The trending topics all over the world center around digital currencies and Bitcoin is one of the most popular ones. Back in 2017 December, the worth of Bitcoin practically crossed about $19,000 and almost touched $20,000. Continue reading “Bitcoin Miner Virus: How To Detect And Delete It”
Category: Security
TLS vs SSL: What’s the Difference ?
Online security is vital these days if we want to avoid becoming victims of unscrupulous malware, spyware, and phishing attacks. With internet criminals becoming more and more crafty, sophisticated and highly organized, the only way to ensure adequate protection is to make sure that your online activities are protected by the latest security protocols. Continue reading “TLS vs SSL: What’s the Difference ?”
You’re More Likely To Fall Victim to a Cyberattack Than a Home Invasion
By the time most people start to notice that their data has been compromised, it’s too late. Modern hackers continue to develop savvier ways to steal your data, and most people have no clue how to defend themselves.
Yet you can learn how to prevent a cyber attack by studying the patterns from past scenarios. So, what are the trends hackers tend to follow?
Continue reading “You’re More Likely To Fall Victim to a Cyberattack Than a Home Invasion”
The Top Security Breaches in History
Thanks to technology, most businesses these days are now able to process and manage data more
efficiently and effectively. However, as the internet and digital platforms become more of a necessity to process critical business information, the risk of being targeted for data breach also increases. Continue reading “The Top Security Breaches in History”
KRACK – Key Reinstallation Attacks on WPA2 Protocol
Introduction
KRACK is a security flaw with WPA2 security and it allows to compromise wireless WPA security by forcing nonce reuse .
This is not an issue related to passwords but the protocol used by WPA and impacts pretty much all devices which uses wi-fi connection like phone, computers, wi-fi routers are impacted. Continue reading “KRACK – Key Reinstallation Attacks on WPA2 Protocol”
Linux PIE/stack corruption (CVE-2017-1000253) Bug and Security Vulnerability
About CVE-2017-1000253 Bug:
This issue is related to the Linux kernel loaded Executable and Linkable Format (ELF) executables. If an ELF application was built as Position Independent Executable (PIE), the loader can allow part of that application’s data segment to map over the memory area reserved for its stack.
It can cause memory corruption and may allow an unprivileged local user to gain privileged access using Set owner User ID (SUID) or privileged flawed PIE binary. Continue reading “Linux PIE/stack corruption (CVE-2017-1000253) Bug and Security Vulnerability”
SHA-1 Collision – Insecurity of SHA-1 exposed by Google
SHA-1 is widely used in applications like SSL, SSH, TLS, IPsec PGP, S/MIME to protect the sensitive information.
Google has demonstrated that SHA-1 Collision is possible and two files can have the same SHA-1 hash. This means that system can be manipulated by presenting it with manipulated data with same hash as good data.
Continue reading “SHA-1 Collision – Insecurity of SHA-1 exposed by Google”
MongoDB Ransom Attacks Hit 27000 Systems
MongoDB Ransom Attacks has hit 27,000 Systems in few hours from 12000 impacted servers .
Most of the mongoDB installations are exposed to exploites due to poor default access controls for super users .
Hackers are accessing MongoDB databaases and then copy and delete data from database running in default, unsecure configuration. In return of data administrators are being asked to pay ransom money by bitcoins. Continue reading “MongoDB Ransom Attacks Hit 27000 Systems”
HeartBleed bug : Frequently Asked questions
What Exactly is HeartBleed bug ?
This bug allows hackers to reads sensitive data from the memory of victim host in 64 k chunks. The memory can have user names , passwords , decrypted information or certificates & keys or other confidential information. Continue reading “HeartBleed bug : Frequently Asked questions”
Securing Solaris
Protect your system from internal & external security vulnerabilities
Introduction
Solaris security broadly falls under two groups – one is where the system is accessible using local area network/vlan and it has to be secured against unauthorized access. Second is system is accessible over the Internet to a number of persons and it has to be protected against unauthorized access using network or security loopholes.
This document details some of the focus areas for security and provides suggestions to make it strong. Continue reading “Securing Solaris”