KRACK Attack

Print Friendly, PDF & Email

A new type of attack known as KRACK(Key Reinstallation AttaCKs)  was discovered by Mathy Vanhoef of imec-DistriNet which, essentially is  a vulnerability in the WPA2 protocol, which till date was considered as a secure protocol for  Wi-Fi connection. Thus, it affects all products that support WiFi. BtCIRT  recommends users and administrators  to keep  your devices updated with the patch the vendors provide as soon as they are released and make sure to use HTTPS while transmitting sensitive information. More details about the attack are available at: ABC News on KRACK and  WiFi KRACK – Key Reinstallation AttaCKs. More Technical details […]

Browser security

Print Friendly, PDF & Email

Web Browser is used to access information resources like websites, images, videos from the World Wide Wave(WWW).  Google Chrome, Microsoft Edge, Safari, Firefox are some of the commonly used browsers. Since these browsers are installed not only on Computers but also on cell phones, tablets and IoTs,  it has become one of the most used channel for cyber attack. Therefore, it is critical to understand the importance of using these browsers in a secure manner. By default,  most of the browsers come with minimum security features enabled, thus creating an easy platform for hacker to launch malicious code to get control […]

Extracting Full Email Header

Print Friendly, PDF & Email

Google Mail (GMail): Login to your account on the webpage and open the message (click on it). Click on the “down-arrow” on the top-right of the message and select “Show Original”. Now you will see the complete message source. Yahoo! Mail: Login to your account on the webpage and open the message (click on it). Click on “Actions” and select “View Full Header”. Hotmail : Login to your account on the webpage and go to the message list. Right-click on the message and select “View Message Source”. MS Outlook Open the message in MS Outlook. Right-click the message in the […]

Protection from Phishing

Print Friendly, PDF & Email

How to Protect from Phishing   Phishing is a technique deployed to solicit information from users through various means. The most popular are emails that uncanningly looks legitimate to unsuspecting users. Usually, the emails allure the users to click on a link that redirects to fraudulent websites that appears legitimate. Once the users are on the redirected website, they are asked to provide credentials such as usernames and passwords, that can potentially pose the users to risk for future compromises. Moreover, these fraudulent websites may contain malicious codes that can steal informations related to users from their browser’s cookies. Phishing […]

CMS Security

Print Friendly, PDF & Email

Today virtually all websites are powered by CMSes, of which WordPress, Joomla and Drupal have racked up over 70% of the market share between them as per statistics from Web Technology Surveys. A CMS enables anybody to build a web application with minimum technical knowledge. This widespread popularity due to ease of developing has therefore lead many such sites to be targeted. The WPScan Vulnerability Database shows almost 6,000 known vulnerabilities with WordPress, related to the core code or the publicly available plugins. A study of 500 cybersecurity service providing companies carried out by CMS Wire, revealed that “298 had […]