Description Memcache is temporary data storage service used to improve the overall performance of the website by storing chunks of data in a cache. If misconfigured memcached on port 11211 UDP & TCP is used to cause reflection DOS attack (send a spoofed packet to a device and have it reflected back). Memcached allows access to the data stored in the cache without any form of authentication and the attacker can easily access data in the corresponding caches and even modify them. How to Fix: Bind the Memcache server to a particular Source IP Only. Don’t expose this service in the […]
Tuesday 6th of February 2018 is globally marked as Safer Internet Day 2018 with the theme: ” Create, Connect and Share Respect: A better Internet starts with you“ . Every individual internet user has a role to play in making the internet a safer space. BtCIRT encourages everyone to review following advisories at BtCIRT website and remember simple steps you as an individual cyber citizen can take to secure internet world. Protecting-Privacy-on-the-internet Browser Security Protection from Phishing Mobile Security We also recommend you to visit childnet-safer-internet-day and https://www.saferinternet.org.uk/safer-internet-day/2018 to gain insight on how to be safer online.
Money Mules are people who consciously or innocently serve as intermediaries to move stolen/illegal money using their bank account(s) on behalf of criminals/fraudsters. While we have known of only rare cases in Bhutan, lots of these are happening around the globe. How does it happen: The criminal will get in touch with the victim via email, instant messaging apps, job website, blogs or even phone calls. They will convince the victim into providing their bank account details with either an attractive job , commissions or by seeking sympathy. The Fraudsters will transfer an amount into the victims account. Then the […]
A vulnerability named Meltdown and Spectre is known to affect modern computer processors, whether it is computers, routers,firewalls, servers or mobile devices and its exploitation would allow an attacker to gain access to confidential information such a system password. Systems Affected: While Meltdown vulnerability affects operating systems running Intel CPUs only, the Spectre vulnerabilities affect operating systems running Intel, AMD and ARM CPUs. Mitigation: Please visit following sources for the list of vendors who resolved the vulnerabilities and apply necessary patches: https://www.us-cert.gov/ncas/alerts/TA18-004A https://www.thaicert.or.th/alerts/user/2018/al2018us001.html Patch and be protected
A new type of attack known as KRACK(Key Reinstallation AttaCKs) was discovered by Mathy Vanhoef of imec-DistriNet which, essentially is a vulnerability in the WPA2 protocol, which till date was considered as a secure protocol for Wi-Fi connection. Thus, it affects all products that support WiFi. BtCIRT recommends users and administrators to keep your devices updated with the patch the vendors provide as soon as they are released and make sure to use HTTPS while transmitting sensitive information. More details about the attack are available at: ABC News on KRACK and WiFi KRACK – Key Reinstallation AttaCKs. More Technical details […]