Microsoft Office 365 Gets Built-in Ransomware Protection and Enhanced Security Features

Ransomware has been around for a few years, but it has become an albatross around everyone's neck, targeting big businesses, hospitals, financial institutions and individuals worldwide and extorting millions of dollars. Last year, we saw some major ransomware outbreaks, including WannaCry and NotPetya, which wreaked havoc across the world, hitting hundreds of thousands of computers … Continue reading Microsoft Office 365 Gets Built-in Ransomware Protection and Enhanced Security Features

Critical flaw leaves thousands of Cisco Switches vulnerable to remote hacking

Security researchers at Embedi have disclosed a critical vulnerability in Cisco IOS Software and Cisco IOS XE Software that could allow an unauthenticated, remote attacker to execute arbitrary code, take full control over the vulnerable network equipment and intercept traffic. The stack-based buffer overflow vulnerability (CVE-2018-0171) resides due to improper validation of packet data in … Continue reading Critical flaw leaves thousands of Cisco Switches vulnerable to remote hacking

Apple Plans to Replace Intel Chips in Macs with its Custom Designed CPUs

In a major blow to Intel, Apple is reportedly planning to use its custom-designed ARM chips in Mac computers starting as early as 2020, ultimately replacing the Intel processors running on its desktop and laptop hardware.   The company makes its own A-series custom chips for iPhones, iPads and other iThings, while the Mac devices use Intel x64 silicon. Now according to a report from Bloomberg, Apple plans to replace Intel's Mac chips with its own homegrown CPUs.   The report says Apple executives have a project, codenamed "Kalamata," that designs desktop-grade Arm-compatible processors, along with a macOS port, allowing the company to craft a uniform architecture across all of its product lines.   The report also says this changeover would be part of a "multi-step transition" to make iOS devices and Macs "work more similarly and seamlessly together," helping Apple's plan (project codename 'Marzipan') to bring iOS apps to Mac for software cross-compatibility.   The changeover is likely to be in the wake of recent high-profile security issues around Intel chip architecture and chips from other manufacturers. It is similar to the approach Apple has taken in the past by switching to PowerPC architecture in 1991 and to Intel in 2006.   With the changeover, Apple would not have to share 5% of its annual revenue with Intel and pay for exclusive deals to offer high-end processors first to its customers, and competitors would not be able to copy innovations so easily. Switching to its own chips would also allow the company to control its own hardware roadmap better, and offer better performance to its users.   Bloomberg also notes that the revised Mac Pro laptops arriving next year will include an Apple-developed chip, and other Mac laptops will also receive Apple-developed chips this year.   Soon after the Bloomberg report was published, Intel’s stock price took a hit and dropped by 9.2 percent, the biggest intraday drop in over two years. They are down 6.07 percent at $48.92 at the time of writing.   Rumors of Apple ditching Intel and switching to its own custom silicon have been circulating for a decade. Last September, a report also claimed Apple was looking to cut back on its reliance on Intel, but nothing of that sort happened. Both Apple and Intel did not yet respond to the report.

New Android Malware Secretly Records Phone Calls and Steals Private Data

Security researchers at Cisco Talos have uncovered variants of a new Android Trojan that are being distributed in the wild disguising as a fake anti-virus application, dubbed "Naver Defender." Dubbed KevDroid, the malware is a remote administration tool (RAT) designed to steal sensitive information from compromised Android devices, as well as capable of recording phone calls. Talos researchers published Monday technical details about two recent variants of KevDroid detected in the wild, following the initial discovery of the Trojan by South Korean cybersecurity firm ESTsecurity two weeks ago. Though researchers haven't attributed the malware to any hacking or state-sponsored group, South Korean media have linked KevDroid with North Korea state-sponsored cyber espionage hacking group "Group 123," primarily known for targeting South Korean targets. The most recent variant of KevDroid malware, detected in March this year, has the following capabilities: record phone calls & audio steal web history and files gain root access steal call logs, SMS, emails collect device' location at every 10 seconds collect a list of installed applications Malware uses an open source library, available on GitHub, to gain the ability to record incoming and outgoing calls from the compromised Android device. Although both malware samples have the same capabilities of stealing information on the compromised device and recording the victim's phone calls, one of the variants even exploits a known Android flaw (CVE-2015-3636) to get root access on the compromised device. All stolen data is then sent to an attacker-controlled command and control (C2) server, hosted on PubNub global Data Stream Network, using an HTTP POST request. "If an adversary were successful in obtaining some of the information KevDroid is capable of collecting, it could result in a multitude of issues for the victim," resulting in "the leakage of data, which could lead to a number of things, such as the kidnapping of a loved one, blackmail by using images or information deemed secret, credential harvesting, multi-factor token access (SMS MFA), banking/financial implications and access to privileged information, perhaps via emails/texts," Talos says. "Many users access their corporate email via mobile devices. This could result in cyber espionage being a potential outcome for KevDroid." Researchers also discovered another RAT, designed to target Windows users, sharing the same C&C server and also uses PubNub API to send commands to the compromised devices. How to Keep Your Smartphone Secure Android users are advised to regularly cross-check apps installed on their devices to find and remove if any malicious/unknown/unnecessary app is there in the list without your knowledge or consent. Such Android malware can be used to target your devices as well, so you if own an Android device, you are strongly recommended to follow these simple steps to help avoid this happening to you: Never install applications from 3rd-party stores. Ensure that you have already opted for Google Play Protect. Enable 'verify apps' feature from settings. Keep "unknown sources" disabled while not using it. Install anti-virus and security software from a well-known cybersecurity vendor. Regularly back up your phone. Always use an encryption application for protecting any sensitive information on your phone. Never open documents that you are not expecting, even if it looks like it's from someone you know. Protect your devices with pin or password lock so that nobody can gain unauthorized access to your device when remains unattended. Keep your device always up-to-date with the latest security patches.

Android Trojan Steals Data From Facebook Messenger, Skype, Other IM Clients

Security researchers have found a new Android malware strain that has been designed to steal data from mobile instant messaging clients. This new trojan is quite simple in its design, researcher from cyber-security firm Trustlook said in a report published on Monday. Trojan has only a handful of features The trojan has only a few … Continue reading Android Trojan Steals Data From Facebook Messenger, Skype, Other IM Clients

Google Bans Cryptocurrency Mining Extensions From Chrome Web Store.

In an effort to prevent cryptojacking by extensions that maliciously mine digital currencies without users' awareness, Google has implemented a new Web Store policy that bans any Chrome extension submitted to the Web Store that mines cryptocurrency. Over the past few months, we have seen a sudden rise in malicious extensions that appear to offer … Continue reading Google Bans Cryptocurrency Mining Extensions From Chrome Web Store.

The Biggest Vulnerability Ever Found on CPU.! – Meltdown & Spectre.

There are New Vulnerabilities named Spectre and Meltdown, which exploit critical vulnerabilities in modern processors have just been discovered by Expert Cyber Security researchers. These hardware bugs allow programs to steal data being processed on the computer. You can View the Documentation about these Spectre Documentation and Meltdown Documentation.   The Meltdown Vulnerability Meltdown breaks the most fundamental … Continue reading The Biggest Vulnerability Ever Found on CPU.! – Meltdown & Spectre.

Acknowledged by Wso2

I got acknowledged by Wso2 for reporting reflected XSS vulnerability After few days, the issue has been fixed and my name got published in the Wso2 Acknowledgments section. Link –   The hard work paid off. Thanks WSO2 security platforms team for the appreciation certificates and all the appreciation tokens. I guess the only local … Continue reading Acknowledged by Wso2

Basics of Burp Suite for identifying vulnerabilities and verifying attack vectors for web-based applications Part-1

DISCLAIMER  This tutorial is only for Educational purposes. Please don’t use these kind of attacks for unethical purposes. Burp or Burp Suite is an integrated platform for performing security testing of web applications. Information security professionals use Burp to identify vulnerabilities and verify attack vectors for web-based applications. The framework is written in Java and developed by PortSwigger Security. … Continue reading Basics of Burp Suite for identifying vulnerabilities and verifying attack vectors for web-based applications Part-1

Secure Apache with Let’s Encrypt Free SSL Certificate

Secure Apache with Let’s Encrypt Free SSL Certificate If you are looking SSL certification for your web server to ensure privacy in communication, Let’s encrypt is the best option you have and It’s a totally free, automated, and open Certificate Authority which facilitates you in acquiring free SSL/TLS certificates needed for secure web browsing and … Continue reading Secure Apache with Let’s Encrypt Free SSL Certificate