Monthly Security Bulletin. Indian Computer Emergency Response Team. Department of Electronics and Information Technology
|
|
- Chad White
- 3 years ago
- Views:
From this document you will learn the answers to the following questions:
What is the main source of the vulnerabilities discovered during March 2015?
What does a request contain that can be used to perform arbitrary actions?
Who conducted security trainings for various agencies?
Transcription
1 Indian Computer Emergency Response Team Department of Electronics and Information Technology Ministry of Communications and Information Technology Government of India Monthly Security Bulletin March 2015
2 2 TABLE OF CONTENTS Comparison at a Glance 3 Cyber Intrusion Trends 4 Indian Website Defacements 7 Prevalent Global Attack Trends 11 Trainings Conducted by CERT-IN 12 Security Alerts 13 Malicious Code Threats 16 Security News 17
3 3 Comparison at a Glance 8.4% 3.8% Feb % 11 % 56.6 % 27.6 % % 25 % Mar-15 Figure 1: Trend Analysis Feb 2015-March 2015 March 2015 witnessed a decreased level of incidents related to spamming and incidents in others category. On the other hand incidents related to phishing, malicious code, network scanning, open proxy servers, websites infected with malicious content and website defacement witnessed an upward trend as compared to last month.
4 4 Cyber Intrusion Trends A total of 5810 security incidents including phishing, virus/malicious code, network scanning/probing, spam, spread of malware through website compromise and technical help under others category were reported to CERT-In from various National/International agencies in March, In addition, a total of 1939 Indian websites were defaced in March,2015.A consolidated picture of security incidents reported in March, 2015 and website defacements tracked by CERT-In during that period is shown in the pie chart below. The pie chart below indicates that 61.7% and 34.7% of reported incidents belonged to spam and website defacement categories respectively. Alongside 1.2%, 0.5%, 0.4 % incidents were related to spread of malware through website intrusion, phishing and technical help under others categories respectively. Malicious code and network scanning categories comprised of only 0.2% and 1.4% of the total incidents respectively in March, In this month CERT -In tracked bot-infected computers existing in India. The concerned ISPs were intimated to disinfect the bot infected systems to mitigate botnets. 0.4% 1.4% 0.5% 0.2% 34.7% 61.7% 1.2% Phishing Malicious Code Defacemnt WIMP Spam Network Scanning Others Figure 2: Cyber Intrusion during March 2015
5 spam incidents were reported to CERT-In March, spam involves nearly identical messages sent to numerous recipients by that may include malware as scripts, executable file attachments or hyperlinks. Clicking on the links in spam may send users to phishing web sites or sites that are hosting malware Oct-14 Nov-14 Dec-14 Jan-15 Feb-15 Mar-15 Figure 3: Statistics of Spam tracked during Oct-14 to Mar-15 CERT-In tracked 157 Open Proxy Servers functioning in India during March, Any proxy server that doesn't restrict its client base to its own set of clients and allows any other client to connect to it is known as an open proxy server. An open proxy server will accept client connections from any IP address and make connections to any Internet resource. All the concerned ISPs were alerted immediately to shut down the open proxy servers Oct-14 Nov-14 Dec-14 Jan-15 Feb-15 Mar-15 Figure 4: Statistics of Open Proxy Servers tracked during Oct-14 to Mar-15
6 6 CERT-In is tracking malicious web sites/urls on regular basis. In this month CERT-In tracked 70 websites infected with malicious contents. A user visiting these websites/urls is redirected to malicious sites which downloading malicious code such as virus, worm, trojan, keylogger, rootkit on to the user's computer. The website owners are informed to remove the infection from these websites and are advised to strengthen the security of their websites Oct-14 Nov-14 Dec-14 Jan-15 Feb-15 Mar-15 Figure 5: Statistics of WIMP tracked during Oct-14 to Mar-15
7 7 Indian Website Defacements A total number of 2014 Indian websites were defaced during March Oct-14 Nov-14 Dec-14 Jan-15 Feb-15 Mar-15 Figure 6: Statistics of Defacements tracked during Oct-14 to Mar-15 The following figure highlights the domain wise statistics of defaced websites during March A total of 459 '.com', 1346 '.in', 132 '.org', 18 '.net' and 59 websites belonging to other domains were defaced in this month com.org.net.in others Figure 7: Statistics of Defacements tracked during March-15
8 8 The following vulnerabilities discovered during March 2015 and some of the previously known vulnerabilities that might have been exploited for website defacements and intrusions: Vendor/Product Vulnerability References Information The WPML plugin before for WordPress does not properly handle multiple actions in a request, which allows remote attackers to bypass nonce checks and perform arbitrary actions via a request containing an action POST parameter, an action GET parameter, and a valid nonce for the action GET parameter. CVE The "menu sync" function in the WPML plugin before for WordPress allows remote attackers to delete arbitrary posts, pages, and menus via a crafted request to sitepress-multilingualcms/menu/menus-sync.php. CVE Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. CVE SQL injection vulnerability in the WPML plugin before for WordPress allows remote attackers to execute arbitrary SQL commands via the lang parameter in the HTTP Referer header in a wp-link-ajax action to comments/feed. CVE Multiple cross-site request forgery (CSRF) vulnerabilities in admin/class-bulk-editor-list-table.php in the WordPress SEO by Yoast plugin before 1.5.7, 1.6.x before 1.6.4, and 1.7.x before for WordPress allow remote attackers to hijack the authentication of certain users for requests that conduct SQL injection attacks. CVE Multiple SQL injection vulnerabilities in admin/class-bulk-editor-listtable.php in the WordPress SEO by Yoast plugin before 1.5.7, 1.6.x before 1.6.4, and 1.7.x before for WordPress allow remote authenticated users to execute arbitrary SQL commands CVE
9 9 Vendor/Product Vulnerability References Information Cross-site request forgery (CSRF) vulnerability in the Contact Form DB (aka CFDB and contact-form-7-to-database-extension) plugin before for WordPress allows remote attackers to hijack the authentication of administrators for requests that delete all plugin records via a request in the CF7DBPluginSubmissions page to wpadmin/admin.php. CVE Cross-site request forgery (CSRF) vulnerability in the All In One WP Security & Firewall plugin before for WordPress allows remote attackers to hijack the authentication of administrators for requests that delete logs of 404 (aka Not Found) HTTP status codes. CVE SQL injection vulnerability in the All In One WP Security & Firewall plugin before for WordPress allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CVE SQL injection vulnerability in ecomm-sizes.php in the Photocrati theme 4.x for WordPress allows remote attackers to execute arbitrary SQL commands via the prod_id parameter. CVE Multiple SQL injection vulnerabilities in the WonderPlugin Audio Player plugin before 2.1 for WordPress allow remote authenticated users to execute arbitrary SQL commands CVE SQL injection vulnerability in Spider Event Calendar for WordPress allows remote attackers to execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php. CVE Unrestricted file upload vulnerability in the fusion_options function in functions.php in the Fusion theme 3.1 for allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension in a fusion_save action, then accessing it via unspecified vectors. CVE
10 10 Vendor/Product Vulnerability References Information The BestWebSoft Google Captcha (aka recaptcha) plugin before 1.13 for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors. CVE The BestWebSoft Captcha plugin before for WordPress allows remote attackers to bypass the CAPTCHA protection mechanism and obtain administrative access via unspecified vectors. CVE Drupal Open redirect vulnerability in the Services single sign-on server helper (services_sso_server_helper) module for Drupal allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified parameters. CVE Joomla! Multiple SQL injection vulnerabilities in the Web-Dorado ECommerce WD (com_ecommercewd) component for Joomla! allow remote attackers to execute arbitrary SQL commands. CVE Table 1: Defacement related Vulnerabilities
11 11 Prevalent Global Attack Trends Man-in-The-Middle (MiTM) attack in SSL/TLS implementations (MiTM) attack in SSL/TLS implementation The vulnerability exists in Open SSL due to the usage of downgraded RSA export cipher suites. A remote attacker could exploit this vulnerability to decrypt SSL/TLS communication and gain access to sensitive information.
12 12 Trainings Conducted by CERT-IN Workshop on "Cyber Security Threats and Mitigation" on March 05, 2015 Cyber Security Threats and Mitigation A workshop on "Cyber Security Threats and Mitigation"was conducted on 5th March 2015 exclusively for trainee officer's of Army War College. Aim of the workshop was to give an exposure to cyber security threats, latest attack trends and mitigation strategies. Senior trainee officer's from the Army War College attended the workshop.
13 13 Security Alerts The critical and medium vulnerabilities in various Operating Systems, Application software and Network devices discovered during March 2015 are given below: Vendor/Product Title of Vulnerability Discovery/Publish Date CERT-In References GnuTLS GnuTLS Certificate Validation Security Bypass Vulnerability March 31, 2015 CIVN WordPress Multiple Vulnerabilities in WordPress Plugins March 31, 2015 CIVN Wireshark Multiple Vulnerabilities in Wireshark March 30, 2015 CIVN PHP PHP Use after free Vulnerability March 26, 2015 CIVN PHP PHP Buffer Overflow Vulnerability March 26, 2015 CIVN IBM IBM Tivoli Directory Server Information Disclosure Vulnerability March 20, 2015 CIVN Drupal Multiple Vulnerabilities in Drupal March 20, 2015 CIVN Siemens Siemens SPC Controller Series Denial of Service Vulnerability March 20, 2015 CIVN Schneider-electric Schneider Electric Pelco DS-NVs rvctl.dll ActiveX Control Buffer Overflow Vulnerability March 20, 2015 CIVN Cisco Multiple Vulnerabilities in Cisco TelePresence Video Communication Server, Expressway & TelePresence March 19, 2015 CIVN Cisco Cisco Virtual TelePresence Server Serial Console Privileged Access March 19, 2015 CIVN Cisco Cisco Intrusion Prevention System MainApp Secure Socket Layer Denial of Service Vulnerability March 19, 2015 CIVN Adobe Multiple Vulnerabilities in Adobe Flash Player March 19, 2015 CIVN WordPress Multiple Vulnerabilities in WordPress Plugins March 12, 2015 CIVN
14 14 Vendor/Product Title of Vulnerability Discovery/Publish Date CERT-In References Cisco Cisco IOS Software and Cisco IOS XE Software Crafted RADIUS Packet Denial of Service Vulnerability March 12, 2015 CIVN Cisco Cisco Secure Access Control Server Default Tomcat Administration Interface Vulnerability March 12, 2015 CIVN Apple Multiple Vulnerabilities in Apple ios CIVN Denial of Service vulnerability in Windows Remote Desktop Protocol (RDP) CIVN Information Disclosure Vulnerability in Windows Photo Decoder Component CIVN Windows Task Scheduler Service Security Bypass Vulnerability CIVN NETLOGON Service Spoofing Vulnerability in Windows CIVN Multiple Vulnerabilities in Exchange Server CIVN Multiple Privilege Escalation Vulnerabilities in Windows Kernel CIVN Windows PNG Image Processing Information Disclosure Vulnerability CIVN Multiple Vulnerabilities in Windows Kernel-Mode Driver CIVN Office Could Allow Remote Code Execution Vulnerabilities CIVN Multiple Vulnerabilities in Adobe Font Driver CIVN Windows Remote Code Execution Vulnerabilities CIVN VBScript Scripting Engine Remote Code Execution Vulnerability CIVN
15 15 Vendor/Product Title of Vulnerability Discovery/Publish Date CERT-In References Multiple vulnerabilities in Internet Explorer CIVN Security Bypass Vulnerability in Windows Schannel CIVN ISC BIND Denial of Service Vulnerability in ISC BIND March 02, 2015 CIVN Table 2: Security Alerts published in March 2015
16 16 Malicious Code Threats Title of Malicious Code Type Overview Publishing Date References BKDR_ALINA.SM Backdoor This is a new variant of the point-ofsale (PoS) malware family Alina. It was first seen in January This backdoor arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites. Mar 02, 2015 Trendmicro W2KM_BARTALEX.EU Trojan This Trojan arrives as an attachment to messages spammed by other malware/grayware or malicious users. Once the malicous document is opened, the macro which contains the malware code executes and drops malicious files. Mar 07, 2015 Trendmicro Table 3: Malicious Code threats in March 2015
17 17 Security News Date News Source Yahoo slices your password out of login process, shows off end-to-end encryption March 16, 2015 Yahoo's trying a new approach of guillotining 2FA and discarding the step of having to have a primary password to begin with. Rather, its "on demand" passwords are going to rely solely on the second half of 2FA: namely, the one-use code sent to a mobile phone. Users will have to call up one of the codes every time they access Yahoo Mail. Sophos March 10, 2015 Fixes Stuxnet Bug, Again shipped a bundle of security updates to address more than three dozen vulnerabilities in Windows and associated software. Included in the batch is a fix for a flaw first patched in 2010 the very same vulnerability that led to the discovery of the infamous cyberweapon known as Stuxnet. Krebsonsecurity March 13, 2015 Google Apps Defect Leaks Private WHOIS Data Of 280,000 Google has notified hundreds of thousands of domain registrants that their private WHOIS information has been exposed in the clear, opening them up to identity theft, phishing scams and more. The problem likely lies with one of Google s registrar partners enom and affects 94 percent of the 305,925 domains registered through the partnership. Threatpost March 5, 2015 Warns Schannel Vulnerable to FREAK Attacks issued an advisory warning Windows users that Secure Channel, or Schannel, the Windows implementation of SSL/TLS, is vulnerable to the FREAK attack. Threatpost March 3, 2015 New POS Malware Uses Mailslots to Avoid Detection New point-of-sale malware, LogPOS, has been using Windows mailslots technology that evades detection by allowing the malware to inject code and act like a client while it shuttles stolen credit card numbers off to its command and control server. Threatpost
18 18 Date News Source GitHub suffers 'largest DDoS' attack in site's history March 30, 2015 GitHub is suffering a DDoS attack deemed the largest in the website's history and believed to originate from China. The coding website is a popular repository for projects from game engines to security applications and web app frameworks, and is used by programmers and tech firms to develop and share tools. Zdnet Table 4: Security News in March 2015
19 19 Postal Address: Indian Computer Emergency Response Team (CERT-In) Department of Information Technology Ministry of Communications & Information Technology Government of India Electronics Niketan 6, CGO Complex, Lodhi Road, New Delhi India incident@cert-in.org.in Phone: Fax :
Monthly Security Bulletin. Indian Computer Emergency Response Team. Department of Electronics and Information Technology
Indian Computer Emergency Response Team Department of Electronics and Information Technology Ministry of Communications and Information Technology Government of India Monthly Security Bulletin April 2015
More informationIndian Computer Emergency Response Team (CERT-In) Annual Report (2010)
Indian Computer Emergency Response Team (CERT-In) Annual Report (2010) Indian Computer Emergency Response Team (CERT-In) Department of Information Technology Ministry of Communications & Information Technology
More informationCYBERTRON NETWORK SOLUTIONS
CYBERTRON NETWORK SOLUTIONS CybertTron Certified Ethical Hacker (CT-CEH) CT-CEH a Certification offered by CyberTron @Copyright 2015 CyberTron Network Solutions All Rights Reserved CyberTron Certified
More informationCertified Ethical Hacker Exam 312-50 Version Comparison. Version Comparison
CEHv8 vs CEHv7 CEHv7 CEHv8 19 Modules 20 Modules 90 Labs 110 Labs 1700 Slides 1770 Slides Updated information as per the latest developments with a proper flow Classroom friendly with diagrammatic representation
More informationWindows Remote Access
Windows Remote Access A newsletter for IT Professionals Education Sector Updates Issue 1 I. Background of Remote Desktop for Windows Remote Desktop Protocol (RDP) is a proprietary protocol developed by
More information============================================================= =============================================================
Stephan Lantos Subject: FW: @RISK: The Consensus Security Vulnerability Alert: Vol. 13, Num. 23 In partnership with SANS and Sourcefire, Qualys is pleased to provide you with the @RISK Newsletter. This
More informationWHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats
WHITE PAPER FortiWeb and the OWASP Top 10 PAGE 2 Introduction The Open Web Application Security project (OWASP) Top Ten provides a powerful awareness document for web application security. The OWASP Top
More informationDeep Security/Intrusion Defense Firewall - IDS/IPS Coverage Statistics and Comparison
Deep Security/Intrusion Defense Firewall - IDS/IPS Trend Micro, Incorporated A technical brief summarizing vulnerability coverage provided by Deep Security and Intrusion Defense Firewall. The document
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Technical and Operational Requirements for Approved Scanning Vendors (ASVs) Version 1.1 Release: September 2006 Table of Contents Introduction...1-1 Naming
More informationDeep Security Intrusion Detection & Prevention (IDS/IPS) Coverage Statistics and Comparison
Deep Security Intrusion Detection & Prevention (IDS/IPS) Trend Micro, Incorporated A technical brief summarizing vulnerability coverage provided by Deep Security. The document also outlines a comparison
More informationTHE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS
THE SMARTEST WAY TO PROTECT WEBSITES AND WEB APPS FROM ATTACKS INCONVENIENT STATISTICS 70% of ALL threats are at the Web application layer. Gartner 73% of organizations have been hacked in the past two
More informationThe Key to Secure Online Financial Transactions
Transaction Security The Key to Secure Online Financial Transactions Transferring money, shopping, or paying debts online is no longer a novelty. These days, it s just one of many daily occurrences on
More informationThe purpose of this report is to educate our prospective clients about capabilities of Hackers Locked.
This sample report is published with prior consent of our client in view of the fact that the current release of this web application is three major releases ahead in its life cycle. Issues pointed out
More informationSecurityTracker Monday Morning Vulnerability Summary Dec 17, 2012
SecurityTracker Monday Morning Vulnerability Summary Dec 17, 2012 In This Week's SecurityTracker Vulnerability Summary SecurityTracker Alerts: 26 Vendors: Adobe Systems Incorporated - Blue Coat Systems
More informationHow to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering
How to break in Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering Time Agenda Agenda Item 9:30 10:00 Introduction 10:00 10:45 Web Application Penetration
More informationINDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION
INDUSTRIAL CONTROL SYSTEMS CYBER SECURITY DEMONSTRATION Prepared for the NRC Fuel Cycle Cyber Security Threat Conference Presented by: Jon Chugg, Ken Rohde Organization(s): INL Date: May 30, 2013 Disclaimer
More informationCEH Version8 Course Outline
CEH Version8 Course Outline Module 01: Introduction to Ethical Hacking Information Security Overview Information Security Threats and Attack Vectors Hacking Concepts Hacking Phases Types of Attacks Information
More informationInformation Security Threat Trends
Talk @ Microsoft Security Day Sep 2005 Information Security Threat Trends Mr. S.C. Leung 梁 兆 昌 Senior Consultant 高 級 顧 問 CISSP CISA CBCP M@PISA Email: scleung@hkcert.org 香 港 電 腦 保 安 事 故 協 調 中 心 Introducing
More informationMANAGED SECURITY TESTING
MANAGED SECURITY TESTING SERVICE LEVEL COMPARISON External Network Testing (EVS) Scanning Basic Threats Penetration Testing Network Vulnerability Scan Unauthenticated Web App Scanning Validation Of Scan
More informationIBM Protocol Analysis Module
IBM Protocol Analysis Module The protection engine inside the IBM Security Intrusion Prevention System technologies. Highlights Stops threats before they impact your network and the assets on your network
More informationUnderstanding Web Application Security Issues
Understanding Web Application Security Issues Pankaj Sharma January 30, 2009 Indian Computer Emergency Response Team ( CERT - IN ) Department Of Information Technology 1 Agenda Introduction What are Web
More informationCurrent Threat Scenario and Recent Attack Trends
Current Threat Scenario and Recent Attack Trends Anil Sagar Additional Director Indian Computer Emergency Response Team (CERT-In) Objectives Current Cyber space Nature of cyberspace and associated risks
More informationProtecting Your Organisation from Targeted Cyber Intrusion
Protecting Your Organisation from Targeted Cyber Intrusion How the 35 mitigations against targeted cyber intrusion published by Defence Signals Directorate can be implemented on the Microsoft technology
More informationWEB ATTACKS AND COUNTERMEASURES
WEB ATTACKS AND COUNTERMEASURES February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationIs Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security
Is Drupal secure? A high-level perspective on web vulnerabilities, Drupal s solutions, and how to maintain site security Presented 2009-05-29 by David Strauss Thinking Securely Security is a process, not
More informationHacking the WordpressEcosystem
Hacking the WordpressEcosystem About Me Dan Catalin VASILE Information Security Consultant Researcher / Writer / Presenter OWASP Romania Board Member Online presence http://www.pentest.ro dan@pentest.ro/
More informationCyber Security Metrics Dashboards & Analytics
Cyber Security Metrics Dashboards & Analytics Feb, 2014 Robert J. Michalsky Principal, Cyber Security NJVC, LLC Proprietary Data UNCLASSIFIED Agenda Healthcare Sector Threats Recent History Security Metrics
More informationCertified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led
Certified Ethical Hacker (CEH) Ethical Hacking & Counter Measures Course 9962; 5 Days, Instructor-Led Course Description This class will immerse the student into an interactive environment where they will
More informationSECURITY TRENDS & VULNERABILITIES REVIEW 2015
SECURITY TRENDS & VULNERABILITIES REVIEW 2015 Contents 1. Introduction...3 2. Executive summary...4 3. Inputs...6 4. Statistics as of 2014. Comparative study of results obtained in 2013...7 4.1. Overall
More informationSecurity A to Z the most important terms
Security A to Z the most important terms Part 1: A to D UNDERSTAND THE OFFICIAL TERMINOLOGY. This is F-Secure Labs. Learn more about the most important security terms with our official explanations from
More informationClient logo placeholder XXX REPORT. Page 1 of 37
Client logo placeholder XXX REPORT Page 1 of 37 Report Details Title Xxx Penetration Testing Report Version V1.0 Author Tester(s) Approved by Client Classification Confidential Recipient Name Title Company
More informationCOURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM
COURSE NAME: INFORMATION SECURITY INTERNSHIP PROGRAM Course Description This is the Information Security Training program. The Training provides you Penetration Testing in the various field of cyber world.
More informationIBM Advanced Threat Protection Solution
IBM Advanced Threat Protection Solution Fabio Panada IBM Security Tech Sales Leader 1 Advanced Threats is one of today s key mega-trends Advanced Threats Sophisticated, targeted attacks designed to gain
More informationArcGIS Server Security Threats & Best Practices 2014. David Cordes Michael Young
ArcGIS Server Security Threats & Best Practices 2014 David Cordes Michael Young Agenda Introduction Threats Best practice - ArcGIS Server settings - Infrastructure settings - Processes Summary Introduction
More informationCRYPTUS DIPLOMA IN IT SECURITY
CRYPTUS DIPLOMA IN IT SECURITY 6 MONTHS OF TRAINING ON ETHICAL HACKING & INFORMATION SECURITY COURSE NAME: CRYPTUS 6 MONTHS DIPLOMA IN IT SECURITY Course Description This is the Ethical hacking & Information
More informationWeb Vulnerability Scanner by Using HTTP Method
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 4, Issue. 9, September 2015,
More informationWeb Application Vulnerability Testing with Nessus
The OWASP Foundation http://www.owasp.org Web Application Vulnerability Testing with Nessus Rïk A. Jones, CISSP rikjones@computer.org Rïk A. Jones Web developer since 1995 (16+ years) Involved with information
More informationTespok Kenya icsirt: Enterprise Cyber Threat Attack Targets Report
Tespok Kenya icsirt: Enterprise Cyber Threat Attack Targets Report About this Report This report was compiled and published by the Tespok icsirt in partnership with the Serianu Cyber Threat Intelligence
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationMCAFEE FOUNDSTONE FSL UPDATE
MCAFEE FOUNDSTONE FSL UPDATE 2012-JUN-13 To better protect your environment McAfee has created this FSL check update for the Foundstone Product Suite. The following is a detailed summary of the new and
More informationMembers of the UK cyber security forum. Soteria Health Check. A Cyber Security Health Check for SAP systems
Soteria Health Check A Cyber Security Health Check for SAP systems Soteria Cyber Security are staffed by SAP certified consultants. We are CISSP qualified, and members of the UK Cyber Security Forum. Security
More informationBeyond Aurora s Veil: A Vulnerable Tale
Beyond Aurora s Veil: A Vulnerable Tale Derek Manky Cyber Security & Threat Research FortiGuard Labs October 26th, 2010: SecTor 2010 Toronto, CA Conficker: April Doomsday.. Meanwhile JBIG2 Zero Day PDF/SWF
More informationXerox Next Generation Security: Partnering with McAfee White Paper
Xerox Next Generation Security: Partnering with McAfee White Paper 1 Background Today s MFPs are complex embedded systems. They contain, among other things, full scale operating systems, embedded web servers,
More informationKeyword: Cloud computing, service model, deployment model, network layer security.
Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging
More informationCommon Security Vulnerabilities in Online Payment Systems
Common Security Vulnerabilities in Online Payment Systems Author- Hitesh Malviya(Information Security analyst) Qualifications: C!EH, EC!SA, MCITP, CCNA, MCP Current Position: CEO at HCF Infosec Limited
More informationExcellence Doesn t Need a Certificate. Be an. Believe in You. 2014 AMIGOSEC Consulting Private Limited
Excellence Doesn t Need a Certificate Be an 2014 AMIGOSEC Consulting Private Limited Believe in You Introduction In this age of emerging technologies where IT plays a crucial role in enabling and running
More informationDetailed Description about course module wise:
Detailed Description about course module wise: Module 1: Basics of Networking and Major Protocols 1.1 Networks and its Types. 1.2 Network Topologies 1.3 Major Protocols and their Functions 1.4 OSI Reference
More informationThis session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.
The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com
More informationExecutive Summary On IronWASP
Executive Summary On IronWASP CYBER SECURITY & PRIVACY FOUNDATION 1 Software Product: IronWASP Description of the Product: IronWASP (Iron Web application Advanced Security testing Platform) is an open
More informationProtect Yourself in the Cloud Age
Protect Yourself in the Cloud Age Matthew Wu Consultant Hong Kong Computer Emergency Response Team Coordination Centre About HKCERT HKCERT ( 香 港 電 腦 保 安 事 故 協 調 中 心 ) Established in 2001 Funding & Operation
More information3. Broken Account and Session Management. 4. Cross-Site Scripting (XSS) Flaws. Web browsers execute code sent from websites. Account Management
What is an? s Ten Most Critical Web Application Security Vulnerabilities Anthony LAI, CISSP, CISA Chapter Leader (Hong Kong) anthonylai@owasp.org Open Web Application Security Project http://www.owasp.org
More informationAdvanced Persistent Threats
White Paper INTRODUCTION Although most business leaders and IT managers believe their security technologies adequately defend against low-level threats, instances of (APTs) have increased. APTs, which
More informationBOTNETS. Douwe Leguit, Manager Knowledge Center GOVCERT.NL
BOTNETS Douwe Leguit, Manager Knowledge Center GOVCERT.NL Agenda Bots: what is it What is its habitat How does it spread What are its habits Dutch cases Ongoing developments Visibility of malware vs malicious
More informationWeb Application Hacking (Penetration Testing) 5-day Hands-On Course
Web Application Hacking (Penetration Testing) 5-day Hands-On Course Web Application Hacking (Penetration Testing) 5-day Hands-On Course Course Description Our web sites are under attack on a daily basis
More informationTopics in Network Security
Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure
More informationABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST
ABC LTD EXTERNAL WEBSITE AND INFRASTRUCTURE IT HEALTH CHECK (ITHC) / PENETRATION TEST Performed Between Testing start date and end date By SSL247 Limited SSL247 Limited 63, Lisson Street Marylebone London
More informationState of The Art: Automated Black Box Web Application Vulnerability Testing. Jason Bau, Elie Bursztein, Divij Gupta, John Mitchell
Stanford Computer Security Lab State of The Art: Automated Black Box Web Application Vulnerability Testing, Elie Bursztein, Divij Gupta, John Mitchell Background Web Application Vulnerability Protection
More informationCompTIA Security+ (Exam SY0-410)
CompTIA Security+ (Exam SY0-410) Length: Location: Language(s): Audience(s): Level: Vendor: Type: Delivery Method: 5 Days 182, Broadway, Newmarket, Auckland English, Entry Level IT Professionals Intermediate
More informationHong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望
Hong Kong Information Security Outlook 2015 香 港 資 訊 保 安 展 望 Agenda Information Security Trends Year 2014 in Review Outlook for 2015 Advice to the Public Hong Kong Computer Emergency Response Team Coordination
More informationMalicious Network Traffic Analysis
Malicious Network Traffic Analysis Uncover system intrusions by identifying malicious network activity. There are a tremendous amount of network based attacks to be aware of on the internet today and the
More informationWEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY
WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY www.alliancetechpartners.com WEB SECURITY CONCERNS THAT WEB VULNERABILITY SCANNING CAN IDENTIFY More than 70% of all websites have vulnerabilities
More informationHack Proof Your Webapps
Hack Proof Your Webapps About ERM About the speaker Web Application Security Expert Enterprise Risk Management, Inc. Background Web Development and System Administration Florida International University
More informationDatabase Auditing: Best Practices. Rob Barnes, CISA Director of Security, Risk and Compliance Operations rbarnes@appsecinc.com
Database Auditing: Best Practices Rob Barnes, CISA Director of Security, Risk and Compliance Operations rbarnes@appsecinc.com Verizon 2009 Data Breach Investigations Report: 285 million records were compromised
More informationGuidelines for Website Security and Security Counter Measures for e-e Governance Project
and Security Counter Measures for e-e Governance Project Mr. Lalthlamuana PIO, DoICT Background (1/8) Nature of Cyber Space Proliferation of Information Technology Rapid Growth in Internet Increasing Online
More informationNetworking for Caribbean Development
Networking for Caribbean Development BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n o g. o r g N E T W O R K I N G F O R C A R I B B E A N D E V E L O P M E N T BELIZE NOV 2 NOV 6, 2015 w w w. c a r i b n
More informationWhen a student leaves this intensive 5 day class they will have hands on understanding and experience in Ethical Hacking.
Ethical Hacking and Countermeasures Course Description: This class will immerse the student into an interactive environment where they will be shown how to scan, test, hack and secure their own systems.
More informationETHICAL HACKING 010101010101APPLICATIO 00100101010WIRELESS110 00NETWORK1100011000 101001010101011APPLICATION0 1100011010MOBILE0001010 10101MOBILE0001
001011 1100010110 0010110001 010110001 0110001011000 011000101100 010101010101APPLICATIO 0 010WIRELESS110001 10100MOBILE00010100111010 0010NETW110001100001 10101APPLICATION00010 00100101010WIRELESS110
More informationBotnets: The Advanced Malware Threat in Kenya's Cyberspace
Botnets: The Advanced Malware Threat in Kenya's Cyberspace AfricaHackon 28 th February 2014 Who we Are! Paula Musuva-Kigen Research Associate Director, Centre for Informatics Research and Innovation (CIRI)
More informationWEB SECURITY. Oriana Kondakciu 0054118 Software Engineering 4C03 Project
WEB SECURITY Oriana Kondakciu 0054118 Software Engineering 4C03 Project The Internet is a collection of networks, in which the web servers construct autonomous systems. The data routing infrastructure
More informationE-commerce. Security. Learning objectives. Internet Security Issues: Overview. Managing Risk-1. Managing Risk-2. Computer Security Classifications
Learning objectives E-commerce Security Threats and Protection Mechanisms. This lecture covers internet security issues and discusses their impact on an e-commerce. Nov 19, 2004 www.dcs.bbk.ac.uk/~gmagoulas/teaching.html
More informationThe McAfee SECURE TM Standard
The McAfee SECURE TM Standard December 2008 What is the McAfee SECURE Standard? McAfee SECURE Comparison Evaluating Website s Security Status Websites Not In Compliance with McAfee SECURE Standard Benefits
More informationEnterprise Mobile Threat Report
Enterprise Mobile Threat Report The State of ios and Android Security Threats to Enterprise Mobility I. Introduction This report examines enterprise security threats for ios and Android. While Android
More informationThe Top Web Application Attacks: Are you vulnerable?
QM07 The Top Web Application Attacks: Are you vulnerable? John Burroughs, CISSP Sr Security Architect, Watchfire Solutions jburroughs@uk.ibm.com Agenda Current State of Web Application Security Understanding
More informationRational AppScan & Ounce Products
IBM Software Group Rational AppScan & Ounce Products Presenters Tony Sisson and Frank Sassano 2007 IBM Corporation IBM Software Group The Alarming Truth CheckFree warns 5 million customers after hack http://infosecurity.us/?p=5168
More informationWeb Application Worms & Browser Insecurity
Web Application Worms & Browser Insecurity Mike Shema Welcome Background Hacking Exposed: Web Applications The Anti-Hacker Toolkit Hack Notes: Web Security Currently working at Qualys
More informationDescription: Course Details:
Course: Malicious Network Traffic Analysis Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: There are a tremendous amount of network based attacks to be aware of on the internet
More informationComprehensive Malware Detection with SecurityCenter Continuous View and Nessus. February 3, 2015 (Revision 4)
Comprehensive Malware Detection with SecurityCenter Continuous View and Nessus February 3, 2015 (Revision 4) Table of Contents Overview... 3 Malware, Botnet Detection, and Anti-Virus Auditing... 3 Malware
More informationV ISA SECURITY ALERT 13 November 2015
V ISA SECURITY ALERT 13 November 2015 U P DATE - CYBERCRIMINALS TARGE TING POINT OF SALE INTEGRATORS Distribution: Value-Added POS Resellers, Merchant Service Providers, Point of Sale Providers, Acquirers,
More informationMatriXay WEB Application Vulnerability Scanner V 5.0. 1. Overview. (DAS- WEBScan ) - - - - - The best WEB application assessment tool
MatriXay DAS-WEBScan MatriXay WEB Application Vulnerability Scanner V 5.0 (DAS- WEBScan ) - - - - - The best WEB application assessment tool 1. Overview MatriXay DAS- Webscan is a specific application
More informationEmerging Network Security Threats and what they mean for internal auditors. December 11, 2013 John Gagne, CISSP, CISA
Emerging Network Security Threats and what they mean for internal auditors December 11, 2013 John Gagne, CISSP, CISA 0 Objectives Emerging Risks Distributed Denial of Service (DDoS) Attacks Social Engineering
More informationWeb applications. Web security: web basics. HTTP requests. URLs. GET request. Myrto Arapinis School of Informatics University of Edinburgh
Web applications Web security: web basics Myrto Arapinis School of Informatics University of Edinburgh HTTP March 19, 2015 Client Server Database (HTML, JavaScript) (PHP) (SQL) 1 / 24 2 / 24 URLs HTTP
More informationCreating Stronger, Safer, Web Facing Code. JPL IT Security Mary Rivera June 17, 2011
Creating Stronger, Safer, Web Facing Code JPL IT Security Mary Rivera June 17, 2011 Agenda Evolving Threats Operating System Application User Generated Content JPL s Application Security Program Securing
More informationWeb application testing
CL-WTS Web application testing Classroom 2 days Testing plays a very important role in ensuring security and robustness of web applications. Various approaches from high level auditing through penetration
More informationHow to complete the Secure Internet Site Declaration (SISD) form
1 How to complete the Secure Internet Site Declaration (SISD) form The following instructions are designed to assist you in completing the SISD form that forms part of your Merchant application. Once completed,
More informationEndpoint protection for physical and virtual desktops
datasheet Trend Micro officescan Endpoint protection for physical and virtual desktops In the bring-your-own-device (BYOD) environment, protecting your endpoints against ever-evolving threats has become
More informationWeb application security
Web application security Sebastian Lopienski CERN Computer Security Team openlab and summer lectures 2010 (non-web question) Is this OK? int set_non_root_uid(int uid) { // making sure that uid is not 0
More informationMalware Analysis Quiz 6
Malware Analysis Quiz 6 1. Are these files packed? If so, which packer? The file is not packed, as running the command strings shelll reveals a number of interesting character sequences, such as: irc.ircnet.net
More informationCyber Security & Role of CERT-In. Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in
Cyber Security & Role of CERT-In Dr. Gulshan Rai Director General, CERT-IN Govt. of India grai@mit.gov.in Web Evolution Web Sites (WWW) 1993 Web Invented and implemented 130 Nos. web sites 1994 2738 Nos.
More informationA Systems Engineering Approach to Developing Cyber Security Professionals
A Systems Engineering Approach to Developing Cyber Security Professionals D r. J e r r y H i l l Approved for Public Release; Distribution Unlimited. 13-3793 2013 The MITRE Corporation. All rights reserved.
More informationVulnerability-Focused Threat Detection: Protect Against the Unknown
Vulnerability-Focused Threat Detection: Protect Against the Unknown Vulnerabilities and threats are being discovered at a pace that traditional exploit-based attack detection technology cannot meet. Vulnerability-focused
More informationDeep Security Vulnerability Protection Summary
Deep Security Vulnerability Protection Summary Trend Micro, Incorporated This documents outlines the process behind rules creation and answers common questions about vulnerability coverage for Deep Security
More informationWhere every interaction matters.
Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper
More informationHow To Manage Web Content Management System (Wcm)
WEB CONTENT MANAGEMENT SYSTEM February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationCurrent counter-measures and responses by CERTs
Current counter-measures and responses by CERTs Jeong, Hyun Cheol hcjung@kisa.or.kr April. 2007 Contents I. Malware Trends in Korea II. Malware from compromised Web sites III. Case Study : Malware countermeasure
More informationWeb Hosting Control Panel
Web Hosting Control Panel Page 1 Our web hosting control panel has been created to provide you with all the tools you need to make the most of your website. Web Hosting Control Panel Home Page Once you
More informationBYPASSING THE ios GATEKEEPER
BYPASSING THE ios GATEKEEPER AVI BASHAN Technology Leader Check Point Software Technologies, Ltd. OHAD BOBROV Director, Mobile Threat Prevention Check Point Software Technologies, Ltd. EXECUTIVE SUMMARY
More informationAgenda. John Veldhuis, Sophos The playing field Threats Mobile Device Management. Pagina 2
Mobile Security Agenda John Veldhuis, Sophos The playing field Threats Mobile Device Management Pagina 2 The Changing Mobile World Powerful devices Access everywhere Mixed ownership User in charge Powerful
More informationSecurity Awareness For Website Administrators. State of Illinois Central Management Services Security and Compliance Solutions
Security Awareness For Website Administrators State of Illinois Central Management Services Security and Compliance Solutions Common Myths Myths I m a small target My data is not important enough We ve
More informationASL IT SECURITY BEGINNERS WEB HACKING AND EXPLOITATION
ASL IT SECURITY BEGINNERS WEB HACKING AND EXPLOITATION V 2.0 A S L I T S e c u r i t y P v t L t d. Page 1 Overview: Learn the various attacks like sql injections, cross site scripting, command execution
More information(WAPT) Web Application Penetration Testing
(WAPT) Web Application Penetration Testing Module 0: Introduction 1. Introduction to the course. 2. How to get most out of the course 3. Resources you will need for the course 4. What is WAPT? Module 1:
More information