Overview The report captures all essential activities undertaken by BtCIRT from July to December 2017. The overall mission of BtCIRT is to enhance cyber security in Bhutan by enabling cybersecurity information coordination and by establishing computer security incident handling capabilities within the country. Inline with its mission, BtCIRT has conducted security workshops, published articles and alerts on latest cyber trends, threats, vulnerabilities and best practices. BtCIRT also conducted security awareness program targeting end users, developed security baseline and conducted organisational security assessment of some of the organisations. View Report ...
Meltdown and Spectre Vulnerability
A vulnerability named Meltdown and Spectre is known to affect modern computer processors, whether it is computers, routers,firewalls, servers or mobile devices and its exploitation would allow an attacker to gain access to confidential information such a system password. Systems Affected: While Meltdown vulnerability affects operating systems running Intel CPUs only, the Spectre vulnerabilities affect operating systems running Intel, AMD and ARM CPUs. Mitigation: Please visit following sources for the list of vendors who resolved the vulnerabilities and apply necessary patches: https://www.us-cert.gov/ncas/alerts/TA18-004A https://www.thaicert.or.th/alerts/user/2018/al2018us001.html Patch and be protected...
KRACK Attack
A new type of attack known as KRACK(Key Reinstallation AttaCKs) was discovered by Mathy Vanhoef of imec-DistriNet which, essentially is a vulnerability in the WPA2 protocol, which till date was considered as a secure protocol for Wi-Fi connection. Thus, it affects all products that support WiFi. BtCIRT recommends users and administrators to keep your devices updated with the patch the vendors provide as soon as they are released and make sure to use HTTPS while transmitting sensitive information. More details about the attack are available at: ABC News on KRACK and WiFi KRACK – Key Reinstallation AttaCKs. More Technical...
Browser security
Web Browser is used to access information resources like websites, images, videos from the World Wide Wave(WWW). Google Chrome, Microsoft Edge, Safari, Firefox are some of the commonly used browsers. Since these browsers are installed not only on Computers but also on cell phones, tablets and IoTs, it has become one of the most used channel for cyber attack. Therefore, it is critical to understand the importance of using these browsers in a secure manner. By default, most of the browsers come with minimum security features enabled, thus creating an easy platform for hacker to launch malicious code to get...
Extracting Full Email Header
Google Mail (GMail): Login to your account on the webpage and open the message (click on it). Click on the “down-arrow” on the top-right of the message and select “Show Original”. Now you will see the complete message source. Yahoo! Mail: Login to your account on the webpage and open the message (click on it). Click on “Actions” and select “View Full Header”. Hotmail : Login to your account on the webpage and go to the message list. Right-click on the message and select “View Message Source”. MS Outlook Open the message in MS Outlook. Right-click the message in...