. Database Security
• Database security covers and enforces security on all aspects and
components of databases. This includes:
• Data stored in database.
• Database server.
• Database management system (DBMS).
• Other database workflow applications.
• Database security is generally planned, implemented and
maintained by a database administrator and or other information
security professional.
11. Some of the ways database security is
analyzed and implemented include:
• Restricting unauthorized access and use by implementing strong and
multifactor access and data management controls.
• Load/stress testing and capacity testing of a database to ensure it does
not crash in a distributed denial of service (DDoS) attack or user overload.
• Physical security of the database server and backup equipment from theft
and natural disasters. Regular data backups can be planned as part of a
database security protocol, and multiple copies can be stored off-site to
provide redundancy and emergency recovery.
• Reviewing the existing system for any known or unknown vulnerabilities
and defining and implementing a road map/plan to mitigate them.
• Data encryption can provide an additional layer of security to protect the
integrity and confidentiality of data.
12. Why is database security important?
• Safeguarding the data your company collects and manages is of utmost importance. Database security can
guard against a compromise of your database, which can lead to financial loss, reputation damage, consumer
confidence disintegration, brand erosion, and non-compliance of government and industry regulation.
• Database security safeguards defend against a myriad of security threats and can help protect your enterprise
from:
• Deployment failure
• Excessive privileges
• Privilege abuse
• Platform vulnerabilities
• Unmanaged sensitive data
• Backup data exposure
• Weak authentication
• Database injection attacks
13. Network Security
“Network security is the process of taking physical and
software preventative measures to protect the underlying
networking infrastructure from unauthorized access,
misuse, malfunction, modification, destruction, or
improper disclosure, thereby creating a secure platform
for computers, users and programs to perform their
permitted critical functions within a secure environment,”
according to the SANS Institute.
14. Network Security
Network security experts focus on internal protection by keeping
close surveillance on passwords, firewalls, internet access,
encryption, backups and more. Their main focus is to protect
internal information by monitoring employee behavior and
network access. In contrast, cybersecurity experts would likely
focus on external threats by looking for hackers trying to infiltrate
the network and by gaining intelligence on potential future
attacks. If you work in network security, you will likely be
implementing and monitoring software used to detect threats and
protect a company’s network.
15. Why is network security important?
• Network security is one of the most important aspects to consider
when working over the internet, LAN or other method, no matter how
small or big your business is. While there is no network that is immune
to attacks, a stable and efficient network security system is essential to
protecting client data. A good network security system helps business
reduce the risk of falling victim of data theft and sabotage.
• Network security helps protect your workstations from harmful
spyware. It also ensures that shared data is kept secure. Network
security infrastructure provides several levels of protection to
prevent MiM attacks by breaking down information into numerous
parts, encrypting these parts and transmitting them through
independent paths thus preventing cases like eavesdropping.
16. How does network security work?
• There are many layers to consider when addressing network
security across an organization. Attacks can happen at any
layer in the network security layers model, so your network
security hardware, software and policies must be designed to
address each area.
• Network security typically consists of three different controls:
physical, technical and administrative. Here is a brief
description of the different types of network security and how
each control works.
17. Controls of Network Security
Physical Network Security
• Physical security controls are designed to prevent unauthorized personnel from gaining
physical access to network components such as routers, cabling cupboards and so on.
Controlled access, such as locks, biometric authentication and other devices, is essential
in any organization.
Technical Network Security
• Technical security controls protect data that is stored on the network or which is in transit
across, into or out of the network. Protection is twofold; it needs to protect data and
systems from unauthorized personnel, and it also needs to protect against malicious
activities from employees.
Administrative Network Security
• Administrative security controls consist of security policies and processes that control
user behavior, including how users are authenticated, their level of access and also how
IT staff members implement changes to the infrastructure.
18. Types of network security
We have talked about the different types of network security controls. Now let's
take a look at some of the different ways you can secure your network.
Network Access Control
• To ensure that potential attackers cannot infiltrate your network, comprehensive
access control policies need to be in place for both users and devices. Network
access control (NAC) can be set at the most granular level. For example, you
could grant administrators full access to the network but deny access to specific
confidential folders or prevent their personal devices from joining the network.
Antivirus and Antimalware Software
• Antivirus and antimalware software protect an organization from a range of
malicious software, including viruses, ransomware, worms and trojans. The best
software not only scans files upon entry to the network but continuously scans
and tracks files.
19. Types of network security
Firewall Protection
• Firewalls, as their name suggests, act as a barrier between the untrusted external networks
and your trusted internal network. Administrators typically configure a set of defined rules that
blocks or permits traffic onto the network. For example, Forcepoint's Next Generation
Firewall (NGFW) offers seamless and centrally managed control of network traffic, whether it
is physical, virtual or in the cloud.
• IPS & IDS – These are the tools that are used to detect malicious activity and stop it from
being executed. IPS stands for intrusion prevention system and IDS stands for the intrusion
detection system.
Virtual Private Networks
• Virtual private networks (VPNs) create a connection to the network from another endpoint or
site. For example, users working from home would typically connect to the organization's
network over a VPN. Data between the two points is encrypted and the user would need to
authenticate to allow communication between their device and the network. Forcepoint's
Secure Enterprise SD-WAN allows organizations to quickly create VPNs using drag-and-
drop and to protect all locations with our Next Generation Firewall solution.
20. Privacy
• Privacy is when nobody is aware of what you are doing but
potentially they know your identity.
• Privacy relates to content. Refraining from the public eye and
maintaining confidentiality. If you send an encrypted email to a friend
so only the two of you can open it, this is private. It is not public.
• Privacy is different than security in that you are now trying to control
access to data. Privacy measures are those you put in place to limit
who can access information which is important to you. This includes
both information which you possess such as your files and
documents and information which third parties are trying to gather
about you.
21. Privacy Cont.…
1: Know what companies do with your data. Facebook you know how much
information they harvest and share with others. Google loves to track you
well (online and offline). You can see our online privacy Article for a few
measures to help against online tracking. Better yet, before you give your
data to a company, head over to tosdr.org (Terms of Service – Didn’t Read)
and see what they say about how that site uses your data.
2: Tune your computer and program settings. Windows 10 is a pretty good
operating system but has standard settings to share your information.
up your privacy settings and turn off all of the sharing settings you don’t
need. Many programs have usage monitoring agreements as well for
“improvement studies.” Watch for those check boxes while installing. And
remember, any time a program has to go online to retrieve information,
means it is sending out information as well. For example, Windows Media
Player, while capable of retrieving song/album info online, also calls back
Microsoft at the same time to update them on your music.
22. Privacy Cont.…
3: Cloud storage… not near as secure or private as you might hope.
There are actually encryption programs you can pair with your cloud
storage to keep everything private and only accessible to you. You
also even host your own cloud storage from your own network.
4: Use a VPN. While great for security, it also provides an amazing
boost to privacy. Did you know your ISP actually harvests and sells
your browsing history? With a good VPN running, they can only tell
you are using the internet but lose the capability to monitor what you
are doing.
5: Encryption. I listed this for cloud storage but it goes much further.
In fact, encryption is pretty well your #1 tool when it comes to
Want to keep your computer’s data private? Encrypt the hard drive.
Want to keep emails private (and insure people know only you could
have sent them)? Encrypt the emails. Anything encrypted using a
secure password and algorithm pretty well insures privacy.
23. Anonymity
• Having anonymity means your online actions do not trace back to you.
Anonymity can function with or without privacy. Consider a Facebook
profile (we’ll assume you are doing something to stop Facebook from
tracking your IP here). You can create an account using a fake name and
fake email address. This makes your posts from that account anonymous as
they no longer tie back to you. They are not private however; anyone on
Facebook can still read them. If you then set that account to private so that
only select people can find it and read posts, it is both anonymous and
private.
• Anonymity can be harder to achieve online being that so many different
services try to track your every action. And the truth of the matter is, you
can’t really be anonymous online if you aren’t somewhat anonymous
offline as well. These tracking systems are simply so advanced that they can
pair related behaviors online and offline in order track people. But here’s a
few things you might consider:
24. Anonymity Cont.…
1: Have I mentioned a VPN? Security, privacy, and anonymity. I put
this under privacy but realistically, it’s keeping you private by
anonymizing your traffic. That said, if you use a VPN and then sign
into Facebook or some other account, it’s still pretty easy to trace
actions during that internet session back to you…
2: Use virtual machines. There are virtual machines designed purely
for anonymity. They definitely aren’t for everyone but they are
relatively easy to install and work with. Also, actions taken within the
virtual machines aren’t really recorded by your actual computer. Have
an issue with the virtual machine or think it may have been
compromised? Not a big deal… a brand new one can be implemented
in minutes.
25. Anonymity Cont.…
3: Tor. I touched on this at the end. Tor is an internet browser based off of
Firefox. It is set up for security and connects you into the Tor network to
anonymize your traffic. What this network does is bounce your traffic
multiple relay nodes before it gets to its destination. This prevents the
from being tied back to you. It’s slower than traditional browsers because
your traffic is moved between nodes and not as full featured as normal
browsers but does serve to allow for an anonymous connection. You can
read more about how it works.
4: Fake accounts. In my short intro to anonymity I mentioned creating a
Facebook account using a fake name (note that this does violate their
policies and they may delete the account if they decide it is fake… but if
are using like legitimately as you would a normal one, this is not likely to
happen). Having your online presence functioning under a pseudonym
provides you a layer of anonymity.
26. What is Pseudonymity?
• Say you choose to use an alias for social media or for a forum
online to hide your identity, an adversary may not know who you
are but can still attribute posts and activity to you.
• This is an alias, a cover, a false identity. This is often referred to
as 'pseudonymity'.
27. Internet Privacy: To Trust or Not to Trust?
To get a brief glimpse into how serious the threat to online privacy can
be, let’s explore a few examples. The following showcase the U.S. and
U.K. governments’ blatant disregard for internet privacy:
• Prism
• Prism is the name of a surveillance program under the NSA that compels tech
companies like Microsoft, Google, YouTube, Apple, etc. to grant access to
user data on their servers.
• Optic Nerve
• SIGINT Enabling Project
28.
29. Internet Privacy: 10 Ways to Increase Your
Data Privacy and Anonymity Online
1. Clear Your Cache and Delete Temporary Internet Files
2. Use Incognito or Private Browsing Mode
3. Use Extensions That Protect Your Privacy Online
4. Use the Tor Network to Surf the Internet
5. Switch Search Engines
6. Use a Trusted Service for Instant Messaging
7. Review Your Choice of Operating System
8. Choose the Right VPN
9. Use Good Sense to Judge Whether an App Is Requesting Excess Permissions
10. Some Other Tools for Maintaining Internet Privacy and Anonymity Online
https://sectigostore.com/blog/internet-privacy-anonymity-in-the-age-of-internet-surveillance/
30. Software Security
Software Security– Is not even found in Merriam Webster’s Dictionary
because it is not considered an officially recognized term. Software Security
is an engineered software that protects a program from malicious attack
or hacking. As a relatively new entity, the security deflects ramifications
against its software security such as:
• Bugs
• Buffer overflows
• Design flaws
• Malicious intruders
• hackers
• Improper digital handling
31. What does Software Security mean?
• Software security is an idea implemented to protect software
against malicious attack and other hacker risks so that the
software continues to function correctly under such potential
risks. Security is necessary to provide integrity, authentication
and availability.
• Any compromise to integrity, authentication and availability
makes a software unsecure. Software systems can be attacked
to steal information, monitor content, introduce vulnerabilities
and damage the behavior of software. Malware can cause DoS
(denial of service) or crash the system itself.
32. Continue….
• Buffer overflow, stack overflow, command injection and SQL
injections are the most common attacks on the software.
• Buffer and stack overflow attacks overwrite the contents of the
heap or stack respectively by writing extra bytes.
• Command injection can be achieved on the software code when
system commands are used predominantly. New system
commands are appended to existing commands by the
malicious attack. Sometimes system command may stop
services and cause DoS.
33. Continue….
• SQL injections use malicious SQL code to retrieve or modify
important information from database servers. SQL injections
can be used to bypass login credentials. Sometimes SQL
injections fetch important information from a database or delete
all important data from a database.
• The only way to avoid such attacks is to practice good
programming techniques. System-level security can be
provided using better firewalls. Using intrusion detection and
prevention can also aid in stopping attackers from easy access
to the system.
34. Software Security Cont.…
• The types of software security that you will see commonly are:
• Antivirus software
• Firewall security
• Antispyware software
• Spyware removal software
• Encryption software
• Virus protection software
35. What is mobile device security?
• Mobile Device Security refers to the measures designed to protect
sensitive information stored on and transmitted by laptops,
smartphones, tablets, wearables, and other portable devices. At the
root of mobile device security is the goal of keeping unauthorized
users from accessing the enterprise network. It is one aspect of a
complete enterprise security plan.
• Mobile application security involves examining the structure of
mobile applications and studying how they work, as well as looking
at major threat areas and what hackers or other attackers want to
accomplish. Security experts develop assessments based on issues
like theft of financial data or personal identifiers, or unauthorized
access to devices.
36. Cont.…
• Areas covered by mobile application security include threat
modeling, source code review and risk analysis. Developers may
look at areas like a database, cache or configuration files, or at the
underlying platform to understand how to better protect mobile
applications and devices from vulnerabilities.
• In a sense, mobile application security is a kind of "next-generation"
process based on security solutions intended for the personal
computer. Like personal computers, mobile devices run on operating
systems that have their own vulnerabilities and security issues. As
mobile devices become ubiquitous, security experts are scrambling
to catch up by developing mobile application security processes and
solutions for the future.
37. Why is mobile device security important?
With more than half of business PCs now mobile, portable
devices present distinct challenges to network security, which
must account for all of the locations and uses that employees
require of the company network. Potential threats to devices
include malicious mobile apps, phishing scams, data leakage,
spyware, and unsecure Wi-Fi networks. On top of that,
enterprises have to account for the possibility of an employee
losing a mobile device or the device being stolen. To avoid a
security breach, companies should take clear, preventative steps
to reduce the risk.
38. What are the benefits of mobile device
security?
Mobile device security, or mobile device management, provides the
following:
• Regulatory compliance
• Security policy enforcement
• Support of “bring your own device” (BYOD)
• Remote control of device updates
• Application control
• Automated device registration
• Data backup
Above all, mobile device security protects an enterprise from unknown or
malicious outsiders being able to access sensitive company data.
39. What is Mobile App Security?
• Mobile app security is a measure to secure applications from
external threats like malware and other digital frauds that risk
critical personal and financial information from hackers.
• Mobile app security has become equally important in today’s
world. A breach in mobile security can not only give hackers
access to the user’s personal life in real-time but also disclose
data like their current location, banking information, personal
information, and much more.
40. What is Application Security and Why is It
Important?
• Application Security is the process of testing and examining an application
to ensure that mobile apps, web applications, or APIs are secure from
potential attacks. Organizations often lack the expertise and bandwidth to
monitor their applications adequately and adapt their security protocol to
mitigate emerging threats. Also, changing compliance laws require
enterprises to follow strict mandates to protect people from inept security
(similar to GDPR compliance dictates).
• Application security increases operational efficiency, addresses
compliance requirements, reduces risk, and improves trust between a
business and users. Public security breaches and compliance violations
severely tarnish the reputation of an enterprise and make potential users
wary of trusting the business' services. Implementing effective application
security is a worthwhile investment.
41. Impact of Weak Mobile App Security
• Consumers are often dependent and trust organizations to test
their applications for security measures before making them
available to them. However, studies conducted by IBM revealed
shocking facts.
42.
43. Customer Information
• The above numbers provide enough motivation for hackers to exploit security
loopholes in mobile applications and hackers try to leverage any or all of the
following things from unsecured codes:
• Hackers gain login credentials of any website or device; for example, email,
banking, social networking websites, etc. Anubis banking Trojan is a notorious
example in this category, which enters the user’s device by downloading
compromised apps, some of which are even hosted on the official app stores of
Android. Once a device is infected, the Trojan forces it to send and receive SMS,
read contact lists, request permission to access device location, allow push
notifications, and determine the IP address of the mobile connection along with
access to personal files on the mobile device.
• In May 2019, WhatsApp acknowledged that its app was vulnerable to spyware
from an Israeli firm NSO group that could infect a mobile device simply by calling
a user on WhatsApp from an unknown number.
44.
45. Customer Information
• The user’s device could be compromised even if the user did
not accept the call. Once infected, the spyware could send
almost all data â‚‹ including contact lists, GPS information, media
files, etc. from the device to the hacker’s server.
46. Financial Information
• Hackers can gain credit and debit card numbers to make bank
transactions, particularly in cases where a one-time password is
not required. Researchers from Kaspersky discovered a new
version of the banking Trojan called Ginp, which could steal
user credentials and credit card information from a user’s
device. Its ability to take control of the SMS feature of the
device allows it to manipulate banking functions. Its code was
found to be manipulating 24 apps of Spanish banks.
48. IP Theft
• Hackers gain the code base of the app to illegally create their
clones or simply steal the intellectual property of the company
that owns the app. The more successful an app is, the more
number of clones it is likely to attract on app stores. For
example, Fortnite and PUBG Mobile became popular and were
not available on Google Play store, but many cloning soon
became available because of their high popularity, so much so
that at one point Google had to warn its users that the official
Fortnite was not available at Google Play.
49.
50. Revenue Loss
• It is possible to access premium features of apps, especially in
utility and gaming apps, which are a source of revenue for the
owner of the app. In 2016, the mobile security company
Bluebox revealed how hackers were able to access the
premium features of popular apps Hulu and Tinder by exploiting
security holes in them and causing losses to their owners. At
that time, Hulu’s monthly subscriptions were selling at $7.99 a
month for its OTT streaming service.
51. Brand Confidence
• Apart from losing crucial user data, the loss can come in the
form of both misuses of user information as well as lawsuits
from affected parties. While the positive of undertaking security
drills is that customers stay loyal and trust the brand, the
negative is the loss of customers’ confidence forever.
Companies should realize that at the center of their business
lies the confidence of their customers in their brand. Thus, the
rationale for app development should rightfully consider this
aspect of the business.
52. Loopholes in Mobile App Security
• Mobile apps are not designed to serve as anti-viruses or to transmit
data securely over the internet. Rather they focus on a smooth
interface and provide the best functionality to users. Similarly
installing an antivirus app may secure the network and prevent
attacks on a device, but it cannot provide protection against weak
passwords or a poorly designed app.
• Most of the common security lapses are documented by industry
experts under the aegis of The Open Web Application Security
Project (OWASP) for reference for developers. Its popular list
OWASP Mobile Top 10 comprehensively builds on the pooled
knowledge of industry experts about the present and developing
attack vectors on mobile devices.
54. Android App Security Risks
Reverse Engineering
• Android apps are developed in Java with an integrated
development environment (IDE) like Eclipse. These Java apps
can be reversed with various tools available on the internet.
With Android, the bytecode can be altered and packed again in
the form of APK files. Reversing Android apps can easily
provide test login credentials, insights into bad design, details
about the libraries and classes used. It can also provide details
about the type of encryption used in the app. This can help the
attacker is not only hacking one device but multiple devices
using the same decryption method.
55. Insecure Platform Usage
Insecure Platform Usage
• Android OS and apps become vulnerable to the OWASP Mobile Top
10 risks when app developers ignore the best practices published by
Google to communicate with its mobile OS, particularly through
unsecured Android intents and platform permissions. For example,
when the developer does not secure exported services or issues a
wrong flag to an API call, their app stands exposed to hackers.
Hackers tend to snoop on Android devices to receive
BroadcastReceiver instances which are meant for legitimate apps.
Developers tend to ignore the use of LocalBroadcastManager to
send and receive messages for legitimate apps, thus creating a
security lacuna.
56. Insecure Platform Usage
Ignoring Updates
• Many Android developers do not update their apps regularly or pay heed
to the OS patches issued by Android, which results in a lack of protection
against newly found vulnerabilities. Updates cover the latest security
patches and ignoring the same can expose applications to the latest
security risks.
Rooted Devices
• The Android OS lets users root their devices using third-party apps with
some warning issued to them. However, not every user understands that
their rooted device exposes it to manipulation from hackers and malware.
For developers, it, thus, becomes essential either not to allow their app to
run in a rooted environment or issue regular warnings to users.
57. iOS App Security Risks
Unlike Android, Apple iOS operating system strictly enforces security
features and is a closed operating system. Apps cannot communicate with
other apps or directly access the directories or data of other apps. iOS apps
are developed in native Objective C language with tools like Xcode. It is
based on the same ARM version of XNU kernel as that of OSX, which is
used in Apple’s laptops and Mac computers.
Jailbreak
• Jailbreaking is a popular term used in the context of Apple devices. It
involves finding an exploit in the kernel that allows users to run unsigned
code on mobile devices. Jailbreaking is tethered, which means that every
time a user reboots their phone, it should be connected to a laptop or run a
jailbroken code. While untethered jailbreak means that the code will
remain on the phone even after a reboot.
58. iOS App Security Risks
User Authentication
• iOS offers device-level security through Face ID and Touch ID and claims that they are secure
because they use a processor separate from the rest of the OS. It is called the Secure Enclave,
which runs on a dedicated microkernel. However, hackers have shown that Touch ID can be
compromised, most notably with a device called GrayKey, which makes brute-forcing the passcode
guessing easy by doing away with the need to wait between attempts at guessing. When app
developers use Touch ID systems to protect data or services within their apps, they are also
exposed to this type of vulnerability.
Insecure Data Storage
• Most apps store data in SQL databases, cookies, binary data stores, or even as common text.
These storage locations can be accessed by hackers when the operating system, framework, or
compiler is vulnerable. Also, jailbreaking devices lead to data exposure. When hackers gain access
to the database, they modify the app and collect the information on their machines. Jailbroken
devices expose even the most sophisticated encryption algorithms.
Security experts have also found that insecure data storage is one of the most common vulnerabilities
in iOS devices, which hackers exploit to steal passwords, financial information, and personal data or
users.
59. Common Application Risks
Lack of encryption
• Encryption is a method of transporting data in ciphered code
which cannot be viewed without matching it with a secret key.
According to data by Symantec, nearly 13.4 percent of
consumer devices and 10.5 percent of enterprise devices do
not have encryption enabled, which can easily expose sensitive
data as plain text. Using a high-level of data encryption ensures
that the app cannot be easily cracked.
60.
61. Malicious code injection
• User forms can be easily used to inject malicious code
and access the server data. For example, certain apps
do not restrict the characters a user can input in a field.
This allows hackers to inject a line of Javascript in to the
login form and gain access to private information.
62.
63. Binary planting
• It is a general term where an attacker puts a binary file containing
malicious code on a local file system in the mobile device and then
executes it to gain control over the device. This can be done with the
help of a malicious SMS or forcing the user to click on malicious
links. This way, hackers can put malicious code even in legitimate
folders or within installer files and execute it at will, thus
compromising the device security. Binary planting can lead to
reverse engineering as well, where attackers try to deconstruct the
code of an app and gain access to the core code. Once the code is
revealed, hackers can manipulate it to find the vulnerabilities and
exploit it for further malicious action.
64.
65. Mobile botnets
• They are a type of bots that run on IRC networks
created with the help of Trojans. When an infected
device connects to the internet, it starts to work as a
client and sends information to a server. Mobile botnets
aim to gain complete control over the device and can be
used to send emails and text messages, make phone
calls, and access personal data, like photos and contact
lists.
database hardening is a process in which you remove the vulnerabilities that result from lax con-figuration options. ... Three main stages exist in hardening a database: Locking down access to resources that can be misused. Disabling functions that are not required.
Auditing is the monitoring and recording of selected user database actions. ... For example, if some user is deleting data from tables, then the security administrator might decide to audit all connections to the database and all successful and unsuccessful deletions of rows from all tables in the database