Categories
Uncategorized

CYBER-SECURITY: PROTECTING YOUR BUSINESS

Add Your Heading Text Here

Share it:

Cyber is the characteristic of the culture of computer, information technology and virtual reality. Without Security, the information technology and virtual reality cannot exist.
Cybersecurity has taken the world by storm. Though it has been in existence for years, some parts of the world are now experiencing the heat that comes with cyber attacks and needs to put security in place to protect vital information.  

What is Cybersecurity?

It is the protection of network, computers, programs and data from attack, damage or unauthorized access through processes and best practices. 

Security includes both cybersecurity and physical security. Best practices and processes should not be the daily norms of a company which is coming to work on time and achieving goals for the day, week, month or yearly.

For security professionals, the threat landscape is becoming unwieldy. What strategies can they use to gain control?

Security professionals have a laundry list of to-do in an increasingly sophisticated threat environment. Bots and Ransomware on rampage, new devices to protect and the insider threats and leaks. Protecting your business is more than a full-time job.

Business will come crumpling down if proper processes and best practices are not put in place to safeguard datum or data. The old ways of securing network perimeter has to stop and a modern lens of cybersecurity should be put on.

Solid threat intelligence plans to smoke out the risk around mobile and IoT connected devices as well as securing cloud base files and apps should be giving maximum security.

Research by a 2016 Ponemon Institute survey reveals nearly 400 respondents, and companies indicated that data breach could cost an enterprise $4 million a year.

The same study indicated attacks have become 29% more costly since 2013. “With security professionals having all kinds of assets outside firewall: clouds, mobile and remote workers, traditional perimeter-based security alone won’t cut it anymore.” says Dmitri Alperovitch, co-founder and chief technology officer at CrowdStrike Inc.

Security as we know is not 100% but if the attackers are apt, security professionals should not make it easy for their systems to be breached by the attacker.  

Jerry Amarteifio, System Security Engineer

#ISA_informs

#ISA_ltd 

Categories
Uncategorized

Bad Rabbit Ransomware on the Rise!!!

Add Your Heading Text Here

Share it:

This year the infosec industry has witnessed series of ransomware such as Petya and Wannacry. This class of ransomware really affected corporate companies with unpatched systems. Companies spent billions to resolve affected systems. However, there is another ransomware known as Bad Rabbit, affecting those who are fond of visiting phished websites  packed with fake adobe flash installer as well as those who have downloaded fake adobe flash installers on infected websites from attackers behind Bad Rabbit.

Unlike Petya and Wannacry, Bad Rabbit does not rely on vulnerabilites to affect victims. Instead it relies on victims inability to determine whether the adobe flash installer is a legitimate one or a phished one. Thus, Bad Rabbit method of attacking victims is not quite complex as compared to Petya and Wannacry.

The criminals behind the Bad Rabbit attack are demanding 0.05 bitcoin as ransom from affected websites, companies and users of adobe flash. 0.05 bitcoin is $280 at the current exchange rate.

But it is possible to avoid Bad Rabbit.  We have gathered three tried and tested ways to help companies, owners of websites, users of adobe flash to escape the Bad Rabbit Infection.

                                                    

                                                   THREE WAYS TO AVOID PAYING $280     

  • Back up your data. And back it up well.
  • For companies with wider network, turn off your WMI services to prevent malware from spreading.
  • Block the execution of files c:\windows\infpub.dat and c:\Windows\cscc.dat
  • Finally, don’t pay the ransom if you have applied the above three solutions.

#ISA_informs

#ISA_ltd 

Categories
Uncategorized

How to Use Google Dorks to Find IDOR EndPoints

Add Your Heading Text Here

Share it:

Most security researchers often focus on flaws such as sql injection, cross-site scripting, cross-site request forgery, weak encryption and so on. The above mentioned flaws are quite easy to exploit. However, there is one particular flaw which could help security researchers to chain one flaw to another flaw.

This article basically shows security researchers how to use google dorks to find IDOR endpoints on mobile and web applications.

A google dork is a query or search string that uses advanced search operators to find information that is not readily available on a mobile or web application. The mechanism of google dork is quite similar to how regular expression works.  Both relies on custom search operation to get the work done. *Please Google Dorks is not Regex*

Mind you google dorks is not suitable for pentesters or security researchers only. Terrorist could use this same search query operators to find subtle information on the internet. Thus, Google Dorks has pros and cons.

Below is an example of a google dork query to search for  banking sites located in Ghana . The following search query simply looks for banks in Ghana ending with “.com.gh”.

site:.com.gh inurl:”bank”   

Now let’s see how google dorks could help security researchers search for IDOR endpoints on web or mobile applications.

IDOR simply means Insecure Object Reference.  A web or mobile application vulnerable to IDOR attacks could allow an attacker to access other users accounts through his own account, reset passwords of other users, delete other user accounts and so on by manipulating or supplying a userid or gid.

If you have considerable knowledge in object-oriented programming, you should have a clear idea of IDOR attacks.  

www.test.com/getuser?id=123456

Endpoints such as password_settings, reset_password, account_settings, login and could be vulnerable to IDOR.  Now let’s briefly find out how we can use google dorks to find a one or two  IDOR endpoints .

site:.com.gh inurl:”login”

The above search query will display login endpoints of several web and mobile portals. If you really want to make it specific, you can include another search operator such as “intext” . The following google dorks simply tells google to search for banks in Ghana with login endpoints.

site:.com.gh inurl:”login” intext:”Bank”

This search query also shows web and mobile portals with password settings endpoint.

site:.com.gh inurl:”password”

Google immediately displays  login endpoints of several banks in Ghana. The next is to find a proxy of your choice. I recommend Burp Suite for web and mobile or Charles Proxy for mobile. Finally, intercept and manipulate userids of outgoing requests.

The above examples reveals why google dorking is not just another information gathering tool but it could also be used to find specific endpoint to implement IDOR attacks.

 #ISA_informs

#ISA_ltd

Categories
Uncategorized

HOW TO MAKE YOUR ANDROID DEVICE VULNERABLE

Add Your Heading Text Here

Share it:

                                         It’s possible, It’s risky, It’s pointless. If you really want to hack your own device, give it a try!

Compare android devices to ios devices in terms of security, ios devices has better security features than android devices. Yet jailbreakers such as Jay Freeman and others managed to exploit the mach kernel. Android, too, has specific security features but it has experienced several vulnerabilities.

This simply means that no matter the number of security features implemented by security engineers, there is always a way to by-pass security measures on smart devices. This post reveals a couple of ways users could make their android devices vulnerable.

  1. Downloading apps from external store:

A user may be forced to download an android app from external stores instead of google play store because of app restriction to certain countries,  or users discovered the same app being sold for $100 is hosted on another third-party store for free. Usually app on third-party app stores are full of malicious apps. In addition, google play store is not safe.

2. Debuggable apps on your devices:

Debbugable apps allows attackers, bug hunters, or anybody interested in system-level bugs to leverage attacks on applications on your devices to get access to your phones.  Some developers forget to specify debugging for their android applications as false in the androidmanifest file . Thus, it allows malicious users to implement run-time manipulation against classes, methods, and variables in the source code of an android application via java debug wire protocol.

3. Apps with critical permissions on your devices:

In order for certain apps to operate well on your devices, you need to accept permissions it asks for. Some apps ask for the permission to read and write to SDCARD STORAGE, access PHONE STATE,  modify and delete accounts, access database files in SQL Lite folder and access CONTACTS on your device.

Usually, apps asking for critical permission or protection-level permission do not have strong security features in place. Malicious apps could leverage on these apps to extract data from your SDCARD STORAGE, delete contacts on your devices and so on. There are several ways of making your android device vulnerable.

But the above ones could happen to you unknowingly because it requires technical acumen. However, ordinary users can rely kaspersky mobile antivirus to detect malicious apps.

#ISA_informs

#ISA_ltd

Categories
Uncategorized

Five Non-Traditional Ways of Information Gathering for Pentesters

Add Your Heading Text Here

Share it:

Let your plans be dark and impenetrable as night and when you move, hack like a thunderbolt

In the world of cybersecurity, almost every penetration tester  relies on information gathering tools on Kali Linux. Tools such as Network mapping or nmap, subbrute or sublister, the Harvester, and similar tools. Although these tools aid in gathering information of a particular target, there are other ways of gathering information of a target without the the use of these tools on Kali lInux. However, combining the following ways in addition to the tools on Kali Linux would be very effective for any penetration tester. As a former security researcher on Hackerone and Bugcrowd platforms, I heavily relied on both orthodox and unorthodox ways of gathering information without being detected.

  1. Github  

Github is another great tool for gathering information on a target. You can search for a target name like Isacom.tld. By searching for target names such as the one mentioned previously, it reveals the type of documents and files pushed to github by the target. Perhaps these documents and files may contain information you need to test certain endpoints not on the public interface. Actually, Github could benefit any pentester interested in finding API keys of a target.

2.  Archive.org 

Searching for documents or files via Archive.org is another dumpster diving on the internet. Archive.org could help you find old files and documents such robots.txt, inactive subdomains, and other forgotten endpoints. This method allows you to find older functionalities belonging to certain endpoints or other subdomains of a host.  Usually, as a pentester, you can use or leverage on older functionalities to extend to other methods or functionalities.

3.  Shodan.io

Tools such as nmap allows pentesters to scan for ip addresses, open ports and closed ports, endpoints products and more. Shodan, too, has similar features of nmap. You can use shodan.io to scan for ip addresses, finds open and closed ports, and so on. In addition, Shodan has external tools such as Maltego Add-on. Maltego Add-on behaves like  Maltego on kali linux and host lookup features.

4. Censys.io  

  Apart from scanning ip addresses, open ports and closed ports, Censys.io, too, allows analyze asset such as SSL certificates belonging to a target. You can use censys.io application programmable interface to query execute SQL queries against a target IPV4 address. However, this particular api is reserved for verified researchers.

5. Amazon Web Services:

And finally, Let’s dwell on Amazon web services. Amazon web services host millions of assets belonging to corporate companies on its platform. As a pentester or security researcher, you can hopefully rely on amazon web services to find misconfigured  s3 buckets to allow external users to read and write to buckets belonging to an organisation. We trust the above methods could help you in gathering information on a target even if tools for information gathering on Kali Linux fails to do the job. Please this is for educational purpose only!

#ISA_informs

#ISA_ltd

Categories
Uncategorized

HANDS-ON VULNERABILITY MANAGEMENT COURSE

Add Your Heading Text Here

Share it:

Are you a cyber security engineer, application developer, system administrator and network engineer eager to learn how to pentest network of systems and effectively vulnerabilities in systems?

Then ISVM is the solution to acquiring the requisite skills for your organization.

The Information Systems Vulnerability Management (ISVM) course is a 2-day weekend and/ or 3-day weekday course intended for system administrators, network engineers, application developers and IT security officers with information security responsibilities, but who may not have had training in ethical hacking or its related field.

Course Overview:

This course provides participants with a technical grounding in networking concepts and technologies that are critical to IT operations in institutions such as TCP/IP networking protocols.

Course Objectives:

After completing the course, the participant, at a minimum, will be able to demonstrate the following skills:

  •     Recognize where and how vulnerability management fits in with the company’s overall information security program and IT operations
  • Identify the role a vulnerability management program has in safeguarding information and assets
  • Assess the adequacy of a patch management, vulnerability scanning and assessment, and penetration testing tools and their limitations
  • Evaluate the adequacy of an organization’s testing program
  • Recognize key elements of an incident response program
  • Discuss key technology terms related to information systems vulnerability management
  • Assess the key risks, controls and processes in a supervisory context, including regulatory compliance issues
  • Identify what the institution must do to respond to new threats

Interested in ISVM training in the month of November..?  Then contact our front desk office on   03027670912 or send an email to business@isa.com.gh for registration.