Category Archive Information Security

ByJayanthi

Definition of the day: What is malware?

‘Malware’ is  short form for ‘malicious software’. ‘Malware’ encompasses viruses, worms, Trojan horse, ransomware etc

Examples of malware include: Wannacry ransomware

Destruction produced by malware: computers will freeze, the computer can be used to launch attacks, the computer will crash, your data will be maliciously deleted etc.

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA. She has written blogs for Simplilearn, Whizlabs software, InfoSec institute and Jigsaw academy. She has created e-learning videos for Whizlabs software and Twenty19.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

What is the CISSP certification?

No sooner do we start looking for jobs in the InfoSec industry, we encounter the question “Do you have any certifications?” This post will delve into the most popular certification – the CISSP.

Introduction:

As social media rages ahead so do other forms of sophisticated attacks. Information Security was a term that was barely used about 20 years ago. Yet, it has begun to play a major role today and will continue to do so in the future. The demand for Security professionals has also exponentially increased and the way to step into the most sought after career is to be certified.

Employers will look for a proper mix of certification and experience to short list prospective candidates. Employees will climb up the information security ladder faster if they are certified.  What is the CISSP certification? Let’s find out:

 

Upto 500 Rs off on Wonderla!

The CISSP certification

CISSP’ is ‘Certified Information Systems Security Professional. 

 (ISC)2 is the ‘International Information Systems Security Certification Consortium’ and is one of the most prevalent and widely accepted standards for Information Security certification. (ISC)2 delivers the CISSP certification.

Achieving the CISSP certification is the gold standard for all security professionals. It is the first credential accredited by the ANSI/ISO/IEC Standard 17024:2003. A person who has the achieved the CISSP certification will command international respect.

      The requirements for appearing for the exam are as follows:

  1. Have five years of demonstrated Information Security experience in two or more of the ten domains of the CISSP exam(However, if one does not have the required experience to take the exam, one can become an Associate of (ISC)2 and clear the exam after gaining enough experience to take the exam within 6 years)
  2. Subscribe to the (ISC)2 code of ethics
  3. Pass the CISSP exam and complete the endorsement process

     The different domains of the CISSP exam and their weightage are listed below:

Security and Risk Management16%
Asset Security10%
Security Engineering12%
Communications and Network Security12%
Identity and Access Management13%
Security Assessment and Testing11%
Security Operations16%
Software Development Security10%

 

The Exam:

Duration: 6 hrs

No. of questions: 250

Pattern: Multiple choice and “advanced innovative questions”

Passing grade: 700 out of 1000 points

Benefits of the CISSP certification:

Since the CISSP certification is what most employers look for in prospective employees of information security, it is “THE” certification to achieve. It is the most sought certification in an employee.

Since the field is a dynamically changing one unlike most other professions CISSPs must recertify every three years and maintain their certification too.

 For professionals, who have achieved the CISSP gold standard and are wondering “What next?”  there are  other CISSP concentrations like CISSP-ISSAP, CISSP-ISSEP, CISSP-ISSMP.

Latest Update:

(ISC)2 is all set to introduce the CAT(Computerized Adaptive Testing ) for all CISSP English tests worldwide from December 18, 2017.  This is expected to reduce the exam duration from 6 hrs to 3 hrs. The total number of questions to be answered will also drop from 250 to 100.

References:

https://www.isc2.org/Certifications/CISSP

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA. She has written blogs for Simplilearn, Whizlabs software, InfoSec institute and Jigsaw academy. She has created e-learning videos for Whizlabs software and Twenty19.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Did you know?

‘Whatsapp’  is India’s largest and most convenient chat app. The anonymity to send messages without the whole world to view it and the instantaneous way to communicate made the chat app a total winner. 

But the chat app had  one uncomfortable feature – for the multitude of messages sent across different groups and individuals, there was always that one message that was sometimes sent by mistake. It would always land in a group with 10-50 participants who would all be equally puzzled! 

 

 

Whatsapp has solved the unintended message dilemma by enabling a new feature:

  1. You can delete an unintended message from all group members (or individuals)
  2. The unintended message should be deleted within 7 minutes of sending it
  3. In order to make it work , the message to be deleted has to be “tapped, held and deleted” from groups or individuals
  4. Once the messages are deleted, a message “This message was deleted” will appear in the appropriate group. 
  5. In order for the ‘Delete’ feature to work, all users should have the latest version of Whatsapp installed for their phones or desktops. 
  6. If the deletion is not successful for all members of the group, there will not be a separate notification informing of the same.

Note: There is a possibility that a message will be viewed by the recipient before the sender deletes it.

What do you think of this new feature? 

 

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA. She has written blogs for Simplilearn, Whizlabs software, InfoSec institute and Jigsaw academy. She has created e-learning videos for Whizlabs software and Twenty19.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

What is Zero day vulnerability?

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA. She has written blogs for Simplilearn, Whizlabs software, InfoSec institute and Jigsaw academy. She has created e-learning videos for Whizlabs software and Twenty19.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Definition of the day: Trojan virus

The more connected we are with our tablets, mobiles, desktops, laptops, the more we are susceptible to an attack. The connected world boasts of different types of attacks. Some of them are viruses, worms, phishing emails, Trojans and so on. Malicious writers are constantly seeking new ways to exploit new vulnerabilities on new devices. We will explain the term Trojans in this post:

 

 

Similar to the fabled horse in the Trojan war (wherein the Trojan horse was used to stealthily get soldiers inside the enemy camp) –  in computer security,  a Trojan virus is a malware that disguises itself in everyday files. When an innocent user clicks on the file, the disguised Trojan virus with extraordinary capability is unleashed. Most common Trojan viruses are used to create back doors on systems, steal data from personal and business systems and remotely control a computer. 

They do not replicate themselves but propagate by common social engineering techniques thereby duping the innocent user. 

 

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA. She has written blogs for Simplilearn, Whizlabs software, InfoSec institute and Jigsaw academy. She has created e-learning videos for Whizlabs software and Twenty19.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Anatomy of the Shellshock vulnerability

If you thought, remotely seizing a machine and making it obey your orders was what sci-fi movies were made of, think again! The Shellshock vulnerability or the Bash bug vulnerability discovered in September of 2014 by Stephane Chazelas, a security researcher at Akamai firm allowed hackers to do exactly that in reality!

 It was different from other vulnerabilities because it attacked Unix, Linux and Mac OS machines instead of the traditional Windows systems. NIST (National Institute of standards and technology) named the vulnerability as, CVE-2014-7169.  It is to be noted that the terms Shellshock and Bash bug will be used interchangeably in this article.

 Why is it so named?

It was so named because it exploited a vulnerability in the shell of the Unix, Mac OS and Linux operating systems. The Shell of the Unix and Linux environment is known as GNU ‘Bourne again shell’ which gives the vulnerability its name ‘BASH’. The vulnerability affected all versions of Bash from 1.14 to 4.3.

This shell is the command line interpreter (that which is used to run commands) which is the crucial component in the vulnerability. The critical point about the Bash bug or the Shell shock vulnerability is that the machine can be exploited remotely and can be brought completely under the control of the attacker.

Hungry? Order from Swiggy!! 🙂 

In a nutshell, how does it work?

The flawed design of Linux/Unix/Mac OS Bash shell executes code after definition of the environment variable, first. Web applications are particularly susceptible since they take user input and execute accordingly. For example, when setting environment variables

env e=’() { :;}; echo new command

The interpreter executes the malicious code ‘echo new command’ first, specified after the environment variable and then executes the environment variable.  

What happens if the vulnerability has been exploited on your machine?

If your machine has been compromised and the vulnerability has been exploited these are some of the things that the hacker can do:

  1. take complete control of the OS
  2. install backdoors
  3. view/change database usernames and passwords
  4. ruin the web server by modifying its contents
  5. deface websites(TrendLabs Security Intelligence blog, 2014)

Now let’s move onto the move onto the most important point of the article, the anatomy of the attack.

 

Anatomy of the Shellshock attack:

The shellshock or the Bash bug vulnerability can be exploited under three circumstances:

  1. Machines running HTTP server using CGI scripts(which require no authentication)
  2. Machines running SSH(which require authentication)
  3. Machines running DHCP server

 

 

     We will discuss the anatomy of the Shellshock attack on the HTTP server running CGI scripts.

As an example, let us consider two machines one running Kali Linux (which is the victim machine) and one running Ubuntu OS (which is the attacker machine) Our Kali Linux system will be using the Apache web server which will be victim server.

  1. Create a CGI script and save it with .cgi extension on the victim machine. For simplicity, place it in the root folder of the Apache web server.
  2. Make sure the CGI script is executable and Apache web server executes it.
  3. Start the web server and execute the CGI script to make sure that it works accordingly
  4. Go to the attacker machine and create a ‘reverse TCP payload’ by means of Metasploit. Metasploit being a bundle of payloads and exploits – it is wise to use the popular ‘msfpayload’ for this. Note: The “reverse shell” is used by the attacker to create a listener on his machine and the victim machine connects to it. The attacker then gets the shell code.
  5. Once the “payload” has been created, make sure to see that it is indeed there.
  6. The ‘curl’ command is then used to send the payload to the victim machine by making use of ‘Bash’ vulnerability. The ‘curl’ command is the command to send data to/from a server. This can be monitored by the listener on the attacker machine. By now, the victim machine is completely under the control of the attacker. (EXPLAINED: What is SHELL SHOCK or BASH BUG and How to EXPLOIT!)

This is the successful anatomy of the Shellshock attack. To protect oneself from the Shellshock vulnerability, it is necessary to apply regular updates as and when they are released.

Bibliography

EXPLAINED: What is SHELL SHOCK or BASH BUG and How to EXPLOIT! (n.d.). Retrieved from Youtube.com: https://www.youtube.com/watch?v=u1H12rMdLTg

TrendLabs Security Intelligence blog. (2014, September 25). Retrieved from TrendMicro: https://blog.trendmicro.com/trendlabs-security-intelligence/shell-attack-on-your-server-bash-bug-cve-2014-7169-and-cve-2014-6271/

 

 

 

 

 

 

 

 

 

 

 

 

 

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA. She has written blogs for Simplilearn, Whizlabs software, InfoSec institute and Jigsaw academy. She has created e-learning videos for Whizlabs software and Twenty19.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByBala Manikandan

Java 8 – Default and Static Methods in Interfaces

Before beginning this post, I would like state that this post assumes some knowledge of Java.

 

Prior to Java 8, all methods in an interface had to be ‘abstract’. However, in Java 8, default and static methods could also be defined in interfaces. These are discussed in the following sections.

Default Methods:

A default method in an interface is used to define the ‘default’ behaviour of an object of that interface type, in case a class implementing that interface does not override the method. Unlike other interface methods, default methods have a method body. A default method is declared using the keyword ‘default’:

interface TestInterface {
      default void defaultMethod() {  }      //a default method
}

 Flat 20% cashback on Motorola, Vivo and Lenovo Smartphones

Note that the above method uses curly braces, not a semicolon. Just like normal methods, statements can be included between the curly braces. Now consider another piece of code:

package bala;

interface TestInterface{
default void print(){
System.out.println(“Default”);
}
}
class Sample1 implements TestInterface{ //overrides print()

public void print(){
System.out.println(“Not Default”);
}
}
class Sample2 implements TestInterface{} //doesn’t override

public class Test {

public static void main(String[] args) {
TestInterface obj1 = new Sample1();
TestInterface obj2 = new Sample2();
obj1.print();
obj2.print();
}
}

 

 

The above code prints:

Not Default
Default

In the above code, both the classes, Sample1 and Sample2, implement the interface TestInterface, which contains a default method.

class Sample1 overrides the print() method but Sample2 doesn’t.  In the main() method, two objects of object types Sample1 and Sample2 are created, which then invoke the print() method. Since Sample1 has the overridden print() method, the code in the overridden version executes.

But the print() method is not overridden in Sample2,  so the code in the default method of TestInterface executes. This accounts for the above output.

Static Methods:

Recall the definition of static methods – they belong to the class rather to an instance of the class.

As in classes, static methods in interfaces are the methods that can be called using the interface name itself, rather than using an object reference variable. These methods also use curly braces. Their usage is very similar to the usage of static methods in classes, as demonstrated in the following code:

package bala1;

interface TestInterface2{

static void print(){
System.out.println(“Static method inside an interface”);
}
}
public class Test2 {

public static void main(String[] args) {
TestInterface2.print();
}

}

 

As expected, the above code prints:

Static method inside an interface

We have seen the newer features of Java 8(namely – default and static methods in interfaces) in this post! Join me as I uncover some more technical aspects of the world!

Bala Manikandan is a 12th grade student in India. He is an Oracle certified Associate(OCAJP 8) Bright and Intelligent, Computers and Math are his favorite subjects!
He hopes to do path breaking research in the Computer Science field!

ByJayanthi

The ‘Apple’ of my eye! :)

For most of the Apple lovers possessing iPhones, iPods, Mac books and iPad and so on, this week was an exciting week as it saw the  launch of the iPhone 8, iPhone 8S and iPhone X. How will the new iPhone X be? Pronounced iPhone ’10’ and not iPhone ‘X’, this is the thought for most of the world(if not all!) Till we can lay our hands on it or see someone who lays their hands on it 🙂 we can only surmise a few details as of now:

Features of iPhone XDescription   
Pre-orders starting date in IndiaOctober 27
Sales will start fromNovember 3 in India
Price of iPhone X$ 999 and up

89,000 Rs in India
Wireless charging
Display5.8 inch OLED display

Highest resolution display:

2436x1125 pixels at 458 pixels per inch
Authentication Face ID instead of Touch ID and NO home button

Appearance Durable glass in the front and back

Water and dust resistant


Battery life14 hours of Internet use
ProcessorA11 Bionic chip(can manage 600 billion operations per second)

6 core processor
CameraDual 12MP TrueDepth cameras

Storage64GB

Planning to go somewhere? Try booking flights through ‘Makemytrip‘!!

The most interesting features of the iPhone X  are:

  1. Price – $999 for US markets and a cool lakh for Indian markets(256GB variants)
  2. Processor speed – The iPhone X has the A11 Bionic chip supposedly the most powerful and smartest chip
  3. Battery life – The iPhone X boasts of 14 hrs of Internet usage which will be tested in due time(Scientific American)
  4. Camera – It has a larger and faster megapixel sensor(for camera buffs and geeks, there is plenty in store with the new iPhone X to achieve superior quality pictures) 
  5. Face ID – This is obviously the most talked about authentication feature of the new iPhone X – ‘face recognition’. Apple has done away with the home button and introduced the ‘face recognition’ feature which raises interesting and new questions. While biometrics is always a better way of authenticating a user than the traditional username and password combination(not to forget remembering the umpteen number of passwords) face ID might be much more trickier than  other biometrics.  These are some of the key points regarding Face ID:
  •   For now, only one face ID will be supported per device.
  •   Going by the number of thoughts around the web, what if the device can be unlocked while sleeping or by an identical twin?

           iPhone user experience is always beautiful and in India where owning an iPhone(or any Apple product and any version) is a symbol of pride, it remains to be seen if the new iPhone X will live up to its standards. Most of the details and doubts will only be solved in due course of time – but one final question that is on everyone’s mind – is it too pricey even by Apple standards?

Thanks to Satish for his thoughts, suggestions and tips for this post!

 

 

 

 

 

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA. She has written blogs for Simplilearn, Whizlabs software, InfoSec institute and Jigsaw academy. She has created e-learning videos for Whizlabs software and Twenty19.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Types of hackers

In today’ post, we will see the different types of hackers:

 

Try Club Mahindra today!

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA. She has written blogs for Simplilearn, Whizlabs software, InfoSec institute and Jigsaw academy. She has created e-learning videos for Whizlabs software and Twenty19.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂

ByJayanthi

Which is more secure: SSL, TLS or HTTPS

Data that is passed “as-is”(without encryption) is prone to attacks by hackers and people with malicious intent. In order to pass critical financial information without being eavesdropped, it is crucial to encrypt all data. Encrypting communication allows one to pass credit card numbers, banking information and other sensitive details between the client and server and it is more secure. Encryption between the client and server is done by SSL/TLS. Before seeing which is a more secure protocol,we will first understand the terms SSL,  TLS  and HTTPS.

SSL is ‘Secure Sockets Layer‘ and it is used to secure the connection between the client and server. It makes use of public key encryption(when a public key may be used encrypt and private key may be used to decrypt –  or it can work the other way around too) and it works at the transport layer of the OSI model. It provides data integrity, confidentiality for the connections between the client and server. 

 

 SSL is now known as TLS or ‘Transport layer security‘. It is again a cryptographic protocol that is used to encrypt all communication between client and server. SSL 3.0 officially became TLS and TLS 1.2 is the latest version.  TLS is backward compatible to secure older SSL connections. 

‘HTTPS’ is ‘Hyper text transfer protocol secure’. HTTP is the building block of the Internet. HTTPis ‘HTTP’ secured with SSL/TLS.  HTTPS is synonymous with security during transmission.  Connections can be understood to be encrypted by seeing the padlock at the left hand corner of the screen or by seeing ‘https’ instead of ‘http’.

Now coming to the original question of which is more secure TLS is more secure as SSL has given way to TLS. But since communication security is still understood as SSL, it can be said that SSL/TLS is more secure. 

 

Note: HTTP vs HTTPS image source: Google images

 

 Try Bigbasket today!

 

 

 

 

 

Jayanthi Manikandan has an undergraduate degree in Computer Science from India and a Master’s degree in Information systems with a specialization in Information security from Detroit, MI, USA. She has written blogs for Simplilearn, Whizlabs software, InfoSec institute and Jigsaw academy. She has created e-learning videos for Whizlabs software and Twenty19.

She has been passionate about Information security and has several years of experience writing on various technical topics. Additionally, she loves to pen a few personal thoughts here as well! 🙂